mirror of
https://github.com/openclaw/openclaw.git
synced 2026-03-12 07:20:45 +00:00
37 lines
1.1 KiB
Swift
37 lines
1.1 KiB
Swift
import Testing
|
|
@testable import OpenClaw
|
|
|
|
struct HostEnvSanitizerTests {
|
|
@Test func `sanitize blocks shell trace variables`() {
|
|
let env = HostEnvSanitizer.sanitize(overrides: [
|
|
"SHELLOPTS": "xtrace",
|
|
"PS4": "$(touch /tmp/pwned)",
|
|
"OPENCLAW_TEST": "1",
|
|
])
|
|
#expect(env["SHELLOPTS"] == nil)
|
|
#expect(env["PS4"] == nil)
|
|
#expect(env["OPENCLAW_TEST"] == "1")
|
|
}
|
|
|
|
@Test func `sanitize shell wrapper allows only explicit override keys`() {
|
|
let env = HostEnvSanitizer.sanitize(
|
|
overrides: [
|
|
"LANG": "C",
|
|
"LC_ALL": "C",
|
|
"OPENCLAW_TOKEN": "secret",
|
|
"PS4": "$(touch /tmp/pwned)",
|
|
],
|
|
shellWrapper: true)
|
|
|
|
#expect(env["LANG"] == "C")
|
|
#expect(env["LC_ALL"] == "C")
|
|
#expect(env["OPENCLAW_TOKEN"] == nil)
|
|
#expect(env["PS4"] == nil)
|
|
}
|
|
|
|
@Test func `sanitize non shell wrapper keeps regular overrides`() {
|
|
let env = HostEnvSanitizer.sanitize(overrides: ["OPENCLAW_TOKEN": "secret"])
|
|
#expect(env["OPENCLAW_TOKEN"] == "secret")
|
|
}
|
|
}
|