[Bug]: Localhost trusted-proxy authentication broken

[Matir]

Bug type

Regression (worked before, now fails)

Beta release blocker

No

Summary

Since #54536, it seems that a localhost trusted-proxy is no longer trusted at all. This seems to have even been explicit in the design, since a test was written that states "rejects trusted-proxy identity headers from loopback sources".

It's unclear what the new configuration should be to allow authentication via a local proxy that's performing authn/authz.

Steps to reproduce

1. Start the latest openclaw (2026.3.31) with the following in the config:

    "port": 18789,
    "mode": "local",
    "bind": "loopback",
    "trustedProxies": ["127.0.0.1", "::1"],
    "auth": {
      "mode": "trusted-proxy",
      "trustedProxy": {
              "userHeader": "Remote-User",
              "allowUsers": ["foo"]
      }
    },

2. Configure a local proxy that performs authentication (i.e., Caddy + authelia) and injects a Remote-User header.
3. Receive unauthorized error

Expected behavior

User is authorized based on trusted proxy header.

Actual behavior

User is not authenticated, logs indicate reason=trusted_proxy_loopback_source

OpenClaw version

2026.3.31

Operating system

Debian 13 (trixie)

Install method

openclaw installer script

Model

openrouter/minimax/minimax-m2.5

Provider / routing chain

openclaw -> openrouter -> minimax-m2.5

Additional provider/model setup details

No response

Logs, screenshots, and evidence

Impact and severity

Affected: anyone using a local authentication proxy
Severity: completely blocks gateway access

Additional information

No response

[jeremyakers]

I just ran into this, and saw this is the docs:

”trusted_proxy_loopback_source”
OpenClaw rejected a loopback-source trusted-proxy request. Check:

Is the proxy connecting from 127.0.0.1 / ::1?
Are you trying to use trusted-proxy auth with a same-host loopback reverse proxy?

Fix:

Use token/password auth for same-host loopback proxy setups, or
Route through a non-loopback trusted proxy address and keep that IP in gateway.trustedProxies.

I'm sorry, but what? This has to be the most idiotic thing I have encountered about OpenClaw. How on God's green earth am I making things more secure by doing Route through a non-loopback trusted proxy address and keep that IP in gateway.trustedProxies.

Yes, let's add more hops and more hosts to the mix. That will make it more secure. My God.

And also:

Use token/password auth for same-host loopback proxy setups

I would be happy to, but this doesn't work either! It errors out with "pairing required" - and no new device shows up in devices list to approve/pair.

[jeremyakers]

I see there's a PR to hopefully fix this above, but I was looking at that PR and noticed this explanation there:

"The issue: The previous loopback exception allowed any local process to forge x-forwarded-for and identity headers, enabling privilege elevation attacks on same-host reverse proxies (nginx/Caddy on localhost)."

How does being non-local stop this form of attack? If I move my proxy to a separate host, a rogue local process on that host could still just as easily forge x-forwarded-for and identity headers... You're not removing any attack surface, you're just moving the surface to another host.

In practice blocking loopback proxies will make users far less secure because it pushes users toward binding Gateway on a non-loopback interface so a same-machine proxy can reach it via the host’s LAN IP, which can be less secure than a loopback-only deployment if firewalling is not perfect. The net effect may be to trade a localhost trust issue for broader network exposure.

Literally when I asked my OpenClaw how to fix my proxy setup, it told me I would need to change my network bind to bind to "lan" (IE: 0.0.0.0) and use my hosts LAN IP (192.168.x.x) in the proxy config.

That is exactly what people are going to start doing.