Skip to content

Commit 66d9836

Browse files
SC-ClawSC-Claw
SC-Claw
authored and
SC-Claw
committed
Gateway: keep local probes device-bound
1 parent c502a5b commit 66d9836

2 files changed

Lines changed: 5 additions & 16 deletions

File tree

src/gateway/probe.test.ts

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -71,13 +71,13 @@ describe("probeGateway", () => {
7171
expect(gatewayClientState.options?.deviceIdentity).toBeUndefined();
7272
});
7373

74-
it("keeps device identity disabled for unauthenticated loopback probes", async () => {
74+
it("keeps device identity enabled for unauthenticated loopback probes", async () => {
7575
await probeGateway({
7676
url: "ws://127.0.0.1:18789",
7777
timeoutMs: 1_000,
7878
});
7979

80-
expect(gatewayClientState.options?.deviceIdentity).toBeNull();
80+
expect(gatewayClientState.options?.deviceIdentity).toBeUndefined();
8181
});
8282

8383
it("can disable device identity for remote probes", async () => {

src/gateway/probe.ts

Lines changed: 3 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,6 @@ import type { SystemPresence } from "../infra/system-presence.js";
44
import { GATEWAY_CLIENT_MODES, GATEWAY_CLIENT_NAMES } from "../utils/message-channel.js";
55
import { GatewayClient } from "./client.js";
66
import { READ_SCOPE } from "./method-scopes.js";
7-
import { isLoopbackHost } from "./net.js";
87

98
export type GatewayProbeAuth = {
109
token?: string;
@@ -44,19 +43,9 @@ export async function probeGateway(opts: {
4443
let connectError: string | null = null;
4544
let close: GatewayProbeClose | null = null;
4645

47-
const disableDeviceIdentity = (() => {
48-
if (typeof opts.disableDeviceIdentity === "boolean") {
49-
return opts.disableDeviceIdentity;
50-
}
51-
try {
52-
const hostname = new URL(opts.url).hostname;
53-
// Local authenticated probes should stay device-bound so read/detail RPCs
54-
// are not scope-limited by the shared-auth scope stripping hardening.
55-
return isLoopbackHost(hostname) && !(opts.auth?.token || opts.auth?.password);
56-
} catch {
57-
return false;
58-
}
59-
})();
46+
// Keep the default probe path device-bound. Callers that need a
47+
// device-less probe, such as the rescue watchdog, must opt in.
48+
const disableDeviceIdentity = opts.disableDeviceIdentity ?? false;
6049

6150
const detailLevel = opts.includeDetails === false ? "none" : (opts.detailLevel ?? "full");
6251

0 commit comments

Comments
 (0)