yunxiafei/openclaw-mission-control
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(security): Stop logging raw trusted proxy entries

Browse Source
This commit is contained in:
Abhimanyu Saharan
2026-03-07 23:47:00 +05:30
parent 46bc9a02c6
commit 6d2ff60a82
2 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
backend/tests/test_client_ip.py
View File

@@ -2,6 +2,7 @@
from __future__ import annotations
import logging
from unittest.mock import patch
from app.core.client_ip import (
@@ -103,6 +104,14 @@ def test_parse_trusted_networks_ignores_invalid() -> None:
assert len(nets) == 2
def test_parse_trusted_networks_does_not_log_invalid_value(caplog) -> None:
with caplog.at_level(logging.WARNING, logger="app.core.client_ip"):
_parse_trusted_networks("127.0.0.1, not-an-ip, 10.0.0.0/8")
assert "trusted_proxies: ignoring invalid entry in configuration" in caplog.text
assert "not-an-ip" not in caplog.text
# ---------------------------------------------------------------------------
# Integration tests for get_client_ip
# ---------------------------------------------------------------------------