vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-13 02:01:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
8d72aafdbb8d49fd6bc5140e5278bcfc8863ecdb
openclaw/extensions/browser/src/plugin-service.test.ts
Agustin Rivera dafcaf9d69 fix(browser): harden browser control override loading (#62663) 
* fix(browser): harden browser control overrides

* fix(lint): prepare boundary artifacts for extension oxlint

* docs(changelog): add browser override hardening entry

* fix(lint): avoid duplicate boundary prep

---------

Co-authored-by: Devin Robison <drobison@nvidia.com>
Co-authored-by: Devin Robison <drobison00@users.noreply.github.com>
2026-04-08 13:24:47 -06:00

64 lines
2.2 KiB
TypeScript
Raw Blame History

import { beforeEach, describe, expect, it, vi } from "vitest";
import { createBrowserPluginService } from "./plugin-service.js";
const SERVICE_CONTEXT = {
config: {},
stateDir: "/tmp/openclaw-state",
logger: console,
};
type StartLazyPluginServiceModuleParams = {
validateOverrideSpecifier?: (specifier: string) => string;
};
type StartLazyPluginServiceModuleParamsWithValidator = {
validateOverrideSpecifier: (specifier: string) => string;
};
const runtimeMocks = vi.hoisted(() => ({
startLazyPluginServiceModule: vi.fn(async (_params: StartLazyPluginServiceModuleParams) => null),
}));
vi.mock("openclaw/plugin-sdk/browser-node-runtime", () => ({
startLazyPluginServiceModule: runtimeMocks.startLazyPluginServiceModule,
}));
describe("createBrowserPluginService", () => {
beforeEach(() => {
runtimeMocks.startLazyPluginServiceModule.mockClear();
});
function getStartParams(): StartLazyPluginServiceModuleParamsWithValidator {
const params = runtimeMocks.startLazyPluginServiceModule.mock.calls[0]?.[0];
if (!params?.validateOverrideSpecifier) {
throw new Error("expected browser plugin service to pass validateOverrideSpecifier");
}
return { validateOverrideSpecifier: params.validateOverrideSpecifier };
}
it("passes a browser override validator to the lazy service loader", async () => {
const service = createBrowserPluginService();
await service.start(SERVICE_CONTEXT);
const params = getStartParams();
expect(params.validateOverrideSpecifier(" ./server.js ")).toBe("./server.js");
});
it("rejects unsafe browser override specifiers", async () => {
const service = createBrowserPluginService();
await service.start(SERVICE_CONTEXT);
const params = getStartParams();
expect(() => params.validateOverrideSpecifier("data:text/javascript,boom")).toThrow(
"Refusing unsafe browser control override specifier",
);
expect(() => params.validateOverrideSpecifier("HTTPS://example.invalid/mod.mjs")).toThrow(
"Refusing unsafe browser control override specifier",
);
expect(() => params.validateOverrideSpecifier("node:fs")).toThrow(
"Refusing unsafe browser control override specifier",
);
});
});
Reference in New Issue View Git Blame Copy Permalink