opencami 1.8.2 → 1.8.5

package/dist/server/assets/{router-bN_iTo0B.js → router-Brzpnz55.js}

@@ -1,17 +1,18 @@
 import { createRootRoute, Outlet, HeadContent, Scripts, createFileRoute, lazyRouteComponent, redirect, createRouter } from "@tanstack/react-router";
 import { jsx, jsxs } from "react/jsx-runtime";
 import { QueryClientProvider, QueryClient } from "@tanstack/react-query";
-import { randomUUID } from "node:crypto";
-import WebSocket from "ws";
-import { readFileSync, existsSync } from "node:fs";
-import path, { join, resolve, relative, extname } from "node:path";
+import crypto, { randomUUID } from "node:crypto";
+import fs, { readFileSync, existsSync } from "node:fs";
 import os, { homedir } from "node:os";
+import path, { join, resolve, relative, extname } from "node:path";
+import WebSocket from "ws";
 import { json } from "@tanstack/router-core/ssr/client";
 import { PassThrough, Readable } from "node:stream";
-import { execSync } from "node:child_process";
+import { execFile, execSync } from "node:child_process";
+import { promisify } from "node:util";
 import { readFile, mkdir, writeFile, rename, stat, readdir, rm, realpath, lstat } from "node:fs/promises";
 import { posix } from "path";
-const appCss = "/assets/styles-DvaLh0o1.css";
+const appCss = "/assets/styles-CXV5jZiD.css";
 const swRegisterScript = `
 (() => {
   // Skip PWA service worker inside Capacitor native shell — they conflict
@@ -369,11 +370,11 @@ const $$splitComponentImporter$2 = () => import("./agents-CmQ4vvXm.js");
 const Route$t = createFileRoute("/agents")({
   component: lazyRouteComponent($$splitComponentImporter$2, "component")
 });
-const $$splitComponentImporter$1 = () => import("./index-C2hVqxBl.js");
+const $$splitComponentImporter$1 = () => import("./index-NcNCVGTL.js");
 const Route$s = createFileRoute("/")({
   component: lazyRouteComponent($$splitComponentImporter$1, "component")
 });
-const $$splitComponentImporter = () => import("./_sessionKey-Bq_fl7uv.js").then((n) => n.$);
+const $$splitComponentImporter = () => import("./_sessionKey-CH8wIyED.js").then((n) => n.$);
 const Route$r = createFileRoute("/chat/$sessionKey")({
   component: lazyRouteComponent($$splitComponentImporter, "component")
 });
@@ -388,26 +389,202 @@ function getGatewayConfig() {
   }
   return { url, token, password };
 }
-function buildConnectParams(token, password) {
+const ED25519_SPKI_PREFIX = Buffer.from("302a300506032b6570032100", "hex");
+function base64UrlEncode(buf) {
+  return buf.toString("base64").replaceAll("+", "-").replaceAll("/", "_").replace(/=+$/g, "");
+}
+function derivePublicKeyRaw(publicKeyPem) {
+  const spki = crypto.createPublicKey(publicKeyPem).export({ type: "spki", format: "der" });
+  if (spki.length === ED25519_SPKI_PREFIX.length + 32 && spki.subarray(0, ED25519_SPKI_PREFIX.length).equals(ED25519_SPKI_PREFIX)) {
+    return spki.subarray(ED25519_SPKI_PREFIX.length);
+  }
+  return spki;
+}
+function fingerprintPublicKey(publicKeyPem) {
+  const raw = derivePublicKeyRaw(publicKeyPem);
+  return crypto.createHash("sha256").update(raw).digest("hex");
+}
+function ensureDir(filePath) {
+  fs.mkdirSync(path.dirname(filePath), { recursive: true });
+}
+function resolveDeviceIdentityPath() {
+  return path.join(os.homedir(), ".opencami", "identity", "device.json");
+}
+function resolveDeviceTokensPath() {
+  return path.join(os.homedir(), ".opencami", "identity", "device-tokens.json");
+}
+function hashGatewayUrl(url) {
+  return crypto.createHash("sha256").update(url.trim()).digest("hex");
+}
+function loadDeviceToken(deviceId, gatewayUrl) {
+  const filePath = resolveDeviceTokensPath();
+  try {
+    if (!fs.existsSync(filePath)) return "";
+    const raw = fs.readFileSync(filePath, "utf8");
+    const parsed = JSON.parse(raw);
+    const key = `${deviceId}:${hashGatewayUrl(gatewayUrl)}`;
+    const token = parsed[key];
+    return typeof token === "string" ? token : "";
+  } catch {
+    return "";
+  }
+}
+function storeDeviceToken(deviceId, gatewayUrl, token) {
+  if (!token) return;
+  const filePath = resolveDeviceTokensPath();
+  const key = `${deviceId}:${hashGatewayUrl(gatewayUrl)}`;
+  try {
+    let parsed = {};
+    if (fs.existsSync(filePath)) {
+      const raw = fs.readFileSync(filePath, "utf8");
+      parsed = JSON.parse(raw);
+    }
+    parsed[key] = token;
+    ensureDir(filePath);
+    fs.writeFileSync(filePath, `${JSON.stringify(parsed, null, 2)}
+`, { mode: 384 });
+    try {
+      fs.chmodSync(filePath, 384);
+    } catch {
+    }
+  } catch {
+  }
+}
+function loadOrCreateDeviceIdentity(filePath = resolveDeviceIdentityPath()) {
+  try {
+    if (fs.existsSync(filePath)) {
+      const raw = fs.readFileSync(filePath, "utf8");
+      const parsed = JSON.parse(raw);
+      if (parsed?.version === 1 && typeof parsed.deviceId === "string" && typeof parsed.publicKeyPem === "string" && typeof parsed.privateKeyPem === "string") {
+        const derivedId = fingerprintPublicKey(parsed.publicKeyPem);
+        if (derivedId && derivedId !== parsed.deviceId) {
+          const updated = { ...parsed, deviceId: derivedId };
+          fs.writeFileSync(filePath, `${JSON.stringify(updated, null, 2)}
+`, { mode: 384 });
+          try {
+            fs.chmodSync(filePath, 384);
+          } catch {
+          }
+          return { deviceId: derivedId, publicKeyPem: parsed.publicKeyPem, privateKeyPem: parsed.privateKeyPem };
+        }
+        return { deviceId: parsed.deviceId, publicKeyPem: parsed.publicKeyPem, privateKeyPem: parsed.privateKeyPem };
+      }
+    }
+  } catch {
+  }
+  const { publicKey, privateKey } = crypto.generateKeyPairSync("ed25519");
+  const publicKeyPem = publicKey.export({ type: "spki", format: "pem" }).toString();
+  const privateKeyPem = privateKey.export({ type: "pkcs8", format: "pem" }).toString();
+  const deviceId = fingerprintPublicKey(publicKeyPem);
+  ensureDir(filePath);
+  const stored = {
+    version: 1,
+    deviceId,
+    publicKeyPem,
+    privateKeyPem,
+    createdAtMs: Date.now()
+  };
+  fs.writeFileSync(filePath, `${JSON.stringify(stored, null, 2)}
+`, { mode: 384 });
+  try {
+    fs.chmodSync(filePath, 384);
+  } catch {
+  }
+  return { deviceId, publicKeyPem, privateKeyPem };
+}
+function signDevicePayload(privateKeyPem, payload) {
+  const key = crypto.createPrivateKey(privateKeyPem);
+  return base64UrlEncode(crypto.sign(null, Buffer.from(payload, "utf8"), key));
+}
+function publicKeyRawBase64UrlFromPem(publicKeyPem) {
+  return base64UrlEncode(derivePublicKeyRaw(publicKeyPem));
+}
+function buildDeviceAuthPayload(args) {
+  const scopes = args.scopes.join(",");
+  const token = args.token ?? "";
+  return ["v2", args.deviceId, args.clientId, args.clientMode, args.role, scopes, String(args.signedAtMs), token, args.nonce].join("|");
+}
+function loadOrCreateInstanceId() {
+  const filePath = path.join(os.homedir(), ".opencami", "identity", "instance-id.txt");
+  try {
+    if (fs.existsSync(filePath)) {
+      const v2 = fs.readFileSync(filePath, "utf8").trim();
+      if (v2) return v2;
+    }
+  } catch {
+  }
+  const v = randomUUID();
+  ensureDir(filePath);
+  fs.writeFileSync(filePath, `${v}
+`, { mode: 384 });
+  try {
+    fs.chmodSync(filePath, 384);
+  } catch {
+  }
+  return v;
+}
+function buildConnectParams(url, token, password, nonce) {
+  const clientId = "openclaw-control-ui";
+  const clientMode = "webchat";
+  const role = "operator";
+  const scopes = ["operator.admin", "operator.approvals", "operator.pairing"];
+  if (!nonce) {
+    throw new Error(
+      "OpenClaw did not send connect.challenge nonce in time. If you are connecting cross-origin, ensure your origin is allowed (gateway.controlUi.allowedOrigins)."
+    );
+  }
+  const identity = loadOrCreateDeviceIdentity();
+  const storedToken = loadDeviceToken(identity.deviceId, url);
+  const signedAtMs = Date.now();
+  const payload = buildDeviceAuthPayload({
+    deviceId: identity.deviceId,
+    clientId,
+    clientMode,
+    role,
+    scopes,
+    signedAtMs,
+    token: token || null,
+    nonce
+  });
+  const signature = signDevicePayload(identity.privateKeyPem, payload);
   return {
     minProtocol: 3,
     maxProtocol: 3,
     client: {
-      id: "gateway-client",
+      id: clientId,
       displayName: "OpenCami",
       version: "dev",
       platform: process.platform,
-      mode: "ui",
-      instanceId: randomUUID()
+      mode: clientMode,
+      instanceId: loadOrCreateInstanceId()
     },
+    caps: [],
     auth: {
       token: token || void 0,
-      password: password || void 0
+      password: password || void 0,
+      deviceToken: storedToken || void 0
     },
     role: "operator",
-    scopes: ["operator.read", "operator.write", "operator.admin"]
+    scopes,
+    device: {
+      id: identity.deviceId,
+      publicKey: publicKeyRawBase64UrlFromPem(identity.publicKeyPem),
+      signature,
+      signedAt: signedAtMs,
+      nonce
+    },
+    userAgent: `opencami/${process.env.npm_package_version ?? "dev"} (node ${process.version})`,
+    locale: process.env.LANG || "en"
   };
 }
+class GatewayResponseError extends Error {
+  code;
+  constructor(message, code) {
+    super(message);
+    this.name = "GatewayResponseError";
+    this.code = code;
+  }
+}
 class PersistentGatewayConnection {
   ws = null;
   connected = false;
@@ -417,6 +594,8 @@ class PersistentGatewayConnection {
   reconnectDelay = 1e3;
   maxReconnectDelay = 3e4;
   destroyed = false;
+  _devicePending = false;
+  _deviceId = "";
   // Event listeners keyed by sessionKey — each sessionKey can have multiple listeners
   sessionListeners = /* @__PURE__ */ new Map();
   // Listeners that receive ALL events (for debugging or global subscriptions)
@@ -426,6 +605,12 @@ class PersistentGatewayConnection {
   get isConnected() {
     return this.connected && this.ws?.readyState === WebSocket.OPEN;
   }
+  getDeviceStatus() {
+    return {
+      deviceId: this._deviceId,
+      isPending: this._devicePending
+    };
+  }
   /** Ensure the persistent connection is up and authenticated. */
   async ensureConnected() {
     if (this.isConnected) return;
@@ -440,7 +625,8 @@ class PersistentGatewayConnection {
   async _connect() {
     if (this.destroyed) throw new Error("Connection destroyed");
     const { url, token, password } = getGatewayConfig();
-    const ws = new WebSocket(url);
+    const origin = process.env.OPENCAMI_ORIGIN?.trim();
+    const ws = origin ? new WebSocket(url, { headers: { Origin: origin } }) : new WebSocket(url);
     this.ws = ws;
     await new Promise((resolve2, reject) => {
       const onOpen = () => {
@@ -458,19 +644,105 @@ class PersistentGatewayConnection {
       ws.on("open", onOpen);
       ws.on("error", onError);
     });
+    const nonce = await new Promise((resolve2) => {
+      let done = false;
+      const timer = setTimeout(() => {
+        if (done) return;
+        done = true;
+        resolve2("");
+      }, 3e3);
+      const onMessage = (data) => {
+        try {
+          const str = typeof data === "string" ? data : data.toString();
+          const parsed = JSON.parse(str);
+          if (parsed.type === "event" && parsed.event === "connect.challenge") {
+            const n = parsed.payload?.nonce;
+            if (typeof n === "string" && n.length > 0) {
+              clearTimeout(timer);
+              ws.off("message", onMessage);
+              if (done) return;
+              done = true;
+              resolve2(n);
+            }
+          }
+        } catch {
+        }
+      };
+      ws.on("message", onMessage);
+    });
     ws.on("message", (data) => this._onMessage(data));
     ws.on("close", () => this._onClose());
     ws.on("error", () => {
     });
     const connectId = randomUUID();
-    const connectParams = buildConnectParams(token, password);
-    ws.send(JSON.stringify({
-      type: "req",
-      id: connectId,
-      method: "connect",
-      params: connectParams
-    }));
-    await this._waitForRes(connectId, 1e4);
+    const shouldFallback = process.env.OPENCAMI_DEVICE_AUTH_FALLBACK === "1" || process.env.OPENCAMI_DEVICE_AUTH_FALLBACK === "true";
+    try {
+      const connectParams = buildConnectParams(url, token, password, nonce);
+      this._deviceId = connectParams.device?.id ?? "";
+      ws.send(
+        JSON.stringify({
+          type: "req",
+          id: connectId,
+          method: "connect",
+          params: connectParams
+        })
+      );
+      const hello = await this._waitForRes(connectId, 1e4);
+      if (hello?.auth?.deviceToken) {
+        const identity = loadOrCreateDeviceIdentity();
+        storeDeviceToken(identity.deviceId, url, hello.auth.deviceToken);
+      }
+      const grantedScopes = hello?.auth?.scopes;
+      if (Array.isArray(grantedScopes) && !grantedScopes.includes("operator.read")) {
+        throw new Error(
+          `Gateway connected but missing required scope: operator.read (granted: ${grantedScopes.join(", ")})`
+        );
+      }
+      this._devicePending = false;
+    } catch (err) {
+      const code = err instanceof GatewayResponseError ? err.code : "";
+      const message = err instanceof Error ? err.message : String(err);
+      if (code === "device_pending" || message.toLowerCase().includes("pending")) {
+        this._devicePending = true;
+      }
+      if (!shouldFallback) throw err;
+      console.warn(
+        "[gateway-ws] Device auth connect failed; retrying without device identity (fallback enabled):",
+        err instanceof Error ? err.message : err
+      );
+      const fallbackId = randomUUID();
+      const fallbackParams = {
+        minProtocol: 3,
+        maxProtocol: 3,
+        client: {
+          id: "openclaw-control-ui",
+          displayName: "OpenCami",
+          version: "dev",
+          platform: process.platform,
+          mode: "webchat",
+          instanceId: loadOrCreateInstanceId()
+        },
+        caps: [],
+        auth: {
+          token: token || void 0,
+          password: password || void 0
+        },
+        role: "operator",
+        scopes: ["operator.admin", "operator.approvals", "operator.pairing"],
+        userAgent: `opencami/${process.env.npm_package_version ?? "dev"} (node ${process.version})`,
+        locale: process.env.LANG || "en"
+      };
+      ws.send(
+        JSON.stringify({
+          type: "req",
+          id: fallbackId,
+          method: "connect",
+          params: fallbackParams
+        })
+      );
+      await this._waitForRes(fallbackId, 1e4);
+      this._devicePending = false;
+    }
     this.connected = true;
     this.reconnectDelay = 1e3;
     console.log("[gateway-ws] Persistent connection established");
@@ -487,7 +759,7 @@ class PersistentGatewayConnection {
           if (parsed.ok) {
             pending.resolve(parsed.payload);
           } else {
-            pending.reject(new Error(parsed.error?.message ?? "gateway error"));
+            pending.reject(new GatewayResponseError(parsed.error?.message ?? "gateway error", parsed.error?.code));
           }
         }
         return;
@@ -532,9 +804,9 @@ class PersistentGatewayConnection {
   }
   _extractSessionKey(event) {
     const payload = event.payload;
-    if (typeof payload?.sessionKey === "string") return payload.sessionKey;
-    if (typeof payload?.session === "string") return payload.session;
-    if (payload?.data && typeof payload.data?.sessionKey === "string") {
+    if (typeof payload.sessionKey === "string") return payload.sessionKey;
+    if (typeof payload.session === "string") return payload.session;
+    if (payload.data && typeof payload.data?.sessionKey === "string") {
       return payload.data.sessionKey;
     }
     return null;
@@ -652,6 +924,10 @@ function subscribeGatewayEvents(sessionKey, listener) {
   const conn = getPersistentConnection();
   return conn.subscribe(sessionKey, listener);
 }
+function getDeviceStatus() {
+  const conn = getPersistentConnection();
+  return conn.getDeviceStatus();
+}
 async function gatewayConnectCheck() {
   const conn = getPersistentConnection();
   await conn.ensureConnected();
@@ -1116,9 +1392,34 @@ const RECOMMENDED_SKILLS = [
   "clawd-docs-v2",
   "therapy-mode"
 ];
-function runCmd(cmd) {
+const execFileAsync = promisify(execFile);
+const ALLOWED_SORTS = /* @__PURE__ */ new Set(["trending", "downloads", "installs", "newest"]);
+const SLUG_PATTERN = /^[a-zA-Z0-9/_-]+$/;
+function parsePositiveInt(input, fallback, max) {
+  if (!input) return fallback;
+  const parsed = Number.parseInt(input, 10);
+  if (!Number.isFinite(parsed) || parsed <= 0) return fallback;
+  return Math.min(parsed, max);
+}
+function parseSort(input) {
+  if (!input) return "trending";
+  const normalized = input.trim().toLowerCase();
+  return ALLOWED_SORTS.has(normalized) ? normalized : "trending";
+}
+function parseSlug(input) {
+  if (typeof input !== "string") return null;
+  const slug = input.trim();
+  if (!slug || !SLUG_PATTERN.test(slug)) return null;
+  return slug;
+}
+async function runCmd(args) {
   try {
-    return execSync(cmd, { encoding: "utf-8", timeout: 3e4 }).trim();
+    const { stdout } = await execFileAsync("clawhub", args, {
+      encoding: "utf-8",
+      timeout: 3e4,
+      maxBuffer: 1024 * 1024 * 8
+    });
+    return stdout.trim();
   } catch (err) {
     const msg = err instanceof Error ? err.message : String(err);
     throw new Error(`Command failed: ${msg}`);
@@ -1165,15 +1466,13 @@ const Route$n = createFileRoute("/api/skills")({
           const url = new URL(request.url);
           const action = url.searchParams.get("action") || "installed";
           if (action === "installed") {
-            const output = runCmd("clawhub list");
+            const output = await runCmd(["list"]);
             return json({ ok: true, skills: parseInstalledSkills(output) });
           }
           if (action === "explore") {
-            const sort = url.searchParams.get("sort") || "trending";
-            const limit = url.searchParams.get("limit") || "25";
-            const safeSort = sort.replace(/[^a-z-]/gi, "");
-            const safeLimit = String(parseInt(limit, 10) || 25);
-            const raw = runCmd(`clawhub explore --json --limit ${safeLimit} --sort ${safeSort}`);
+            const sort = parseSort(url.searchParams.get("sort"));
+            const limit = parsePositiveInt(url.searchParams.get("limit"), 25, 200);
+            const raw = await runCmd(["explore", "--json", "--limit", String(limit), "--sort", sort]);
             const output = raw.substring(raw.indexOf("{"));
             try {
               const data = JSON.parse(output);
@@ -1184,11 +1483,9 @@ const Route$n = createFileRoute("/api/skills")({
           }
           if (action === "search") {
             const q = url.searchParams.get("q") || "";
-            const limit = url.searchParams.get("limit") || "10";
+            const limit = parsePositiveInt(url.searchParams.get("limit"), 10, 200);
             if (!q.trim()) return json({ ok: true, skills: [] });
-            const safeLimit = String(parseInt(limit, 10) || 10);
-            const safeQ = q.replace(/"/g, '\\"');
-            const raw = runCmd(`clawhub search "${safeQ}" --limit ${safeLimit}`);
+            const raw = await runCmd(["search", q, "--limit", String(limit)]);
             const output = raw.replace(/^- Searching\n?/, "");
             return json({ ok: true, skills: parseSearchResults(output) });
           }
@@ -1202,7 +1499,7 @@ const Route$n = createFileRoute("/api/skills")({
             for (const sort of ["downloads", "installs", "newest", "trending"]) {
               if (found.size >= slugSet.size) break;
               try {
-                const raw = runCmd(`clawhub explore --json --limit 200 --sort ${sort}`);
+                const raw = await runCmd(["explore", "--json", "--limit", "200", "--sort", sort]);
                 const output = raw.substring(raw.indexOf("{"));
                 const data = JSON.parse(output);
                 const items = Array.isArray(data) ? data : data.items || [];
@@ -1230,15 +1527,14 @@ const Route$n = createFileRoute("/api/skills")({
         try {
           const body = await request.json().catch(() => ({}));
           const action = typeof body.action === "string" ? body.action : "";
-          const slug = typeof body.slug === "string" ? body.slug.trim() : "";
-          if (!slug) return json({ ok: false, error: "slug is required" }, { status: 400 });
-          const safeSlug = slug.replace(/[^a-zA-Z0-9/_-]/g, "");
+          const slug = parseSlug(body.slug);
+          if (!slug) return json({ ok: false, error: "Valid slug is required" }, { status: 400 });
           if (action === "install") {
-            const output = runCmd(`clawhub install ${safeSlug} --no-input`);
+            const output = await runCmd(["install", slug, "--no-input"]);
             return json({ ok: true, output });
           }
           if (action === "update") {
-            const output = runCmd(`clawhub update ${safeSlug} --no-input`);
+            const output = await runCmd(["update", slug, "--no-input"]);
             return json({ ok: true, output });
           }
           return json({ ok: false, error: "Unknown action" }, { status: 400 });
@@ -1501,12 +1797,38 @@ const Route$k = createFileRoute("/api/ping")({
       GET: async () => {
         try {
           await gatewayConnectCheck();
-          return json({ ok: true });
+          const status = getDeviceStatus();
+          if (status.isPending) {
+            return json(
+              {
+                ok: false,
+                error: "device pending approval",
+                deviceId: status.deviceId,
+                approveCommand: `openclaw devices approve ${status.deviceId}`
+              },
+              { status: 503 }
+            );
+          }
+          return json({ ok: true, deviceId: status.deviceId, isPending: false });
         } catch (err) {
+          const status = getDeviceStatus();
+          if (status.isPending) {
+            return json(
+              {
+                ok: false,
+                error: "device pending approval",
+                deviceId: status.deviceId,
+                approveCommand: `openclaw devices approve ${status.deviceId}`
+              },
+              { status: 503 }
+            );
+          }
           return json(
             {
               ok: false,
-              error: err instanceof Error ? err.message : String(err)
+              error: err instanceof Error ? err.message : String(err),
+              deviceId: status.deviceId,
+              isPending: status.isPending
             },
             { status: 503 }
           );
@@ -1755,27 +2077,73 @@ Rules:
   }
   return [];
 }
-async function testApiKey(apiKey) {
+async function testApiKey(options) {
+  const llmOptions = typeof options === "string" ? { apiKey: options } : options;
   try {
     await chatCompletion(
       [{ role: "user", content: "Hi" }],
-      { apiKey, maxTokens: 1, timeoutMs: 5e3 }
+      { ...llmOptions, maxTokens: 1, timeoutMs: 5e3 }
     );
     return true;
   } catch {
     return false;
   }
 }
+const DEFAULT_OPENAI_BASE_URL = "https://api.openai.com/v1";
+const PRESET_BASE_URL_ORIGINS = /* @__PURE__ */ new Set([
+  "https://api.openai.com",
+  "https://openrouter.ai",
+  "https://api.kilo.ai",
+  "http://localhost:11434",
+  "http://127.0.0.1:11434"
+]);
+function getOrigin(rawBaseUrl) {
+  try {
+    return new URL(rawBaseUrl).origin;
+  } catch {
+    return null;
+  }
+}
+function isAllowedClientBaseUrl(rawBaseUrl) {
+  const parsed = new URL(rawBaseUrl);
+  if (!["http:", "https:"].includes(parsed.protocol)) return false;
+  if (parsed.username || parsed.password) return false;
+  const hostname = parsed.hostname.toLowerCase();
+  const isLocalHost = hostname === "localhost" || hostname === "127.0.0.1" || hostname === "::1";
+  if (!isLocalHost && parsed.protocol !== "https:") return false;
+  const origin = parsed.origin;
+  if (PRESET_BASE_URL_ORIGINS.has(origin)) return true;
+  const envBaseUrl = process.env.LLM_BASE_URL?.trim();
+  const envOrigin = envBaseUrl ? getOrigin(envBaseUrl) : null;
+  return Boolean(envOrigin && envOrigin === origin);
+}
+function detectProvider(rawBaseUrl) {
+  const baseUrl = rawBaseUrl?.toLowerCase() || "";
+  if (baseUrl.includes("openrouter.ai")) return "openrouter";
+  if (baseUrl.includes("kilo.ai")) return "kilocode";
+  return "openai";
+}
 function getLlmConfig(request) {
   const headerKey = request.headers.get("X-OpenAI-API-Key");
   const headerBaseUrl = request.headers.get("X-LLM-Base-URL")?.trim() || null;
-  const baseUrl = headerBaseUrl || process.env.LLM_BASE_URL?.trim() || null;
-  const isOpenRouter = baseUrl?.includes("openrouter.ai");
-  const isKilocode = baseUrl?.includes("kilo.ai");
-  const envKey = isOpenRouter ? process.env.OPENROUTER_API_KEY?.trim() || process.env.OPENAI_API_KEY?.trim() : isKilocode ? process.env.KILOCODE_API_KEY?.trim() || process.env.OPENAI_API_KEY?.trim() : process.env.OPENAI_API_KEY?.trim();
+  const envBaseUrl = process.env.LLM_BASE_URL?.trim() || null;
+  if (headerBaseUrl) {
+    const origin = getOrigin(headerBaseUrl);
+    if (!origin || !isAllowedClientBaseUrl(headerBaseUrl)) {
+      return {
+        apiKey: null,
+        baseUrl: null,
+        model: null,
+        error: "Disallowed X-LLM-Base-URL value"
+      };
+    }
+  }
+  const baseUrl = headerBaseUrl || envBaseUrl || DEFAULT_OPENAI_BASE_URL;
+  const provider = detectProvider(baseUrl);
+  const envKey = provider === "openrouter" ? process.env.OPENROUTER_API_KEY?.trim() || process.env.OPENAI_API_KEY?.trim() : provider === "kilocode" ? process.env.KILOCODE_API_KEY?.trim() || process.env.OPENAI_API_KEY?.trim() : process.env.OPENAI_API_KEY?.trim();
   const apiKey = headerKey?.trim() || envKey || null;
   const model = request.headers.get("X-LLM-Model")?.trim() || process.env.LLM_MODEL?.trim() || null;
-  return { apiKey, baseUrl, model };
+  return { apiKey, baseUrl, model, error: null };
 }
 function generateHeuristicTitle(message) {
   let text = message.replace(/```[\s\S]*?```/g, " ");
@@ -1844,6 +2212,12 @@ const Route$g = createFileRoute("/api/llm-features")({
                 });
               }
               const llmConfig = getLlmConfig(request);
+              if (llmConfig.error) {
+                return json({
+                  ok: false,
+                  error: llmConfig.error
+                }, { status: 400 });
+              }
               if (!llmConfig.apiKey && !llmConfig.baseUrl?.includes("localhost")) {
                 const title = generateHeuristicTitle(message);
                 return json({
@@ -1884,6 +2258,12 @@ const Route$g = createFileRoute("/api/llm-features")({
                 });
               }
               const llmConfig = getLlmConfig(request);
+              if (llmConfig.error) {
+                return json({
+                  ok: false,
+                  error: llmConfig.error
+                }, { status: 400 });
+              }
               if (!llmConfig.apiKey && !llmConfig.baseUrl?.includes("localhost")) {
                 return json({
                   ok: true,
@@ -1914,6 +2294,12 @@ const Route$g = createFileRoute("/api/llm-features")({
             }
             case "test": {
               const llmConfig = getLlmConfig(request);
+              if (llmConfig.error) {
+                return json({
+                  ok: false,
+                  error: llmConfig.error
+                }, { status: 400 });
+              }
               if (!llmConfig.apiKey && !llmConfig.baseUrl?.includes("localhost")) {
                 return json({
                   ok: false,
@@ -1921,7 +2307,11 @@ const Route$g = createFileRoute("/api/llm-features")({
                 });
               }
               try {
-                const valid = await testApiKey(llmConfig.apiKey || "");
+                const valid = await testApiKey({
+                  apiKey: llmConfig.apiKey || "",
+                  ...llmConfig.baseUrl ? { baseUrl: llmConfig.baseUrl } : {},
+                  ...llmConfig.model ? { model: llmConfig.model } : {}
+                });
                 return json({
                   ok: true,
                   valid
@@ -3095,10 +3485,8 @@ const Route$5 = createFileRoute("/api/files/info")({
             );
           }
           const path2 = validatePath(rawPath, "Path parameter");
-          const root = process.env.FILES_ROOT?.trim() ? resolve(process.env.FILES_ROOT) : process.env.HOME || "/home";
-          const absolutePath = resolve(root, path2.replace(/^\/+/, ""));
-          const stats = await stat(absolutePath);
-          return json({ size: stats.size });
+          const fileInfo = await getFileInfo(path2);
+          return json({ size: fileInfo.size });
         } catch (err) {
           const error = err;
           if (error.message.includes("invalid characters") || error.message.includes("traversal attempts")) {
@@ -3194,11 +3582,6 @@ function encodeFilename(filename) {
   const encodedFilename = encodeURIComponent(filename);
   return `filename*=UTF-8''${encodedFilename}`;
 }
-function isStaticAsset(filename) {
-  const ext = filename.split(".").pop()?.toLowerCase() || "";
-  const staticExts = ["png", "jpg", "jpeg", "gif", "webp", "svg", "css", "js", "woff", "woff2", "ttf", "otf"];
-  return staticExts.includes(ext);
-}
 const Route$4 = createFileRoute("/api/files/download")({
   server: {
     handlers: {
@@ -3226,13 +3609,9 @@ const Route$4 = createFileRoute("/api/files/download")({
           const headers = {
             "Content-Type": contentType,
             "Content-Disposition": contentDisposition,
-            "Content-Length": content.byteLength.toString()
+            "Content-Length": content.byteLength.toString(),
+            "Cache-Control": "private, no-store"
           };
-          if (isStaticAsset(fileInfo.name)) {
-            headers["Cache-Control"] = "public, max-age=31536000";
-          } else {
-            headers["Cache-Control"] = "no-cache";
-          }
           return new Response(content, { headers });
         } catch (err) {
           const error = err;