admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1bdd9e313fa3cd0bce3d5b2732827876561b2a81
Moltbot/src/web
History
Leszek Szpunar 1bdd9e313f security(web): sanitize WhatsApp accountId to prevent path traversal (#4610) 
* security(web): sanitize WhatsApp accountId to prevent path traversal

Apply normalizeAccountId() from routing/session-key to
resolveDefaultAuthDir() so that malicious config values like
"../../../etc" cannot escape the intended auth directory.

Fixes #2692

* fix(web): check sanitized segment instead of full path in Windows test

* style(web): fix oxfmt formatting in accounts test
2026-02-01 14:29:53 -08:00
..
auto-reply
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
inbound
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
accounts.test.ts
security(web): sanitize WhatsApp accountId to prevent path traversal (#4610)
2026-02-01 14:29:53 -08:00
accounts.ts
security(web): sanitize WhatsApp accountId to prevent path traversal (#4610)
2026-02-01 14:29:53 -08:00
accounts.whatsapp-auth.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
active-listener.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
auth-store.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
auto-reply.broadcast-groups.broadcasts-sequentially-configured-order.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
auto-reply.broadcast-groups.skips-unknown-broadcast-agent-ids-agents-list.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
auto-reply.impl.ts
chore: migrate to oxlint and oxfmt
2026-01-14 15:02:19 +00:00
auto-reply.partial-reply-gating.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
auto-reply.ts
refactor(src): split oversized modules
2026-01-14 01:17:56 +00:00
auto-reply.typing-controller-idle.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
auto-reply.web-auto-reply.compresses-common-formats-jpeg-cap.test.ts
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00
auto-reply.web-auto-reply.falls-back-text-media-send-fails.test.ts
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00
auto-reply.web-auto-reply.prefixes-body-same-phone-marker-from.test.ts
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00
auto-reply.web-auto-reply.reconnects-after-connection-close.test.ts
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00
auto-reply.web-auto-reply.requires-mention-group-chats-injects-history-replying.test.ts
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00
auto-reply.web-auto-reply.sends-tool-summaries-immediately-responseprefix.test.ts
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00
auto-reply.web-auto-reply.supports-always-group-activation-silent-token-preserves.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
auto-reply.web-auto-reply.uses-per-agent-mention-patterns-group-gating.test.ts
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00
inbound.media.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
inbound.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
inbound.ts
chore: migrate to oxlint and oxfmt
2026-01-14 15:02:19 +00:00
login-qr.test.ts
chore: migrate to oxlint and oxfmt
2026-01-14 15:02:19 +00:00
login-qr.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
login.coverage.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
login.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
login.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
logout.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
media.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
media.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
monitor-inbox.allows-messages-from-senders-allowfrom-list.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
monitor-inbox.blocks-messages-from-unauthorized-senders-not-allowfrom.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
monitor-inbox.captures-media-path-image-messages.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
monitor-inbox.streams-inbound-messages.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
outbound.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
outbound.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
qr-image.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
qr-image.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
reconnect.test.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
reconnect.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
session.test.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
session.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
test-helpers.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
vcard.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00