docs: document sandbox policy tests · openclaw/openclaw@ba02f12
steipete
·
2026-06-05
·
via Recent Commits to openclaw:main
| Original file line number | Diff line number | Diff line change |
|---|
|
| 1 | +// noVNC auth tests cover observer URL construction, one-time tokens, and |
| 2 | +// password generation for sandbox browser viewing. |
1 | 3 | import { describe, expect, it } from "vitest"; |
2 | 4 | import { |
3 | 5 | buildNoVncDirectUrl, |
@@ -24,6 +26,8 @@ describe("noVNC auth helpers", () => {
|
24 | 26 | }); |
25 | 27 | |
26 | 28 | it("issues one-time short-lived observer tokens", () => { |
| 29 | +// Observer tokens are bearer access to a browser session, so consumption is |
| 30 | +// one-shot and bounded by a short TTL. |
27 | 31 | resetNoVncObserverTokensForTests(); |
28 | 32 | const token = issueNoVncObserverToken({ |
29 | 33 | noVncPort: 50123, |
|
| Original file line number | Diff line number | Diff line change |
|---|
|
| 1 | +// Sandbox management tests cover browser runtime listing/removal metadata and |
| 2 | +// backend manager wiring. |
1 | 3 | import { beforeAll, beforeEach, describe, expect, it, vi } from "vitest"; |
2 | 4 | |
3 | 5 | let listSandboxBrowsers: typeof import("./manage.js").listSandboxBrowsers; |
@@ -133,6 +135,8 @@ describe("listSandboxBrowsers", () => {
|
133 | 135 | }); |
134 | 136 | |
135 | 137 | it("compares browser runtimes against sandbox.browser.image", async () => { |
| 138 | +// Browser containers have a different configured image than shell sandboxes; |
| 139 | +// management views must compare against the browser label kind. |
136 | 140 | const results = await listSandboxBrowsers(); |
137 | 141 | |
138 | 142 | const describeInput = firstDescribeRuntimeInput(); |
|
| Original file line number | Diff line number | Diff line change |
|---|
|
| 1 | +// Sandbox env sanitizer tests cover credential filtering for inherited and |
| 2 | +// explicitly configured sandbox environment variables. |
1 | 3 | import { describe, expect, it } from "vitest"; |
2 | 4 | import { sanitizeEnvVars, sanitizeExplicitSandboxEnvVars } from "./sanitize-env-vars.js"; |
3 | 5 | |
@@ -67,6 +69,8 @@ describe("sanitizeEnvVars", () => {
|
67 | 69 | }); |
68 | 70 | |
69 | 71 | it("allows explicit configured sandbox env names that look like credentials", () => { |
| 72 | +// Explicit sandbox env config is operator intent; value validation still |
| 73 | +// runs, but name-based credential blocking does not. |
70 | 74 | const result = sanitizeExplicitSandboxEnvVars({ |
71 | 75 | GEMINI_API_KEY: "dummy-gemini-api-key", |
72 | 76 | GOOGLE_CLIENT_SECRET: "dummy-google-client-secret", |
|
| Original file line number | Diff line number | Diff line change |
|---|
|
| 1 | +// Sandbox tool policy tests cover effective allow/deny merging and blocked-tool |
| 2 | +// guidance for sandboxed agent sessions. |
1 | 3 | import { describe, expect, it } from "vitest"; |
2 | 4 | import type { OpenClawConfig } from "../../config/config.js"; |
3 | 5 | import { resolveSandboxConfigForAgent } from "./config.js"; |
@@ -69,6 +71,8 @@ describe("sandbox/tool-policy", () => {
|
69 | 71 | }); |
70 | 72 | |
71 | 73 | it("preserves allow-all semantics for allow: [] plus alsoAllow", () => { |
| 74 | +// An empty allowlist means allow all except denies; alsoAllow should only |
| 75 | +// remove matching default denies, not turn allow-all into allow-some. |
72 | 76 | const cfg: OpenClawConfig = { |
73 | 77 | agents: { |
74 | 78 | defaults: { |
@@ -268,6 +272,8 @@ describe("sandbox/tool-policy", () => {
|
268 | 272 | }); |
269 | 273 | |
270 | 274 | it("keeps blocked-tool guidance glob-aware and shell-safe", () => { |
| 275 | +// The guidance embeds a copy-paste command; quote the real session key while |
| 276 | +// keeping the displayed session line compact and terminal-safe. |
271 | 277 | const sessionKey = "agent:main:weird session;rm -rf /"; |
272 | 278 | const cfg: OpenClawConfig = { |
273 | 279 | agents: { |
|
| Original file line number | Diff line number | Diff line change |
|---|
|
| 1 | +// Sandbox workspace tests cover bootstrap file seeding into isolated workspaces |
| 2 | +// without following unsafe host links. |
1 | 3 | import fs from "node:fs/promises"; |
2 | 4 | import os from "node:os"; |
3 | 5 | import path from "node:path"; |
@@ -35,6 +37,8 @@ describe("ensureSandboxWorkspace", () => {
|
35 | 37 | }); |
36 | 38 | |
37 | 39 | it.runIf(process.platform !== "win32")("skips symlinked bootstrap seed files", async () => { |
| 40 | +// Bootstrap files can influence agent behavior; symlinks must not pull in |
| 41 | +// arbitrary host files from outside the source workspace. |
38 | 42 | const root = await makeTempRoot(); |
39 | 43 | const seed = path.join(root, "seed"); |
40 | 44 | const sandbox = path.join(root, "sandbox"); |
|
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。