Files
openclaw/apps/android/app
Peter Steinberger 5b5a540e34 feat(android): per-gateway custom headers for gateways behind authenticating proxies (#100765)
* feat(android): support per-gateway custom headers for proxied gateway connections

Per-gateway custom request headers (Cloudflare Access-style service tokens)
for gateways behind authenticating reverse proxies. Headers are credentials:
EncryptedSharedPreferences-stored per endpoint stableId, masked in the manual
connection UI, injected on the OkHttp WebSocket upgrade at connect time via a
provider so edits apply on the next reconnect without re-pairing. Reserved
handshake headers and non-printable-ASCII are sanitized out (OkHttp throws on
them). TLS fingerprint pinning and pairing flows unchanged. Cross-gateway
isolation proven by MockWebServer upgrade-capture test.

Related: #100698

* chore(android): sync native i18n for custom header strings

* fix(android): harden gateway custom headers

* chore(android): resync native i18n inventory

* docs(changelog): defer Android release note

* fix(android): validate custom header names

* chore(android): refresh native i18n inventory
2026-07-06 17:48:57 +01:00
..