romtuck/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge 2c2959451e into da71eaebd2

Browse Source
This commit is contained in:
davidbors-snyk 2026-01-30 09:53:22 -04:00 committed by GitHub
commit d9773e0740
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/gateway/http-common.ts
View File

@ -25,6 +25,12 @@ export function sendUnauthorized(res: ServerResponse) {
}); });
} }
export function sendForbidden(res: ServerResponse, message: string) {
sendJson(res, 403, {
error: { message, type: "forbidden" },
});
}
export function sendInvalidRequest(res: ServerResponse, message: string) { export function sendInvalidRequest(res: ServerResponse, message: string) {
sendJson(res, 400, { sendJson(res, 400, {
error: { message, type: "invalid_request_error" }, error: { message, type: "invalid_request_error" },

15
src/gateway/tools-invoke-http.ts
View File

@ -7,6 +7,8 @@ import {
resolveGroupToolPolicy, resolveGroupToolPolicy,
resolveSubagentToolPolicy, resolveSubagentToolPolicy,
} from "../agents/pi-tools.policy.js"; } from "../agents/pi-tools.policy.js";
import { resolveSandboxRuntimeStatus } from "../agents/sandbox.js";
import { isToolAllowed } from "../agents/sandbox/tool-policy.js";
import { import {
buildPluginToolGroups, buildPluginToolGroups,
collectExplicitAllowlist, collectExplicitAllowlist,
@ -27,6 +29,7 @@ import { authorizeGatewayConnect, type ResolvedGatewayAuth } from "./auth.js";
import { getBearerToken, getHeader } from "./http-utils.js"; import { getBearerToken, getHeader } from "./http-utils.js";
import { import {
readJsonBodyOrError, readJsonBodyOrError,
sendForbidden,
sendInvalidRequest, sendInvalidRequest,
sendJson, sendJson,
sendMethodNotAllowed, sendMethodNotAllowed,
@ -155,6 +158,18 @@ export async function handleToolsInvokeHttpRequest(
const sessionKey = const sessionKey =
!rawSessionKey || rawSessionKey === "main" ? resolveMainSessionKey(cfg) : rawSessionKey; !rawSessionKey || rawSessionKey === "main" ? resolveMainSessionKey(cfg) : rawSessionKey;
// Check sandbox policy before proceeding. Sandboxed sessions have restricted tool access.
const sandboxRuntime = resolveSandboxRuntimeStatus({ cfg, sessionKey });
if (sandboxRuntime.sandboxed) {
if (!isToolAllowed(sandboxRuntime.toolPolicy, toolName)) {
sendForbidden(
res,
`Tool "${toolName}" is blocked by sandbox policy (mode=${sandboxRuntime.mode}, session=${sessionKey})`,
);
return true;
}
}
// Resolve message channel/account hints (optional headers) for policy inheritance. // Resolve message channel/account hints (optional headers) for policy inheritance.
const messageChannel = normalizeMessageChannel( const messageChannel = normalizeMessageChannel(
getHeader(req, "x-openclaw-message-channel") ?? "", getHeader(req, "x-openclaw-message-channel") ?? "",