cs_betty/paperclip
1
0
Fork 0
forked from farhoodlabs/paperclip
Code Pull Requests 1 Activity
Files
d0e01d2863d99191e722eb09a48f806a8487defb
paperclip/server/src/__tests__
T
History
Matt Van Horn d0e01d2863 fix(server): include x-forwarded-host in board mutation origin check 
Behind a reverse proxy with a custom port (e.g. Caddy on :3443), the
browser sends an Origin header that includes the port, but the board
mutation guard only read the Host header which often omits the port.
This caused a 403 "Board mutation requires trusted browser origin"
for self-hosted deployments behind reverse proxies.

Read x-forwarded-host (first value, comma-split) with the same pattern
already used in private-hostname-guard.ts and routes/access.ts.

Fixes #1734
2026-03-25 00:06:43 -07:00
..
activity-routes.test.ts
Fix issue run lookup and heartbeat run summaries
2026-03-11 17:23:33 -05:00
adapter-models.test.ts
Merge PR #62: Full OpenCode adapter integration
2026-03-06 15:23:55 +00:00
adapter-session-codecs.test.ts
feat(adapters): add Gemini CLI local adapter support
2026-03-10 16:46:04 +00:00
agent-auth-jwt.test.ts
Implement local agent JWT authentication for adapters
2026-02-18 16:46:45 -06:00
agent-instructions-routes.test.ts
fix: address latest Greptile runtime review
2026-03-23 19:43:50 -05:00
agent-instructions-service.test.ts
fix: address latest Greptile runtime review
2026-03-23 19:43:50 -05:00
agent-permissions-routes.test.ts
Merge remote-tracking branch 'public-gh/master' into paperclip-routines
2026-03-20 15:04:55 -05:00
agent-shortname-collision.test.ts
Auto-deduplicate agent shortname on join request approval
2026-03-06 13:54:58 -06:00
agent-skill-contract.test.ts
Add unmanaged skill provenance to agent skills
2026-03-18 14:21:50 -05:00
agent-skills-routes.test.ts
Merge remote-tracking branch 'public-gh/master' into paperclip-routines
2026-03-20 15:04:55 -05:00
app-hmr-port.test.ts
Fix execution workspace runtime lifecycle
2026-03-14 09:35:35 -05:00
approval-routes-idempotency.test.ts
server: make approval retries idempotent (#499)
2026-03-10 12:00:29 -04:00
approvals-service.test.ts
Fix approvals service idempotency test
2026-03-10 15:05:19 -05:00
assets.test.ts
Use attachment-size limit for company logos
2026-03-16 10:13:19 -05:00
attachment-types.test.ts
fix: address review feedback — stale error message and * wildcard
2026-03-10 20:01:08 +05:30
board-mutation-guard.test.ts
fix(server): include x-forwarded-host in board mutation origin check
2026-03-25 00:06:43 -07:00
budgets-service.test.ts
Fix budget incident resolution edge cases
2026-03-16 16:48:13 -05:00
claude-local-adapter-environment.test.ts
Auto-create missing cwd for claude_local and codex_local
2026-03-03 12:29:32 -06:00
claude-local-adapter.test.ts
refactor: rename packages to @paperclipai and CLI binary to paperclipai
2026-03-03 08:45:26 -06:00
claude-local-skill-sync.test.ts
Add unmanaged skill provenance to agent skills
2026-03-18 14:21:50 -05:00
cli-auth-routes.test.ts
Address Greptile review on board CLI auth
2026-03-23 08:46:05 -05:00
codex-local-adapter-environment.test.ts
test(codex): move OPENAI_API_KEY stub to beforeEach for all tests
2026-03-24 12:33:11 -07:00
codex-local-adapter.test.ts
Add username log censor setting
2026-03-20 08:50:00 -05:00
codex-local-execute.test.ts
Clarify Codex instruction sources
2026-03-23 16:57:33 -05:00
codex-local-skill-injection.test.ts
Refine codex runtime skills and portability assets
2026-03-19 07:15:36 -05:00
codex-local-skill-sync.test.ts
Refine codex runtime skills and portability assets
2026-03-19 07:15:36 -05:00
companies-route-path-guard.test.ts
Add CEO-safe company portability flows
2026-03-18 21:54:10 -05:00
company-branding-route.test.ts
Add CEO-safe company portability flows
2026-03-18 21:54:10 -05:00
company-portability-routes.test.ts
fix: close remaining routine merge blockers
2026-03-20 16:40:27 -05:00
company-portability.test.ts
Handle nested imported AGENTS edge case
2026-03-23 20:56:34 -05:00
company-skills-routes.test.ts
Add company skill assignment to agent create and hire flows
2026-03-18 13:18:48 -05:00
company-skills.test.ts
Fix imported GitHub skill file paths
2026-03-23 16:57:38 -05:00
costs-service.test.ts
Fix budget auth and monthly spend rollups
2026-03-16 15:41:48 -05:00
cursor-local-adapter-environment.test.ts
cursor adapter: use --yolo instead of --trust
2026-03-05 10:00:22 -06:00
cursor-local-adapter.test.ts
Humanize run transcripts across run detail and live surfaces
2026-03-11 10:35:41 -05:00
cursor-local-execute.test.ts
Fix runtime skill injection across adapters
2026-03-15 07:05:01 -05:00
cursor-local-skill-injection.test.ts
feat(cursor): export skill injection helper and document auto-behaviors
2026-03-05 08:35:59 -06:00
cursor-local-skill-sync.test.ts
Namespace company skill identities
2026-03-16 18:27:20 -05:00
dev-runner-paths.test.ts
Ignore .paperclip paths in restart tracking
2026-03-23 16:57:33 -05:00
dev-server-status.test.ts
Add guarded dev restart handling
2026-03-20 08:50:00 -05:00
documents.test.ts
feat(issues): add issue documents and inline editing
2026-03-13 21:30:48 -05:00
error-handler.test.ts
fix(server): attach raw Error to res.err and avoid pino err key collision
2026-03-07 15:19:03 -06:00
execution-workspace-policy.test.ts
fix: address latest Greptile runtime review
2026-03-23 19:43:50 -05:00
forbidden-tokens.test.ts
Redact current user in comments and token checks
2026-03-11 22:17:21 -05:00
gemini-local-adapter-environment.test.ts
Fix Gemini local execution and diagnostics
2026-03-14 21:36:05 -05:00
gemini-local-adapter.test.ts
Default Gemini adapter to yolo mode and add API access prompt note
2026-03-12 01:45:08 +00:00
gemini-local-execute.test.ts
Fix Gemini local execution and diagnostics
2026-03-14 21:36:05 -05:00
gemini-local-skill-sync.test.ts
Namespace company skill identities
2026-03-16 18:27:20 -05:00
health.test.ts
add app version label
2026-03-17 09:40:07 +05:30
heartbeat-process-recovery.test.ts
Fix embedded Postgres initdb failure in Docker slim containers
2026-03-24 11:48:59 -05:00
heartbeat-run-summary.test.ts
Fix issue run lookup and heartbeat run summaries
2026-03-11 17:23:33 -05:00
heartbeat-workspace-session.test.ts
Honor explicit failed-run session resume
2026-03-23 16:57:33 -05:00
hire-hook.test.ts
Remove legacy OpenClaw adapter and keep gateway-only flow
2026-03-07 18:50:25 -06:00
instance-settings-routes.test.ts
Add guarded dev restart handling
2026-03-20 08:50:00 -05:00
invite-accept-gateway-defaults.test.ts
Remove legacy OpenClaw adapter and keep gateway-only flow
2026-03-07 18:50:25 -06:00
invite-accept-replay.test.ts
Remove legacy OpenClaw adapter and keep gateway-only flow
2026-03-07 18:50:25 -06:00
invite-expiry.test.ts
Enforce 10-minute TTL for generated company invites
2026-03-06 10:10:23 -06:00
invite-join-grants.test.ts
Preserve task assignment grants for joined agents
2026-03-24 11:49:00 -05:00
invite-join-manager.test.ts
Assign invite-joined agents to company CEO
2026-03-06 11:22:24 -06:00
invite-onboarding-text.test.ts
fix(openclaw-gateway): enforce join token validation and add smoke preflight gates
2026-03-07 16:01:19 -06:00
issue-comment-reopen-routes.test.ts
fix: restore post-merge route verification
2026-03-20 17:09:57 -05:00
issue-goal-fallback.test.ts
Seed onboarding project and issue goal context
2026-03-24 11:48:59 -05:00
issues-checkout-wakeup.test.ts
Cut over OpenClaw adapter to strict SSE streaming
2026-03-05 15:54:55 -06:00
issues-goal-context-routes.test.ts
Seed onboarding project and issue goal context
2026-03-24 11:48:59 -05:00
issues-service.test.ts
Fix embedded Postgres initdb failure in Docker slim containers
2026-03-24 11:48:59 -05:00
issues-user-context.test.ts
Normalize derived issue timestamps to avoid 500s
2026-03-06 09:03:27 -06:00
log-redaction.test.ts
Add username log censor setting
2026-03-20 08:50:00 -05:00
monthly-spend-service.test.ts
Fix budget auth and monthly spend rollups
2026-03-16 15:41:48 -05:00
normalize-agent-mention-token.test.ts
test(issues): shorten mid-token entity test comment
2026-03-24 15:39:59 +02:00
openclaw-gateway-adapter.test.ts
fix: remove paperclip property from OpenClaw Gateway agent params
2026-03-12 00:27:41 +08:00
openclaw-invite-prompt-route.test.ts
Add browser-based board CLI auth flow
2026-03-23 08:46:05 -05:00
opencode-local-adapter-environment.test.ts
Address PR feedback: keep testEnvironment non-destructive, warn on swallowed errors
2026-03-07 15:50:14 -05:00
opencode-local-adapter.test.ts
Humanize run transcripts across run detail and live surfaces
2026-03-11 10:35:41 -05:00
opencode-local-skill-sync.test.ts
Namespace company skill identities
2026-03-16 18:27:20 -05:00
paperclip-env.test.ts
Fix agent API URL injection for auto-selected server ports
2026-03-03 13:13:47 -06:00
paperclip-skill-utils.test.ts
Namespace company skill identities
2026-03-16 18:27:20 -05:00
pi-local-adapter-environment.test.ts
Improve Pi adapter diagnostics
2026-03-14 21:11:06 -05:00
pi-local-skill-sync.test.ts
Namespace company skill identities
2026-03-16 18:27:20 -05:00
plugin-dev-watcher.test.ts
Tighten plugin dev file watching
2026-03-14 12:07:04 -05:00
plugin-worker-manager.test.ts
Add plugin framework and settings UI
2026-03-13 16:22:34 -05:00
private-hostname-guard.test.ts
Fix worktree JWT env persistence
2026-03-11 16:38:16 -05:00
project-shortname-resolution.test.ts
feat: deduplicate project shortnames on create and update
2026-03-07 08:59:34 -06:00
quota-windows-service.test.ts
feat(costs): add billing, quota, and budget control plane
2026-03-16 15:11:01 -05:00
quota-windows.test.ts
feat(costs): add billing, quota, and budget control plane
2026-03-16 15:11:01 -05:00
redaction.test.ts
Implement secrets service with local encryption, redaction, and runtime resolution
2026-02-19 15:43:52 -06:00
routines-e2e.test.ts
Fix embedded Postgres initdb failure in Docker slim containers
2026-03-24 11:48:59 -05:00
routines-routes.test.ts
fix: close remaining routine merge blockers
2026-03-20 16:40:27 -05:00
routines-service.test.ts
Fix embedded Postgres initdb failure in Docker slim containers
2026-03-24 11:48:59 -05:00
storage-local-provider.test.ts
fix: storage S3 stream conversion, API client FormData support, and attachment API
2026-02-20 10:33:10 -06:00
ui-branding.test.ts
Add worktree UI branding
2026-03-13 11:12:43 -05:00
work-products.test.ts
Address remaining Greptile workspace review
2026-03-17 10:12:44 -05:00
workspace-runtime.test.ts
Add workspace operation tracking and fix project properties JSX
2026-03-17 09:36:35 -05:00