lzh/picoclaw
1
0
Fork 0
mirror of https://github.com/sipeed/picoclaw.git synced 2026-06-12 18:08:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
42e3aaff35c6568721d8e2dc21ab6babcc32c20f
picoclaw/docs
T
History
zeed zhao 6ea364e67d feat(web): protect launcher dashboard with token and SPA login (#1953) 
Add token-based authentication for the Launcher's embedded Web Dashboard.

- Ephemeral token generated in-memory each run (or via PICOCLAW_LAUNCHER_TOKEN env var)
- HMAC-SHA256 session cookie (HttpOnly, SameSite=Lax, Secure when HTTPS)
- Bearer token support for API/script access
- Rate limiting on login (10 attempts/IP/min)
- Referrer-Policy: no-referrer on all responses
- POST-only logout with JSON content-type (CSRF-safe)
- System tray "Copy dashboard token" action
- Login page shows contextual help (console/tray/log file path)
- Path traversal protection via path.Clean
- X-Forwarded-Host/Port/Proto support for reverse proxy deployments
- Full i18n support (English, Chinese)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-29 13:11:43 +08:00
..
agent-refactor
merge: resolve conflicts between refactor/agent and main
2026-03-22 19:21:58 +08:00
channels
docs(wecom): add fr/ja/pt-br/vi translations for unified WeCom channel docs
2026-03-28 03:58:52 -07:00
design
merge: resolve conflicts between refactor/agent and main
2026-03-22 19:21:58 +08:00
fr
Feat/move weixin login to auth and update docs (#1945)
2026-03-24 06:33:35 +01:00
hooks
merge: resolve conflicts between refactor/agent and main
2026-03-22 19:21:58 +08:00
it
docs: add Italian language
2026-03-18 19:41:57 +01:00
ja
Feat/move weixin login to auth and update docs (#1945)
2026-03-24 06:33:35 +01:00
migration
docs: fix inaccuracies, add translations, and expand channel docs (#1837)
2026-03-20 22:37:05 +08:00
my
docs: add Malay README and docs, add v0.2.4 news to all languages
2026-03-28 18:46:21 +08:00
pt-br
Feat/move weixin login to auth and update docs (#1945)
2026-03-24 06:33:35 +01:00
vi
Feat/move weixin login to auth and update docs (#1945)
2026-03-24 06:33:35 +01:00
zh
feat(web): protect launcher dashboard with token and SPA login (#1953)
2026-03-29 13:11:43 +08:00
ANTIGRAVITY_AUTH.md
docs: fix inaccuracies, add translations, and expand channel docs (#1837)
2026-03-20 22:37:05 +08:00
ANTIGRAVITY_USAGE.md
fix: correct docs misalignment across translations and guides
2026-02-20 18:23:22 +03:00
chat-apps.md
docs(wecom): align docs with unified channel
2026-03-24 21:53:35 +08:00
config-versioning.md
refactor Config to add Version and migratable
2026-03-12 13:52:55 +08:00
configuration.md
feat(web): protect launcher dashboard with token and SPA login (#1953)
2026-03-29 13:11:43 +08:00
credential_encryption.md
update security migration documents
2026-03-24 13:38:13 +08:00
debug.md
feat(tool): debug tool usage via channels (#1332)
2026-03-19 18:08:50 +08:00
docker.md
feat(web): protect launcher dashboard with token and SPA login (#1953)
2026-03-29 13:11:43 +08:00
hardware-compatibility.md
docs: fix inaccuracies, add translations, and expand channel docs (#1837)
2026-03-20 22:37:05 +08:00
providers.md
docs(providers): clarify automatic model failover cascade
2026-03-27 02:29:48 +08:00
security_configuration.md
update security migration documents
2026-03-24 13:38:13 +08:00
sensitive_data_filtering.md
feat(security): add sensitive data filtering for tool results sent to
2026-03-23 20:55:41 +08:00
spawn-tasks.md
docs: fix inaccuracies, add translations, and expand channel docs (#1837)
2026-03-20 22:37:05 +08:00
steering.md
fix(agent) scope steering
2026-03-20 19:44:00 +01:00
subturn.md
merge: resolve conflicts between refactor/agent and main
2026-03-22 19:21:58 +08:00
tools_configuration.md
fix conf
2026-03-26 21:27:35 +01:00
troubleshooting.md
docs: fix inaccuracies, add translations, and expand channel docs (#1837)
2026-03-20 22:37:05 +08:00