mirror of
https://github.com/yuangyaa/openclaw.git
synced 2026-07-19 13:47:57 +08:00
Control UI connections authenticated via gateway.auth.mode=trusted-proxy were still forced through device pairing because pairing bypass only considered shared token/password auth (sharedAuthOk). In trusted-proxy deployments, this produced persistent "pairing required" failures despite valid trusted proxy headers. Treat authenticated trusted-proxy control-ui connections as pairing-bypass eligible and allow missing device identity in that mode. Fixes #25293 Co-authored-by: Cursor <cursoragent@cursor.com>