* fix: in the browser extension s tabs action route the (#310)
* fix(browser): fail closed for tab close and CDP redirects
* fix(browser): sanitize tab SSRF policy errors
* chore(changelog): add browser tabs action policy enforcement entry
* fix(browser): differentiate CDP endpoint blocks from navigation blocks in error mapping
Split SsrFBlockedError handling so navigation-target policy failures
(from assertBrowserNavigationAllowed) surface as 'browser navigation
blocked by policy' while CDP endpoint policy failures (from
assertCdpEndpointAllowed) surface as 'browser endpoint blocked by
policy'. Both stay sanitized so raw policy details still do not leak
to callers.
- Add BrowserCdpEndpointBlockedError (extends BrowserError, 400).
- assertCdpEndpointAllowed now catches SsrFBlockedError and rethrows
as BrowserCdpEndpointBlockedError so the route error mapping can
route endpoint vs navigation failures to the right user-facing
message without inspecting stack strings.
- toBrowserErrorResponse: raw SsrFBlockedError now maps to the
navigation-blocked message; endpoint-blocked errors are handled by
the existing BrowserError branch and keep the endpoint-blocked
message.
- Update tests that exercised the endpoint path to assert the new
error class instead of the raw SSRF message.
* fix(browser): move SSRF check after cache hit and thread ssrfPolicy through tryTerminateExecutionViaCdp
- connectBrowser: move assertCdpEndpointAllowed after cache lookup so
transient DNS failures don't break active cached sessions.
- tryTerminateExecutionViaCdp: accept ssrfPolicy and run
assertCdpEndpointAllowed before HTTP/WS I/O so the terminate path
doesn't bypass SSRF policy enforcement.
- forceDisconnectPlaywrightForTarget: thread ssrfPolicy through to
tryTerminateExecutionViaCdp.
* fix(browser): drop redundant pre-Playwright SSRF checks so cached sessions survive DNS blips
Remove assertProfileCdpEndpointAllowed() calls that precede
Playwright-backed tab operations (listPagesViaPlaywright,
focusPageByTargetIdViaPlaywright, closePageByTargetIdViaPlaywright)
since connectBrowser already runs the check on cache miss.
Keep the checks before raw CDP HTTP calls (fetchJson/fetchOk for
/json/list, /json/activate, /json/close) where there is no
connection cache.
Add comment on fetchCdpChecked explaining why redirect blocking
covers all CDP HTTP paths, not just probes.
Exit gateway configuration failures with EX_CONFIG and teach generated systemd units not to restart on that exit status.\n\nCo-authored-by: neo1027144-creator <neo1027144-creator@users.noreply.github.com>
- Set User-Agent to openclaw-feishu-builtin/{version}/{platform} for all
Feishu API requests to comply with OAPI best practices
- Switch health-check probe to POST /bot/v1/openclaw_bot/ping to register
the app as an AI agent (智能体) on the Feishu platform
- Update probe response parsing for new pingBotInfo response shape
When users put a runtime command name like "dreaming" into `plugins.allow`,
validation now explains that it is a command provided by a specific plugin
(e.g. "memory-core") and suggests using the plugin id instead, rather than
the generic "plugin not found" warning that previously created a circular
trap with the CLI error message.
Similarly, running `openclaw dreaming` from the CLI now explains that
`/dreaming` is a runtime slash command (not a CLI command) and points users
to `openclaw memory` for CLI operations or `/dreaming` in a chat session.
Fixes two related UX problems:
1. `plugins.allow: ["dreaming"]` → validation warned "plugin not found"
2. `openclaw dreaming status` → CLI said "add dreaming to plugins.allow"
(which then triggered problem 1)
Root cause: "dreaming" is a slash command registered by the memory-core
plugin via `api.registerCommand()`, not a standalone plugin or CLI command.
When the simple-completion model selected for thread-title generation is a
reasoning model (e.g. MiniMax M2, Claude thinking models, OpenAI o-series),
the 24-token output budget is entirely consumed by the internal thinking
block before any user-visible text is emitted. extractAssistantText then
returns an empty string, generateThreadTitle returns null, and the
auto-thread rename is silently skipped while the feature appears to do
nothing.
Raise DISCORD_THREAD_TITLE_MAX_TOKENS to 512 so there is enough headroom
for a short thinking pass plus the 3-6 word title output. The generous
ceiling only matters when the provider actually reasons; non-reasoning
models still emit a short title and stop early at end-of-sequence.
Verified live against a MiniMax M2 reasoning model served through an
Anthropic-compatible API endpoint: before the fix, the rename never fired;
after the fix, the thread is renamed with a concise generated title.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Treat duplicate registerService calls from the same plugin id as idempotent so plugin snapshot and activation loads stop emitting spurious service already registered diagnostics.\n\nThanks @ly85206559.
