romtuck/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ad7cd8f44d
openclaw/docs/gateway
History
Nir Zadok ad7cd8f44d fix(security): disable browser.evaluateEnabled by default 
BREAKING CHANGE: browser.evaluateEnabled now defaults to false.

The evaluate feature allows arbitrary JavaScript execution in the browser
context via the /act endpoint (kind=evaluate) and wait --fn. This is a
powerful escape hatch for advanced automation but poses security risks:

- Prompt injection: LLM agents can be tricked into running malicious code
- Network exposure: If gateway is accessible, attackers can exfiltrate data
- Session hijacking: Code runs with access to cookies, localStorage, DOM

With this change:
- act:evaluate and wait --fn return 403 by default
- Users who need this feature can enable it explicitly:
  browser.evaluateEnabled: true

Built-in actions (click, type, screenshot, wait for text/URL, etc.) remain
fully functional and cover the vast majority of automation use cases.
2026-01-29 13:03:08 +02:00
..
security fix: wire per-account dm scope guidance (#3095) (thanks @jarvis-sam) 2026-01-28 11:42:33 +05:30
authentication.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
background-process.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
bonjour.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
bridge-protocol.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
cli-backends.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
configuration-examples.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
configuration.md fix(security): disable browser.evaluateEnabled by default 2026-01-29 13:03:08 +02:00
discovery.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
doctor.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
gateway-lock.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
health.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
heartbeat.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
index.md Branding: update bot.molt bundle IDs + launchd labels 2026-01-27 14:46:50 -06:00
local-models.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
logging.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
multiple-gateways.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
openai-http-api.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
openresponses-http-api.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
pairing.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
protocol.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
remote-gateway-readme.md Branding: update bot.molt bundle IDs + launchd labels 2026-01-27 14:46:50 -06:00
remote.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
sandbox-vs-tool-policy-vs-elevated.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
sandboxing.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
tailscale.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
tools-invoke-http-api.md refactor: rename clawdbot to moltbot with legacy compat 2026-01-27 12:21:02 +00:00
troubleshooting.md Branding: update bot.molt bundle IDs + launchd labels 2026-01-27 14:46:50 -06:00