[Bug]: Global fetch interceptor injects Symbol(sensitiveHeaders), breaking discord.js (undici) on Node.js 22

[VintageAyu]

Bug type

Behavior bug (incorrect output/state without crash)

Beta release blocker

Yes

Summary

When attempting to use discord.js (v14.x) inside an OpenClaw plugin on Node.js 22, the Discord client immediately crashes during client.login() or any REST API call.

The crash is caused by OpenClaw's global fetch interceptor mutating the init.headers object by injecting a hidden Symbol (Symbol(sensitiveHeaders)). In Node.js 22, the native undici fetch engine strictly validates the Headers initialization object and immediately throws a TypeError if it encounters any non-string Symbol keys.

ERROR LOG:

[plugins] Plugin init error: Headers constructor: Key Symbol(sensitiveHeaders) in init is a symbol, which cannot be converted to a ByteString.

ROOT CAUSE ANALYSIS

1. discord.js relies on Node's native fetch (undici).

2. When making an API request, discord.js creates a standard JavaScript object for headers (e.g., { Authorization: "Bot ..." }).

3. OpenClaw intercepts this fetch call globally and attaches Symbol(sensitiveHeaders) to the headers object (likely for security/tracing).

4. Node 22's undici engine passes this modified object into new Headers(init).

5. The Headers constructor iterates over the keys, hits the OpenClaw-injected Symbol, and throws the ByteString conversion error.

CURRENT WORKAROUND

Plugin developers currently have to completely abandon discord.js and write custom polling wrappers using node:https to bypass the OpenClaw fetch interceptor entirely.

SUGGESTED FIXES.

OpenClaw's fetch interceptor should avoid injecting raw Symbols directly into the init.headers dictionary that is passed down to native fetch. If tracing/tracking is required, consider wrapping the fetch promise or attaching the metadata to a different, non-iterable scope that doesn't conflict with undici's strict prototype validation.

MY ENVIRONMENT

-> OS: WSL2 / Ubuntu (Windows)
-> Node.js Version: v22.x
-> OpenClaw Version: Latest (2026.5.x)
-> Plugin Dependencies: discord.js@^14.14.1

Steps to reproduce

1. Run OpenClaw on Node.js 22.

2.Create a basic OpenClaw plugin and install discord.js@14.14.x.

3. Attempt to initialize the client:

import { Client, GatewayIntentBits } from "discord.js";

export default definePluginEntry({
  id: "discord_test",
  register(api) {
    const client = new Client({ intents: [GatewayIntentBits.Guilds] });
    // Crashes here during the internal fetch call
    client.login("BOT_TOKEN_HERE").catch(console.error);
  }
});

Expected behavior

When calling client.login() via discord.js inside an OpenClaw plugin, the client should successfully authenticate with the Discord API and establish a WebSocket connection without any internal fetch errors. The global OpenClaw environment should not interfere with standard third-party libraries utilizing native Node.js fetch.

Actual behavior

The OpenClaw gateway's global fetch interceptor taints the init.headers object by injecting a Symbol(sensitiveHeaders). When discord.js's internal undici engine processes this modified headers object on Node.js 22, it immediately crashes with a TypeError complaining about a Symbol that cannot be converted to a ByteString, causing the plugin initialization to fail completely.

OpenClaw version

2026.5.4

Operating system

WSL version: 2.6.3.0(WSL2) Ubuntu

Install method

pnpm dev

Model

google/gemma-31b-it

Provider / routing chain

no

Additional provider/model setup details

No response

Logs, screenshots, and evidence

<img width="1449" height="68" alt="Image" src="https://github.com/user-attachments/assets/25506082-faca-48c4-a9cf-7799c4182da4" />

Impact and severity

Affected : Users who use my plugin
Severity : Critical

Additional information

No response

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve.

Summary
Keep open: current main still has fetch/proxy capture paths that pass caller header objects through or into new Headers(init.headers) without symbol-key normalization, and a local Node runtime check reproduces the reported ByteString failure for symbol-keyed headers. I did not prove the full discord.js login path on current main, so this needs a narrow compatibility fix rather than closure.

Reproducibility: Do we have a high-confidence way to reproduce the issue? Partially: the local Node runtime reproduces the exact Headers failure for Symbol(sensitiveHeaders), and current source shows relevant fetch wrapper boundaries, but I did not run a real OpenClaw plugin with discord.js login on current main.

Next step
This appears to be a narrow compatibility bug with clear likely files, but the repair lane should first pin the exact OpenClaw fetch wrapper path because the full discord.js login flow was not live-reproduced.

Review details

Best possible solution:

Add a shared header-init sanitizer for OpenClaw fetch/proxy capture paths that clones only valid string header names before native fetch/capture, with regression coverage for Symbol(sensitiveHeaders) and no Discord-specific core dependency.

Do we have a high-confidence way to reproduce the issue?

Do we have a high-confidence way to reproduce the issue? Partially: the local Node runtime reproduces the exact Headers failure for Symbol(sensitiveHeaders), and current source shows relevant fetch wrapper boundaries, but I did not run a real OpenClaw plugin with discord.js login on current main.

Is this the best way to solve the issue?

Is this the best way to solve the issue? Unclear until the exact wrapper path is pinned; the safest likely fix is a narrow shared header sanitizer at OpenClaw fetch/proxy boundaries instead of Discord-specific core behavior.

Acceptance criteria:

• node -e 'const s=Symbol("sensitiveHeaders"); const h={Authorization:"Bot x"}; Object.defineProperty(h,s,{value:[],enumerable:false}); try { new Headers(h); console.log("headers ok"); } catch (e) { console.log(e.name); console.log(e.message); }'
• pnpm test src/proxy-capture/runtime.test.ts src/infra/net/runtime-fetch.test.ts src/infra/net/proxy-fetch.test.ts
• pnpm test extensions/discord/src/monitor/provider.proxy.test.ts
• pnpm check:changed

What I checked:

• Current fetch patch forwards caller init unchanged: The debug proxy global fetch patch wraps fetchTarget.fetch and calls originalFetch(input, init) before capture, so any incompatible init.headers shape reaches native fetch unchanged when debug proxy capture is enabled. (src/proxy-capture/runtime.ts:175, 10725c9e0144)
• Capture code treats headers as string records only: redactedCaptureHeaders handles Headers or Record<string,string> and the current tests cover normal string headers, but there is no regression coverage for symbol-keyed header objects. (src/proxy-capture/runtime.test.ts:81, 10725c9e0144)
• Other fetch helpers construct Headers from init.headers: Both runtime dispatcher and proxy fetch normalization call new Headers(init.headers) when rewriting FormData requests, which is the same constructor boundary that rejects symbol-keyed records. (src/infra/net/runtime-fetch.ts:62, 10725c9e0144)
• Local dependency behavior check: A local Node runtime check reproduced the exact error shape: Headers constructor: Key Symbol(sensitiveHeaders) in init is a symbol, which cannot be converted to a ByteString..
• Related implementation history: Remote commit history shows the proxy capture stack was introduced in 958c34e82cdb3e90f476b518fb8dd981370c4389 and later hardened in 718dffd2f2eacd9a168dfe61649f495111d428ce (fix(diagnostics): harden capture redaction and discord metadata fetch #71303), which also touched Discord metadata fetch behavior. (src/proxy-capture/runtime.ts:175, 958c34e82cdb)

Likely related people:

• Takhoffman: Remote history shows 958c34e82cdb3e90f476b518fb8dd981370c4389 introduced the proxy capture stack, global fetch patch, runtime test, and guarded-fetch capture integration. (role: introduced behavior; confidence: medium; commits: 958c34e82cdb; files: src/proxy-capture/runtime.ts, src/proxy-capture/runtime.test.ts, src/infra/net/fetch-guard.ts)
• vincentkoc: 718dffd2f2eacd9a168dfe61649f495111d428ce hardened capture redaction and Discord metadata fetch in fix(diagnostics): harden capture redaction and discord metadata fetch #71303, touching the same proxy capture and Discord gateway surfaces. (role: recent maintainer; confidence: high; commits: 718dffd2f2ea; files: src/proxy-capture/runtime.ts, src/proxy-capture/runtime.test.ts, extensions/discord/src/monitor/gateway-plugin.ts)
• steipete: Remote history shows recent runtime-spec maintenance on the proxy capture file, but the observed commit was a test-lane move rather than the behavior introduction. (role: adjacent recent maintainer; confidence: low; commits: 073b3fbf889d; files: src/proxy-capture/runtime.ts)

Remaining risk / open question:

• The full OpenClaw plugin plus discord.js client.login() path was not live-reproduced in this read-only review, so the exact OpenClaw wrapper that introduces or preserves the symbol-keyed header still needs to be pinned before patching.
• The current code search did not find OpenClaw explicitly creating Symbol(sensitiveHeaders), so the fix should preserve normal header behavior and only sanitize unsupported symbol keys at fetch boundaries.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 10725c9e0144.

[shakkernerd]

Fixed on main in 96f80fa.

The runtime now normalizes plain request header dictionaries that contain third-party symbol metadata before passing them into native fetch / Headers boundaries. That keeps plugin/library-added metadata out of Undici’s header parser while preserving normal Headers, tuple headers, ordinary string-keyed objects, and non-enumerable string header keys.

Covered by focused regressions across the affected fetch paths, plus a direct smoke for the reported symbol-header failure shape.