- Direct APNs: route direct HTTP/2 delivery through the active managed proxy with redacted proxy diagnostics, so push requests honor configured egress controls and `openclaw proxy validate --apns-reachable` can prove APNs is reachable through the proxy before deployment. (#74905) Thanks @jesse-merhi.

openclaw proxy validate [--json] [--proxy-url <url>] [--allowed-url <url>] [--denied-url <url>] [--apns-reachable] [--apns-authority <url>] [--timeout-ms <ms>]

signal separately. Add `--apns-reachable` to also open an APNs HTTP/2 CONNECT

tunnel through the proxy and confirm sandbox APNs responds; the probe uses an

intentionally invalid provider token, so an APNs `403 InvalidProviderToken`

response is a successful reachability signal.

- `--apns-reachable`: also verify sandbox APNs HTTP/2 is reachable through the proxy.

- `--apns-authority <url>`: APNs authority to probe with `--apns-reachable` (`https://api.sandbox.push.apple.com` by default; production is `https://api.push.apple.com`).

- Test: `src/infra/push-apns-http2.live.test.ts`

- Goal: tunnel through a local HTTP CONNECT proxy to Apple's sandbox APNs endpoint, send the APNs HTTP/2 validation request, and assert Apple's real `403 InvalidProviderToken` response comes back through the proxy path.

- Enable:

- `OPENCLAW_LIVE_TEST=1 OPENCLAW_LIVE_APNS_REACHABILITY=1 pnpm test:live src/infra/push-apns-http2.live.test.ts`

- Optional timeout:

- `OPENCLAW_LIVE_APNS_TIMEOUT_MS=30000`

By default, when no custom destinations are provided, the command checks that `https://example.com/` succeeds and starts a temporary loopback canary that the proxy must not reach. The default denied check passes when the proxy returns a non-2xx denial response or blocks the canary with a transport failure; it fails if a successful response reaches the canary. If no proxy is enabled and configured, validation reports a config problem; use `--proxy-url` for a one-off preflight before changing config. Use `--allowed-url` and `--denied-url` to test deployment-specific expectations. Add `--apns-reachable` to also verify direct APNs HTTP/2 delivery can open a CONNECT tunnel through the proxy and receive a sandbox APNs response; the probe uses an intentionally invalid provider token, so `403 InvalidProviderToken` is expected and counts as reachable. Custom denied destinations are fail-closed: any HTTP response means the destination was reachable through the proxy, and any transport error is reported as inconclusive because OpenClaw cannot prove the proxy blocked a reachable origin. On validation failure, the command exits with code 1.

"lint:scripts": "pnpm lint:docker-e2e && pnpm lint:tmp:no-raw-http2-imports && node scripts/run-oxlint.mjs --tsconfig config/tsconfig/oxlint.scripts.json scripts",

"lint:tmp:no-raw-http2-imports": "node scripts/check-no-raw-http2-imports.mjs",

import fs from "node:fs";

import path from "node:path";

const SOURCE_ROOTS = ["src", "extensions"];

const DEFAULT_SKIPPED_DIR_NAMES = new Set(["node_modules", "dist", "coverage", ".generated"]);

function isCodeFile(filePath) {

if (filePath.endsWith(".d.ts")) {

return false;

}

return /\.(?:[cm]?ts|[cm]?js|tsx|jsx)$/u.test(filePath);

function collectFilesSync(rootDir, options) {

const skipDirNames = options.skipDirNames ?? DEFAULT_SKIPPED_DIR_NAMES;

const files = [];

const stack = [rootDir];

while (stack.length > 0) {

const current = stack.pop();

if (!current) {

continue;

}

let entries = [];

try {

entries = fs.readdirSync(current, { withFileTypes: true });

} catch {

continue;

}

for (const entry of entries) {

const fullPath = path.join(current, entry.name);

if (entry.isDirectory()) {

if (!skipDirNames.has(entry.name)) {

stack.push(fullPath);

}

continue;

}

if (entry.isFile() && options.includeFile(fullPath)) {

files.push(fullPath);

}

}

}

return files;

function toPosixPath(filePath) {

return filePath.replaceAll("\\", "/");

const FORBIDDEN_HTTP2_MODULES = new Set(["node:http2", "http2"]);

const ALLOWED_PRODUCTION_FILES = new Set(["src/infra/push-apns-http2.ts"]);

function isTestFile(relativePath) {

return (

/(?:^|\/)(?:test|test-fixtures)\//u.test(relativePath) ||

/\.test\.[cm]?[jt]sx?$/u.test(relativePath)

);

function lineNumberForOffset(content, offset) {

return content.slice(0, offset).split(/\r?\n/u).length;

function collectHttp2ImportOffenders(filePath) {

const relativePath = toPosixPath(path.relative(process.cwd(), filePath));

if (ALLOWED_PRODUCTION_FILES.has(relativePath) || isTestFile(relativePath)) {

return [];

}

const content = fs.readFileSync(filePath, "utf8");

const offenders = [];

const patterns = [

/\bimport\s+(?:type\s+)?[\s\S]*?\bfrom\s*["']([^"']+)["']/gu,

/\bexport\s+(?:type\s+)?[\s\S]*?\bfrom\s*["']([^"']+)["']/gu,

/\bimport\s*\(\s*["']([^"']+)["']\s*\)/gu,

/\brequire\s*\(\s*["']([^"']+)["']\s*\)/gu,

];

for (const pattern of patterns) {

for (const match of content.matchAll(pattern)) {

const specifier = match[1];

if (specifier && FORBIDDEN_HTTP2_MODULES.has(specifier)) {

offenders.push({

file: relativePath,

line: lineNumberForOffset(content, match.index ?? 0),

specifier,

});

}

}

}

return offenders;

function collectSourceFiles() {

return SOURCE_ROOTS.flatMap((root) =>

collectFilesSync(path.join(process.cwd(), root), {

includeFile: isCodeFile,

}),

);

function main() {

const offenders = collectSourceFiles().flatMap(collectHttp2ImportOffenders);

if (offenders.length === 0) {

console.log("OK: raw node:http2 imports stay behind the APNs proxy wrapper.");

return;

}

console.error("Raw node:http2 imports are only allowed in src/infra/push-apns-http2.ts.");

for (const offender of offenders.toSorted(

(a, b) => a.file.localeCompare(b.file) || a.line - b.line,

)) {

console.error(`- ${offender.file}:${offender.line} imports ${offender.specifier}`);

}

console.error("Use connectApnsHttp2Session() so APNs HTTP/2 honors managed proxy policy.");

process.exit(1);

["lint:tmp:no-raw-http2-imports", "pnpm", ["run", "lint:tmp:no-raw-http2-imports"]],

"native-live-src-infra",

case "native-live-src-infra":

return files.filter((file) => file.startsWith("src/infra/"));

- id: openclaw-policy-raw-http2-connect.no-raw-http2-connect

languages:

- typescript

- javascript

severity: ERROR

message: Use connectApnsHttp2Session() from src/infra/push-apns-http2.ts instead of raw http2.connect() so APNs HTTP/2 honors managed proxy policy.

metadata:

advisory-id: OPENCLAW-POLICY-RAW-HTTP2-CONNECT

advisory-url: https://github.com/openclaw/openclaw/pull/74905

cwe:

- CWE-441

category: security

confidence: HIGH

detector-bucket: precise

source-rule-id: no-raw-http2-connect

source-file: security/opengrep/rules/openclaw-policy/no-raw-http2-connect.yml

paths:

include:

- src/**/*.ts

- src/**/*.mts

- src/**/*.js

- src/**/*.mjs

- extensions/**/*.ts

- extensions/**/*.mts

- extensions/**/*.js

- extensions/**/*.mjs

exclude:

- src/infra/push-apns-http2.ts

- "**/*.test.ts"

- "**/*.test.mts"

- "**/*.test.js"

- "**/*.test.mjs"

patterns:

- pattern: http2.connect(...)