fix(macos): reject insecure non-loopback ws remote gateway urls#21971
Merged
fix(macos): reject insecure non-loopback ws remote gateway urls#21971
Conversation
mbelinky
added a commit
that referenced
this pull request
Feb 20, 2026
93df6ad to
0c33523
Compare
|
This matches the macOS hardening intent from #21268, and the strict loopback parsing approach should prevent a lot of subtle edge cases. If there’s any room for it later, it might be worth centralizing the loopback-check helper across the Swift surfaces to reduce drift |
0c33523 to
9e8cdbf
Compare
Contributor
Author
rodrigogs
pushed a commit
to rodrigogs/openclaw
that referenced
this pull request
Feb 20, 2026
…claw#21971) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 9e8cdbf Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky
Hansen1018
added a commit
to Hansen1018/openclaw
that referenced
this pull request
Feb 21, 2026
…claw#21971) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 9e8cdbf Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky
dgarson
pushed a commit
to dgarson/clawdbot
that referenced
this pull request
Feb 21, 2026
…claw#21971) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 9e8cdbf Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky
mmyyfirstb
pushed a commit
to mmyyfirstb/openclaw
that referenced
this pull request
Feb 21, 2026
…claw#21971) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 9e8cdbf Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky
obviyus
pushed a commit
to guirguispierre/openclaw
that referenced
this pull request
Feb 22, 2026
…claw#21971) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 9e8cdbf Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky
mreedr
pushed a commit
to mreedr/openclaw-custom
that referenced
this pull request
Feb 24, 2026
…claw#21971) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 9e8cdbf Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky
6 tasks
hughdidit
pushed a commit
to hughdidit/DAISy-Agency
that referenced
this pull request
Mar 1, 2026
…claw#21971) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 9e8cdbf Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky (cherry picked from commit 774d73b) # Conflicts: # apps/macos/Tests/OpenClawIPCTests/GatewayEndpointStoreTests.swift
hughdidit
pushed a commit
to hughdidit/DAISy-Agency
that referenced
this pull request
Mar 3, 2026
…claw#21971) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 9e8cdbf Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky (cherry picked from commit 774d73b) # Conflicts: # apps/macos/Tests/MoltbotIPCTests/GatewayEndpointStoreTests.swift
zooqueen
pushed a commit
to hanzoai/bot
that referenced
this pull request
Mar 6, 2026
…claw#21971) Merged via /review-pr -> /prepare-pr -> /merge-pr. Prepared head SHA: 9e8cdbf Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Co-authored-by: mbelinky <132747814+mbelinky@users.noreply.github.com> Reviewed-by: @mbelinky
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary\n- reject insecure non-loopback ws:// URLs in GatewayRemoteConfig normalization\n- use strict loopback parsing to avoid prefix bypasses\n- add/adjust GatewayEndpointStore tests for allowed loopback and rejected non-loopback/prefix-bypass hosts\n\n## Why\nThis lands the macOS remote-config hardening intent from #21268 as a separate focused change.
Greptile Summary
Adds security hardening to reject insecure
ws://URLs for non-loopback gateway connections on macOS. The implementation uses robust IP address parsing via the Network framework to prevent both direct non-loopback connections and prefix-bypass attacks (e.g.,ws://127.attacker.example). The loopback detection correctly handles localhost, IPv4 127.x.x.x addresses, IPv6::1, and IPv4-mapped IPv6 addresses.Confidence Score: 5/5
Last reviewed commit: 93df6ad