From 2cb6279d6fb22cf69ae78b8bd82dad831e0d1f42 Mon Sep 17 00:00:00 2001
From: zhengkunwang223 <1paneldev@sina.com>
Date: Wed, 25 Mar 2026 10:38:17 +0800
Subject: [PATCH 1/3] feat: change openclaw upgrade logic
---
agent/app/service/agents_utils.go | 33 +++++++++++--
agent/app/service/app_utils.go | 3 ++
agent/init/migration/migrate.go | 1 -
agent/init/migration/migrations/init.go | 7 ---
.../migrations/utils/openclaw_caddyfile.go | 42 -----------------
agent/utils/openclaw/caddyfile.go | 47 -------------------
6 files changed, 32 insertions(+), 101 deletions(-)
delete mode 100644 agent/init/migration/migrations/utils/openclaw_caddyfile.go
delete mode 100644 agent/utils/openclaw/caddyfile.go
diff --git a/agent/app/service/agents_utils.go b/agent/app/service/agents_utils.go
index 3659fab616f1..274f71666c7a 100644
--- a/agent/app/service/agents_utils.go
+++ b/agent/app/service/agents_utils.go
@@ -21,7 +21,6 @@ import (
"github.com/1Panel-dev/1Panel/agent/global"
"github.com/1Panel-dev/1Panel/agent/utils/common"
"github.com/1Panel-dev/1Panel/agent/utils/files"
- openclawutil "github.com/1Panel-dev/1Panel/agent/utils/openclaw"
"github.com/1Panel-dev/1Panel/agent/utils/req_helper"
"gorm.io/gorm"
)
@@ -388,9 +387,6 @@ func migrateOpenclawHTTPSUpgradeWithSystemIP(install *model.AppInstall, fromVers
return nil
}
migrateOpenclawInstallPorts(install)
- if err := openclawutil.WriteCatchAllCaddyfile(install.GetPath()); err != nil {
- return err
- }
configPath := path.Join(install.GetPath(), "data", "conf", "openclaw.json")
var allowedOrigins []string
if conf, err := readOpenclawConfig(configPath); err == nil {
@@ -417,6 +413,35 @@ func migrateOpenclawHTTPSUpgradeWithSystemIP(install *model.AppInstall, fromVers
return migrateOpenclawInstallEnv(install, allowedOrigins)
}
+func shouldRewriteOpenclawBundledCaddyfileOnUpgrade(install *model.AppInstall, fromVersion, toVersion string) bool {
+ if install == nil || install.App.Key != constant.AppOpenclaw {
+ return false
+ }
+ if strings.TrimSpace(fromVersion) != openclawHTTPSVersion {
+ return false
+ }
+ return common.CompareVersion(strings.TrimSpace(toVersion), openclawHTTPSVersion)
+}
+
+func rewriteOpenclawBundledCaddyfileOnUpgrade(install *model.AppInstall, fromVersion, toVersion, sourceAppDir string) error {
+ if !shouldRewriteOpenclawBundledCaddyfileOnUpgrade(install, fromVersion, toVersion) {
+ return nil
+ }
+ return copyOpenclawBundledCaddyfile(sourceAppDir, install.GetPath())
+}
+
+func copyOpenclawBundledCaddyfile(sourceAppDir, installPath string) error {
+ sourcePath := path.Join(sourceAppDir, "data", "caddy", "Caddyfile")
+ targetDir := path.Join(installPath, "data", "caddy")
+ fileOp := files.NewFileOp()
+ if !fileOp.Stat(targetDir) {
+ if err := fileOp.CreateDir(targetDir, constant.DirPerm); err != nil {
+ return err
+ }
+ }
+ return fileOp.CopyFile(sourcePath, targetDir)
+}
+
func migrateOpenclawInstallPorts(install *model.AppInstall) {
if install == nil {
return
diff --git a/agent/app/service/app_utils.go b/agent/app/service/app_utils.go
index d7c82541fb6d..436b8b1b05f3 100644
--- a/agent/app/service/app_utils.go
+++ b/agent/app/service/app_utils.go
@@ -805,6 +805,9 @@ func upgradeInstall(req request.AppInstallUpgrade) error {
if err = migrateOpenclawHTTPSUpgrade(&install, oldVersion, detail.Version); err != nil {
return err
}
+ if err = rewriteOpenclawBundledCaddyfileOnUpgrade(&install, oldVersion, detail.Version, detailDir); err != nil {
+ return err
+ }
if req.DockerCompose == "" {
newCompose, err = getUpgradeCompose(install, detail)
if err != nil {
diff --git a/agent/init/migration/migrate.go b/agent/init/migration/migrate.go
index b28386e47adb..b1c785f333e1 100644
--- a/agent/init/migration/migrate.go
+++ b/agent/init/migration/migrate.go
@@ -72,7 +72,6 @@ func InitAgentDB() {
migrations.AddAgentTypeForAgents,
migrations.NormalizeAgentAccountVerifiedStatus,
migrations.NormalizeOllamaAccountAPIType,
- migrations.RewriteOpenclawBundledCaddyfile,
migrations.InitAgentAccountModelPool,
migrations.AddHostTable,
migrations.AddAITerminalSettings,
diff --git a/agent/init/migration/migrations/init.go b/agent/init/migration/migrations/init.go
index 0654432ea8bc..2b7268239645 100644
--- a/agent/init/migration/migrations/init.go
+++ b/agent/init/migration/migrations/init.go
@@ -989,13 +989,6 @@ var NormalizeOllamaAccountAPIType = &gormigrate.Migration{
},
}
-var RewriteOpenclawBundledCaddyfile = &gormigrate.Migration{
- ID: "20260318-rewrite-openclaw-bundled-caddyfile",
- Migrate: func(tx *gorm.DB) error {
- return migrationutils.RewriteOpenclawBundledCaddyfile(tx)
- },
-}
-
var InitAgentAccountModelPool = &gormigrate.Migration{
ID: "20260319-init-agent-account-model-pool",
Migrate: func(tx *gorm.DB) error {
diff --git a/agent/init/migration/migrations/utils/openclaw_caddyfile.go b/agent/init/migration/migrations/utils/openclaw_caddyfile.go
deleted file mode 100644
index 75079a678063..000000000000
--- a/agent/init/migration/migrations/utils/openclaw_caddyfile.go
+++ /dev/null
@@ -1,42 +0,0 @@
-package utils
-
-import (
- "strings"
-
- "github.com/1Panel-dev/1Panel/agent/app/model"
- "github.com/1Panel-dev/1Panel/agent/constant"
- openclawutil "github.com/1Panel-dev/1Panel/agent/utils/openclaw"
-
- "gorm.io/gorm"
-)
-
-const (
- openclawVersionWithBundledCaddyMigration = "2026.3.13"
-)
-
-func RewriteOpenclawCaddyfileForVersion(tx *gorm.DB, version string) error {
- targetVersion := strings.TrimSpace(version)
- if targetVersion == "" {
- return nil
- }
- var installs []model.AppInstall
- if err := tx.Preload("App").Find(&installs).Error; err != nil {
- return err
- }
- for _, install := range installs {
- if install.App.Key != constant.AppOpenclaw {
- continue
- }
- if strings.TrimSpace(install.Version) != targetVersion {
- continue
- }
- if err := openclawutil.WriteCatchAllCaddyfile(install.GetPath()); err != nil {
- return err
- }
- }
- return nil
-}
-
-func RewriteOpenclawBundledCaddyfile(tx *gorm.DB) error {
- return RewriteOpenclawCaddyfileForVersion(tx, openclawVersionWithBundledCaddyMigration)
-}
diff --git a/agent/utils/openclaw/caddyfile.go b/agent/utils/openclaw/caddyfile.go
deleted file mode 100644
index 3342c03cbf43..000000000000
--- a/agent/utils/openclaw/caddyfile.go
+++ /dev/null
@@ -1,47 +0,0 @@
-package openclaw
-
-import (
- "fmt"
- "os"
- "path"
-
- "github.com/1Panel-dev/1Panel/agent/constant"
-)
-
-const (
- gatewayPort = 18789
- caddyPort = 8443
- caddyDataPerm = 0o777
-)
-
-func BuildCatchAllCaddyfile() string {
- return fmt.Sprintf(`{
- admin off
- auto_https disable_redirects
- skip_install_trust
- storage file_system {
- root /data/caddy
- }
-}
-
-https://:%d {
- bind 0.0.0.0
- tls internal {
- on_demand
- }
- reverse_proxy 127.0.0.1:%d
-}
-`, caddyPort, gatewayPort)
-}
-
-func WriteCatchAllCaddyfile(installPath string) error {
- caddyDir := path.Join(installPath, "data", "caddy")
- caddyDataDir := path.Join(caddyDir, "data")
- if err := os.MkdirAll(caddyDataDir, constant.DirPerm); err != nil {
- return err
- }
- if err := os.Chmod(caddyDataDir, caddyDataPerm); err != nil {
- return err
- }
- return os.WriteFile(path.Join(caddyDir, "Caddyfile"), []byte(BuildCatchAllCaddyfile()), constant.FilePerm)
-}
From 8bd5a18c7f06dae88ae8d24890dc39c0c6239ba5 Mon Sep 17 00:00:00 2001
From: zhengkunwang223 <1paneldev@sina.com>
Date: Wed, 25 Mar 2026 12:05:11 +0800
Subject: [PATCH 2/3] feat: change openclaw upgrade logic
---
agent/app/service/agents.go | 7 +-
agent/app/service/agents_utils.go | 129 +++++++++++-------
agent/app/service/app_utils.go | 5 +-
frontend/src/lang/modules/en.ts | 9 +-
frontend/src/lang/modules/es-es.ts | 9 +-
frontend/src/lang/modules/ja.ts | 9 +-
frontend/src/lang/modules/ko.ts | 9 +-
frontend/src/lang/modules/ms.ts | 9 +-
frontend/src/lang/modules/pt-br.ts | 9 +-
frontend/src/lang/modules/ru.ts | 9 +-
frontend/src/lang/modules/tr.ts | 9 +-
frontend/src/lang/modules/zh-Hant.ts | 12 +-
frontend/src/lang/modules/zh.ts | 12 +-
frontend/src/utils/agent.ts | 25 +++-
.../src/views/ai/agents/agent/add/index.vue | 10 +-
.../views/ai/agents/agent/config/index.vue | 7 +-
.../ai/agents/agent/config/tabs/settings.vue | 8 +-
.../agent/config/tabs/settings/security.vue | 15 +-
frontend/src/views/ai/agents/agent/index.vue | 18 +--
.../app-store/installed/upgrade/index.vue | 34 +----
20 files changed, 169 insertions(+), 185 deletions(-)
diff --git a/agent/app/service/agents.go b/agent/app/service/agents.go
index 75b64daff13c..34e7e6574d64 100644
--- a/agent/app/service/agents.go
+++ b/agent/app/service/agents.go
@@ -81,6 +81,7 @@ const (
openclawGatewayPort = 18789
openclawAllowedOriginHost = "127.0.0.1"
openclawHTTPSVersion = "2026.3.13"
+ openclawHTTPVersion = "2026.3.23"
openclawTrustedProxyLoopback = "127.0.0.1/32"
defaultOpenclawNPMRegistry = "https://registry.npmjs.org/"
)
@@ -178,7 +179,11 @@ func (a AgentService) Create(req dto.AgentCreateReq) (*dto.AgentItem, error) {
constant.HostIP: "",
}
if agentType == constant.AppOpenclaw {
- params["PANEL_APP_PORT_HTTPS"] = req.WebUIPort
+ if isOpenclawHTTPSWindowVersion(detail.Version) {
+ params["PANEL_APP_PORT_HTTPS"] = req.WebUIPort
+ } else {
+ params["PANEL_APP_PORT_HTTP"] = req.WebUIPort
+ }
if allowedOrigin := firstAllowedOrigin(allowedOrigins); allowedOrigin != "" {
params["ALLOWED_ORIGIN"] = allowedOrigin
}
diff --git a/agent/app/service/agents_utils.go b/agent/app/service/agents_utils.go
index 274f71666c7a..45a087c1eda8 100644
--- a/agent/app/service/agents_utils.go
+++ b/agent/app/service/agents_utils.go
@@ -339,7 +339,7 @@ func buildAgentItem(agent *model.Agent, appInstall *model.AppInstall, envMap map
item.Container = appInstall.ContainerName
item.AppVersion = appInstall.Version
if agentType == constant.AppOpenclaw {
- if isOpenclawHTTPSVersion(appInstall.Version) {
+ if isOpenclawHTTPSWindowVersion(appInstall.Version) {
item.WebUIPort = appInstall.HttpsPort
} else {
item.WebUIPort = appInstall.HttpPort
@@ -359,34 +359,53 @@ func buildAgentItem(agent *model.Agent, appInstall *model.AppInstall, envMap map
return item
}
-func isOpenclawHTTPSVersion(version string) bool {
- target := strings.TrimSpace(strings.ToLower(version))
- if target == "" || target == "latest" {
- return true
- }
- if !strings.ContainsAny(target, "0123456789") {
- return true
- }
- return common.CompareAppVersion(target, openclawHTTPSVersion)
+func isOpenclawLegacyHTTPVersion(version string) bool {
+ return !common.CompareAppVersion(version, openclawHTTPSVersion)
+}
+
+func isOpenclawHTTPSWindowVersion(version string) bool {
+ return common.CompareAppVersion(version, openclawHTTPSVersion) && !common.CompareAppVersion(version, openclawHTTPVersion)
+}
+
+func isOpenclawCurrentHTTPVersion(version string) bool {
+ return common.CompareAppVersion(version, openclawHTTPVersion)
}
func shouldMigrateOpenclawHTTPSUpgrade(install *model.AppInstall, fromVersion, toVersion string) bool {
if install == nil || install.App.Key != constant.AppOpenclaw {
return false
}
- return !isOpenclawHTTPSVersion(fromVersion) && isOpenclawHTTPSVersion(toVersion)
+ return isOpenclawLegacyHTTPVersion(fromVersion) && isOpenclawHTTPSWindowVersion(toVersion)
+}
+
+func shouldMigrateOpenclawHTTPUpgrade(install *model.AppInstall, fromVersion, toVersion string) bool {
+ if install == nil || install.App.Key != constant.AppOpenclaw {
+ return false
+ }
+ return !isOpenclawCurrentHTTPVersion(fromVersion) && isOpenclawCurrentHTTPVersion(toVersion)
}
-func migrateOpenclawHTTPSUpgrade(install *model.AppInstall, fromVersion, toVersion string) error {
+func migrateOpenclawProtocolUpgrade(install *model.AppInstall, fromVersion, toVersion string) error {
systemIP, _ := settingRepo.GetValueByKey("SystemIP")
- return migrateOpenclawHTTPSUpgradeWithSystemIP(install, fromVersion, toVersion, systemIP)
+ return migrateOpenclawProtocolUpgradeWithSystemIP(install, fromVersion, toVersion, systemIP)
}
-func migrateOpenclawHTTPSUpgradeWithSystemIP(install *model.AppInstall, fromVersion, toVersion, systemIP string) error {
- if !shouldMigrateOpenclawHTTPSUpgrade(install, fromVersion, toVersion) {
- return nil
+func migrateOpenclawProtocolUpgradeWithSystemIP(install *model.AppInstall, fromVersion, toVersion, systemIP string) error {
+ if shouldMigrateOpenclawHTTPSUpgrade(install, fromVersion, toVersion) {
+ return applyOpenclawProtocolUpgradeWithSystemIP(install, toVersion, systemIP, true)
+ }
+ if shouldMigrateOpenclawHTTPUpgrade(install, fromVersion, toVersion) {
+ return applyOpenclawProtocolUpgradeWithSystemIP(install, toVersion, systemIP, false)
+ }
+ return nil
+}
+
+func applyOpenclawProtocolUpgradeWithSystemIP(install *model.AppInstall, toVersion, systemIP string, useHTTPS bool) error {
+ if useHTTPS {
+ migrateOpenclawInstallPortsToHTTPS(install)
+ } else {
+ migrateOpenclawInstallPortsToHTTP(install)
}
- migrateOpenclawInstallPorts(install)
configPath := path.Join(install.GetPath(), "data", "conf", "openclaw.json")
var allowedOrigins []string
if conf, err := readOpenclawConfig(configPath); err == nil {
@@ -396,8 +415,12 @@ func migrateOpenclawHTTPSUpgradeWithSystemIP(install *model.AppInstall, fromVers
if originHost == "" {
originHost = openclawAllowedOriginHost
}
- if install.HttpsPort > 0 {
- allowedOrigin, err := buildOpenclawAllowedOrigin(originHost, install.HttpsPort)
+ port := install.HttpPort
+ if useHTTPS {
+ port = install.HttpsPort
+ }
+ if port > 0 {
+ allowedOrigin, err := buildOpenclawAllowedOrigin(openclawAllowedOriginScheme(toVersion), originHost, port)
if err == nil {
conf, err := readOpenclawConfig(configPath)
if err != nil {
@@ -413,36 +436,14 @@ func migrateOpenclawHTTPSUpgradeWithSystemIP(install *model.AppInstall, fromVers
return migrateOpenclawInstallEnv(install, allowedOrigins)
}
-func shouldRewriteOpenclawBundledCaddyfileOnUpgrade(install *model.AppInstall, fromVersion, toVersion string) bool {
- if install == nil || install.App.Key != constant.AppOpenclaw {
- return false
- }
- if strings.TrimSpace(fromVersion) != openclawHTTPSVersion {
- return false
- }
- return common.CompareVersion(strings.TrimSpace(toVersion), openclawHTTPSVersion)
-}
-
-func rewriteOpenclawBundledCaddyfileOnUpgrade(install *model.AppInstall, fromVersion, toVersion, sourceAppDir string) error {
- if !shouldRewriteOpenclawBundledCaddyfileOnUpgrade(install, fromVersion, toVersion) {
- return nil
+func openclawAllowedOriginScheme(version string) string {
+ if isOpenclawHTTPSWindowVersion(version) {
+ return "https"
}
- return copyOpenclawBundledCaddyfile(sourceAppDir, install.GetPath())
+ return "http"
}
-func copyOpenclawBundledCaddyfile(sourceAppDir, installPath string) error {
- sourcePath := path.Join(sourceAppDir, "data", "caddy", "Caddyfile")
- targetDir := path.Join(installPath, "data", "caddy")
- fileOp := files.NewFileOp()
- if !fileOp.Stat(targetDir) {
- if err := fileOp.CreateDir(targetDir, constant.DirPerm); err != nil {
- return err
- }
- }
- return fileOp.CopyFile(sourcePath, targetDir)
-}
-
-func migrateOpenclawInstallPorts(install *model.AppInstall) {
+func migrateOpenclawInstallPortsToHTTPS(install *model.AppInstall) {
if install == nil {
return
}
@@ -454,6 +455,18 @@ func migrateOpenclawInstallPorts(install *model.AppInstall) {
}
}
+func migrateOpenclawInstallPortsToHTTP(install *model.AppInstall) {
+ if install == nil {
+ return
+ }
+ if install.HttpPort == 0 && install.HttpsPort > 0 {
+ install.HttpPort = install.HttpsPort
+ }
+ if install.HttpsPort > 0 {
+ install.HttpsPort = 0
+ }
+}
+
func migrateOpenclawInstallEnv(install *model.AppInstall, allowedOrigins []string) error {
if install == nil {
return nil
@@ -466,11 +479,20 @@ func migrateOpenclawInstallEnv(install *model.AppInstall, allowedOrigins []strin
}
if install.HttpsPort > 0 {
envMap["PANEL_APP_PORT_HTTPS"] = install.HttpsPort
+ } else {
+ delete(envMap, "PANEL_APP_PORT_HTTPS")
+ }
+ if install.HttpPort > 0 {
+ envMap["PANEL_APP_PORT_HTTP"] = install.HttpPort
+ }
+ if install.HttpPort == 0 {
+ delete(envMap, "PANEL_APP_PORT_HTTP")
}
if allowedOrigin := firstAllowedOrigin(allowedOrigins); allowedOrigin != "" {
envMap["ALLOWED_ORIGIN"] = allowedOrigin
+ } else {
+ delete(envMap, "ALLOWED_ORIGIN")
}
- delete(envMap, "PANEL_APP_PORT_HTTP")
payload, err := json.Marshal(envMap)
if err != nil {
return err
@@ -512,19 +534,20 @@ func firstAllowedOrigin(allowedOrigins []string) string {
return ""
}
-func buildOpenclawAllowedOrigin(host string, port int) (string, error) {
+func buildOpenclawAllowedOrigin(scheme, host string, port int) (string, error) {
+ scheme = strings.TrimSpace(strings.ToLower(scheme))
host = strings.TrimSpace(host)
- if host == "" || port <= 0 {
+ if (scheme != "http" && scheme != "https") || host == "" || port <= 0 {
return "", fmt.Errorf("invalid openclaw allowed origin")
}
if strings.Contains(host, ":") && !strings.HasPrefix(host, "[") && strings.Count(host, ":") > 1 {
host = "[" + host + "]"
}
- return normalizeAllowedOrigin(fmt.Sprintf("https://%s:%d", host, port))
+ return normalizeAllowedOrigin(fmt.Sprintf("%s://%s:%d", scheme, host, port))
}
func checkAgentUpgradable(install model.AppInstall) bool {
- if install.ID == 0 || install.Version == "" || install.Version == "latest" {
+ if install.ID == 0 || install.Version == "" {
return false
}
if install.App.ID == 0 {
@@ -676,7 +699,7 @@ func writeOpenclawConfig(confDir string, account *model.AgentAccount, modelName,
cfg := openclawConfig{
Gateway: gatewayConfig{
Mode: "local",
- Bind: "loopback",
+ Bind: "lan",
Port: openclawGatewayPort,
Auth: gatewayAuth{
Mode: "token",
@@ -769,7 +792,7 @@ func writeOpenclawConfig(confDir string, account *model.AgentAccount, modelName,
gatewayMap["mode"] = "local"
}
if _, ok := gatewayMap["bind"]; !ok {
- gatewayMap["bind"] = "loopback"
+ gatewayMap["bind"] = "lan"
}
if _, ok := gatewayMap["port"]; !ok {
gatewayMap["port"] = openclawGatewayPort
diff --git a/agent/app/service/app_utils.go b/agent/app/service/app_utils.go
index 436b8b1b05f3..97f849e1f1e7 100644
--- a/agent/app/service/app_utils.go
+++ b/agent/app/service/app_utils.go
@@ -802,10 +802,7 @@ func upgradeInstall(req request.AppInstallUpgrade) error {
}
var newCompose string
- if err = migrateOpenclawHTTPSUpgrade(&install, oldVersion, detail.Version); err != nil {
- return err
- }
- if err = rewriteOpenclawBundledCaddyfileOnUpgrade(&install, oldVersion, detail.Version, detailDir); err != nil {
+ if err = migrateOpenclawProtocolUpgrade(&install, oldVersion, detail.Version); err != nil {
return err
}
if req.DockerCompose == "" {
diff --git a/frontend/src/lang/modules/en.ts b/frontend/src/lang/modules/en.ts
index 400e2e0a324b..8cf561a3092f 100644
--- a/frontend/src/lang/modules/en.ts
+++ b/frontend/src/lang/modules/en.ts
@@ -681,9 +681,6 @@ const message = {
appVersion: 'App Version',
webuiPort: 'WebUI Port',
allowedOrigins: 'Access Addresses',
- allowedOriginsHelper:
- 'Enter one full access address per line. HTTPS is recommended, for example https://192.168.1.2:18789. Fill it manually if the default access address is not configured.',
- allowedOriginsPlaceholder: 'https://192.168.1.2:18789',
allowedOriginsRequired: 'Enter at least one access address',
allowedOriginsInvalid: 'Use the format http(s)://host-or-ip[:port]',
provider: 'Provider',
@@ -2472,11 +2469,11 @@ const message = {
upgradeWarn:
'Upgrading the application will replace the docker-compose.yml file. If there are any changes, you can click to view the file comparison',
openclawHttpsUpgradeNoticeTitle:
- 'Note: The following instructions only apply to users upgrading OpenClaw from versions earlier than 2026.3.13:',
+ 'Note: The following instructions only apply to users upgrading OpenClaw from versions 2026.3.13 through 2026.3.22 to 2026.3.23 or later:',
openclawHttpsUpgradeNoticeItem1:
- 'After the deployed agent is upgraded, go to Configuration -> Settings -> Security and manually add the access address.',
+ 'After the upgrade, agent access switches back to HTTP. Go to Configuration -> Settings -> Security and check the access address.',
openclawHttpsUpgradeNoticeItem2:
- 'The new version now requires HTTPS to access the agent. If you previously used a reverse proxy website, change the proxy target to https://IP:Port.',
+ 'If you previously used a reverse proxy website, change the proxy target to http://IP:Port.',
newVersion: 'New version',
oldVersion: 'Current version',
composeDiff: 'File comparison',
diff --git a/frontend/src/lang/modules/es-es.ts b/frontend/src/lang/modules/es-es.ts
index 158435e0bb2a..f413c0f546fa 100644
--- a/frontend/src/lang/modules/es-es.ts
+++ b/frontend/src/lang/modules/es-es.ts
@@ -689,9 +689,6 @@ const message = {
appVersion: 'Versión de la app',
webuiPort: 'Puerto WebUI',
allowedOrigins: 'Direcciones de acceso',
- allowedOriginsHelper:
- 'Introduce una dirección de acceso completa por línea. Se recomienda usar HTTPS, por ejemplo https://192.168.1.2:18789. Si no hay una dirección predeterminada configurada, rellénala manualmente.',
- allowedOriginsPlaceholder: 'https://192.168.1.2:18789',
allowedOriginsRequired: 'Introduce al menos una dirección de acceso',
allowedOriginsInvalid: 'Usa el formato http(s)://host-o-ip[:puerto]',
provider: 'Proveedor de modelos',
@@ -2520,11 +2517,11 @@ const message = {
reload: 'Recargar',
upgradeWarn: 'Actualizar reemplazará docker-compose.yml. Si hay cambios, puede ver la comparación.',
openclawHttpsUpgradeNoticeTitle:
- 'Nota: Las siguientes instrucciones solo se aplican a los usuarios que actualizan OpenClaw desde versiones anteriores a 2026.3.13:',
+ 'Note: The following instructions only apply to users upgrading OpenClaw from versions 2026.3.13 through 2026.3.22 to 2026.3.23 or later:',
openclawHttpsUpgradeNoticeItem1:
- 'Después de actualizar el agente desplegado, vaya a Configuración -> Ajustes -> Seguridad y agregue manualmente la dirección de acceso.',
+ 'After the upgrade, agent access switches back to HTTP. Go to Configuration -> Settings -> Security and check the access address.',
openclawHttpsUpgradeNoticeItem2:
- 'La nueva versión exige HTTPS para acceder al agente. Si antes usaba un sitio con proxy inverso, cambie el destino del proxy a https://IP:Port.',
+ 'If you previously used a reverse proxy website, change the proxy target to http://IP:Port.',
newVersion: 'Nueva versión',
oldVersion: 'Versión actual',
composeDiff: 'Comparación de archivos',
diff --git a/frontend/src/lang/modules/ja.ts b/frontend/src/lang/modules/ja.ts
index 10a76cd09821..178ce74f77c8 100644
--- a/frontend/src/lang/modules/ja.ts
+++ b/frontend/src/lang/modules/ja.ts
@@ -682,9 +682,6 @@ const message = {
appVersion: 'アプリバージョン',
webuiPort: 'WebUI ポート',
allowedOrigins: 'アクセスアドレス',
- allowedOriginsHelper:
- '1 行に 1 つずつ完全なアクセスアドレスを入力してください。HTTPS を推奨します。例: https://192.168.1.2:18789。デフォルトのアクセスアドレスが未設定の場合は手動で入力してください。',
- allowedOriginsPlaceholder: 'https://192.168.1.2:18789',
allowedOriginsRequired: '少なくとも 1 つのアクセスアドレスを入力してください',
allowedOriginsInvalid: 'http(s)://host-or-ip[:port] の形式で入力してください',
provider: 'モデルプロバイダー',
@@ -2490,11 +2487,11 @@ const message = {
upgradeWarn:
'アプリケーションのアップグレードは、docker-compose.ymlファイルを置き換えます。変更がある場合は、クリックしてファイルの比較を表示できます',
openclawHttpsUpgradeNoticeTitle:
- '注意: 以下の説明は、2026.3.13 より前のバージョンから OpenClaw をアップグレードするユーザーにのみ適用されます:',
+ 'Note: The following instructions only apply to users upgrading OpenClaw from versions 2026.3.13 through 2026.3.22 to 2026.3.23 or later:',
openclawHttpsUpgradeNoticeItem1:
- 'デプロイ済みエージェントのアップグレード完了後、設定 -> 設定 -> セキュリティ に入り、アクセスアドレスを手動で追加してください。',
+ 'After the upgrade, agent access switches back to HTTP. Go to Configuration -> Settings -> Security and check the access address.',
openclawHttpsUpgradeNoticeItem2:
- '新バージョンではエージェントへのアクセスに HTTPS が必須です。以前リバースプロキシサイト経由でアクセスしていた場合は、プロキシ先を https://IP:Port に変更してください。',
+ 'If you previously used a reverse proxy website, change the proxy target to http://IP:Port.',
newVersion: '新しいバージョン',
oldVersion: '現在のバージョン',
composeDiff: 'ファイルの比較',
diff --git a/frontend/src/lang/modules/ko.ts b/frontend/src/lang/modules/ko.ts
index 214e1d08e7ab..50e8d70e8058 100644
--- a/frontend/src/lang/modules/ko.ts
+++ b/frontend/src/lang/modules/ko.ts
@@ -674,9 +674,6 @@ const message = {
appVersion: '앱 버전',
webuiPort: 'WebUI 포트',
allowedOrigins: '접속 주소',
- allowedOriginsHelper:
- '한 줄에 하나의 전체 접속 주소를 입력하세요. HTTPS 사용을 권장합니다. 예: https://192.168.1.2:18789. 기본 접속 주소가 설정되지 않은 경우 수동으로 입력하세요.',
- allowedOriginsPlaceholder: 'https://192.168.1.2:18789',
allowedOriginsRequired: '접속 주소를 하나 이상 입력하세요',
allowedOriginsInvalid: 'http(s)://host-or-ip[:port] 형식으로 입력하세요',
provider: '모델 제공자',
@@ -2433,11 +2430,11 @@ const message = {
upgradeWarn:
'애플리케이션 업그레이드는 docker-compose.yml 파일을 교체합니다. 변경 사항이 있으면 파일 비교를 클릭하여 확인할 수 있습니다.',
openclawHttpsUpgradeNoticeTitle:
- '주의: 다음 안내는 2026.3.13 이전 버전에서 OpenClaw 를 업그레이드하는 사용자에게만 적용됩니다:',
+ 'Note: The following instructions only apply to users upgrading OpenClaw from versions 2026.3.13 through 2026.3.22 to 2026.3.23 or later:',
openclawHttpsUpgradeNoticeItem1:
- '배포된 에이전트 업그레이드가 완료되면 구성 -> 설정 -> 보안 페이지로 이동해 접근 주소를 수동으로 추가해야 합니다.',
+ 'After the upgrade, agent access switches back to HTTP. Go to Configuration -> Settings -> Security and check the access address.',
openclawHttpsUpgradeNoticeItem2:
- '새 버전은 에이전트 접근에 HTTPS 를 강제합니다. 이전에 리버스 프록시 사이트로 접근했다면 프록시 대상 주소를 https://IP:Port 로 변경하세요.',
+ 'If you previously used a reverse proxy website, change the proxy target to http://IP:Port.',
newVersion: '새 버전',
oldVersion: '현재 버전',
composeDiff: '파일 비교',
diff --git a/frontend/src/lang/modules/ms.ts b/frontend/src/lang/modules/ms.ts
index ccdb79a2270f..4d7773b738f0 100644
--- a/frontend/src/lang/modules/ms.ts
+++ b/frontend/src/lang/modules/ms.ts
@@ -689,9 +689,6 @@ const message = {
appVersion: 'Versi aplikasi',
webuiPort: 'Port WebUI',
allowedOrigins: 'Alamat akses',
- allowedOriginsHelper:
- 'Masukkan satu alamat akses penuh bagi setiap baris. HTTPS disyorkan, contohnya https://192.168.1.2:18789. Isikan secara manual jika alamat akses lalai belum dikonfigurasi.',
- allowedOriginsPlaceholder: 'https://192.168.1.2:18789',
allowedOriginsRequired: 'Masukkan sekurang-kurangnya satu alamat akses',
allowedOriginsInvalid: 'Gunakan format http(s)://hos-atau-ip[:port]',
provider: 'Penyedia model',
@@ -2523,11 +2520,11 @@ const message = {
reload: 'Muat Semula',
upgradeWarn: 'Meningkatkan aplikasi akan menggantikan fail docker-compose.yml.',
openclawHttpsUpgradeNoticeTitle:
- 'Nota: Arahan berikut hanya terpakai kepada pengguna yang menaik taraf OpenClaw daripada versi lebih awal daripada 2026.3.13:',
+ 'Note: The following instructions only apply to users upgrading OpenClaw from versions 2026.3.13 through 2026.3.22 to 2026.3.23 or later:',
openclawHttpsUpgradeNoticeItem1:
- 'Selepas ejen yang telah dipasang selesai dinaik taraf, pergi ke Konfigurasi -> Tetapan -> Keselamatan dan tambah alamat akses secara manual.',
+ 'After the upgrade, agent access switches back to HTTP. Go to Configuration -> Settings -> Security and check the access address.',
openclawHttpsUpgradeNoticeItem2:
- 'Versi baharu kini mewajibkan HTTPS untuk mengakses ejen. Jika anda sebelum ini menggunakan laman reverse proxy, tukar alamat sasaran proksi kepada https://IP:Port.',
+ 'If you previously used a reverse proxy website, change the proxy target to http://IP:Port.',
newVersion: 'Versi baru',
oldVersion: 'Versi semasa',
composeDiff: 'Perbandingan fail',
diff --git a/frontend/src/lang/modules/pt-br.ts b/frontend/src/lang/modules/pt-br.ts
index 7b3b58a96c42..8a9035e4d4ed 100644
--- a/frontend/src/lang/modules/pt-br.ts
+++ b/frontend/src/lang/modules/pt-br.ts
@@ -684,9 +684,6 @@ const message = {
appVersion: 'Versão do app',
webuiPort: 'Porta WebUI',
allowedOrigins: 'Endereços de acesso',
- allowedOriginsHelper:
- 'Informe um endereço de acesso completo por linha. O uso de HTTPS é recomendado, por exemplo https://192.168.1.2:18789. Preencha manualmente se o endereço padrão não estiver configurado.',
- allowedOriginsPlaceholder: 'https://192.168.1.2:18789',
allowedOriginsRequired: 'Informe pelo menos um endereço de acesso',
allowedOriginsInvalid: 'Use o formato http(s)://host-ou-ip[:porta]',
provider: 'Provedor de modelos',
@@ -2656,11 +2653,11 @@ const message = {
upgradeWarn:
'Atualizar o aplicativo substituirá o arquivo docker-compose.yml. Se houver alterações, você pode clicar para visualizar a comparação do arquivo',
openclawHttpsUpgradeNoticeTitle:
- 'Nota: As instruções a seguir se aplicam apenas a usuários que estão atualizando o OpenClaw de versões anteriores à 2026.3.13:',
+ 'Note: The following instructions only apply to users upgrading OpenClaw from versions 2026.3.13 through 2026.3.22 to 2026.3.23 or later:',
openclawHttpsUpgradeNoticeItem1:
- 'Depois que o agente implantado for atualizado, vá para Configuração -> Ajustes -> Segurança e adicione manualmente o endereço de acesso.',
+ 'After the upgrade, agent access switches back to HTTP. Go to Configuration -> Settings -> Security and check the access address.',
openclawHttpsUpgradeNoticeItem2:
- 'A nova versão agora exige HTTPS para acessar o agente. Se você usava um site com proxy reverso, altere o destino do proxy para https://IP:Port.',
+ 'If you previously used a reverse proxy website, change the proxy target to http://IP:Port.',
newVersion: 'Nova versão',
oldVersion: 'Versão atual',
composeDiff: 'Comparação de arquivo',
diff --git a/frontend/src/lang/modules/ru.ts b/frontend/src/lang/modules/ru.ts
index 9ef6093b14c8..fc3c7cedc417 100644
--- a/frontend/src/lang/modules/ru.ts
+++ b/frontend/src/lang/modules/ru.ts
@@ -681,9 +681,6 @@ const message = {
appVersion: 'Версия приложения',
webuiPort: 'Порт WebUI',
allowedOrigins: 'Адреса доступа',
- allowedOriginsHelper:
- 'Указывайте по одному полному адресу доступа в строке. Рекомендуется использовать HTTPS, например https://192.168.1.2:18789. Если адрес по умолчанию не настроен, введите его вручную.',
- allowedOriginsPlaceholder: 'https://192.168.1.2:18789',
allowedOriginsRequired: 'Укажите хотя бы один адрес доступа',
allowedOriginsInvalid: 'Используйте формат http(s)://host-or-ip[:port]',
provider: 'Поставщик моделей',
@@ -2517,11 +2514,11 @@ const message = {
upgradeWarn:
'Обновление приложения заменит файл docker-compose.yml. Если есть изменения, вы можете нажать для просмотра сравнения файлов',
openclawHttpsUpgradeNoticeTitle:
- 'Примечание: Следующие инструкции применяются только к пользователям, обновляющим OpenClaw с версий ниже 2026.3.13:',
+ 'Note: The following instructions only apply to users upgrading OpenClaw from versions 2026.3.13 through 2026.3.22 to 2026.3.23 or later:',
openclawHttpsUpgradeNoticeItem1:
- 'После завершения обновления развернутого агента перейдите в Конфигурация -> Настройки -> Безопасность и вручную добавьте адрес доступа.',
+ 'After the upgrade, agent access switches back to HTTP. Go to Configuration -> Settings -> Security and check the access address.',
openclawHttpsUpgradeNoticeItem2:
- 'Новая версия теперь требует HTTPS для доступа к агенту. Если раньше использовался сайт с обратным прокси, измените адрес назначения прокси на https://IP:Port.',
+ 'If you previously used a reverse proxy website, change the proxy target to http://IP:Port.',
newVersion: 'Новая версия',
oldVersion: 'Текущая версия',
composeDiff: 'Сравнение файлов',
diff --git a/frontend/src/lang/modules/tr.ts b/frontend/src/lang/modules/tr.ts
index 031a5bf5b9a3..90bd9b382835 100644
--- a/frontend/src/lang/modules/tr.ts
+++ b/frontend/src/lang/modules/tr.ts
@@ -685,9 +685,6 @@ const message = {
appVersion: 'Uygulama sürümü',
webuiPort: 'WebUI portu',
allowedOrigins: 'Erişim adresleri',
- allowedOriginsHelper:
- 'Her satıra bir tam erişim adresi girin. HTTPS kullanmanız önerilir. Örnek: https://192.168.1.2:18789. Varsayılan erişim adresi yapılandırılmamışsa elle girin.',
- allowedOriginsPlaceholder: 'https://192.168.1.2:18789',
allowedOriginsRequired: 'En az bir erişim adresi girin',
allowedOriginsInvalid: 'http(s)://host-veya-ip[:port] biçimini kullanın',
provider: 'Model sağlayıcı',
@@ -2518,11 +2515,11 @@ const message = {
upgradeWarn:
'Uygulamanın yükseltilmesi docker-compose.yml dosyasını değiştirecektir. Herhangi bir değişiklik varsa, dosya karşılaştırmasını görüntülemek için tıklayabilirsiniz',
openclawHttpsUpgradeNoticeTitle:
- "Not: Aşağıdaki talimatlar yalnızca OpenClaw'ı 2026.3.13 öncesi sürümlerden yükselten kullanıcılar için geçerlidir:",
+ 'Note: The following instructions only apply to users upgrading OpenClaw from versions 2026.3.13 through 2026.3.22 to 2026.3.23 or later:',
openclawHttpsUpgradeNoticeItem1:
- 'Dağıtılmış ajan yükseltmesi tamamlandıktan sonra Yapılandırma -> Ayarlar -> Güvenlik sayfasına gidip erişim adresini manuel olarak ekleyin.',
+ 'After the upgrade, agent access switches back to HTTP. Go to Configuration -> Settings -> Security and check the access address.',
openclawHttpsUpgradeNoticeItem2:
- 'Yeni sürüm artık ajana erişim için HTTPS zorunlu kılıyor. Daha önce ters proxy sitesi kullanıyorsanız proxy hedef adresini https://IP:Port olarak değiştirin.',
+ 'If you previously used a reverse proxy website, change the proxy target to http://IP:Port.',
newVersion: 'Yeni sürüm',
oldVersion: 'Mevcut sürüm',
composeDiff: 'Dosya karşılaştırması',
diff --git a/frontend/src/lang/modules/zh-Hant.ts b/frontend/src/lang/modules/zh-Hant.ts
index a7cacb13f4cc..fe73e90a3c24 100644
--- a/frontend/src/lang/modules/zh-Hant.ts
+++ b/frontend/src/lang/modules/zh-Hant.ts
@@ -649,9 +649,6 @@ const message = {
appVersion: '應用版本',
webuiPort: 'WebUI 埠',
allowedOrigins: '訪問地址',
- allowedOriginsHelper:
- '一行一個完整訪問地址,建議優先使用 HTTPS,例如 https://192.168.1.2:18789.未設定預設訪問地址時請手動填寫',
- allowedOriginsPlaceholder: 'https://192.168.1.2:18789',
allowedOriginsRequired: '請至少填寫一個訪問地址',
allowedOriginsInvalid: '訪問地址格式錯誤,請輸入 http(s)://網域或IP[:埠]',
provider: '模型供應商',
@@ -2290,10 +2287,11 @@ const message = {
showLocal: '顯示本機應用程式',
reload: '重載',
upgradeWarn: '升級應用程式會取代 docker-compose.yml 檔案,如有更改,可以點選檢視檔案對比',
- openclawHttpsUpgradeNoticeTitle: '注意:以下說明僅適用於 OpenClaw 從 2026.3.13 之前版本升級的使用者:',
- openclawHttpsUpgradeNoticeItem1: '已部署的智慧體升級完成後,需要進入 配置 → 設定 → 安全 頁面手動新增存取地址。',
- openclawHttpsUpgradeNoticeItem2:
- '新版本已強制使用 HTTPS 存取智慧體。如果之前透過反向代理網站存取,請將代理目標地址修改為 https://IP:Port。',
+ openclawHttpsUpgradeNoticeTitle:
+ '注意:以下說明僅適用於 OpenClaw 從 2026.3.13 ~ 2026.3.22 版本升級到 2026.3.23 及以上版本的使用者:',
+ openclawHttpsUpgradeNoticeItem1:
+ '升級完成後,智慧體訪問協議將恢復為 HTTP,請進入 配置 → 設定 → 安全 檢查訪問地址。',
+ openclawHttpsUpgradeNoticeItem2: '如果之前透過反向代理網站存取,請將代理目標地址修改為 http://IP:Port。',
newVersion: '新版本',
oldVersion: '當前版本',
composeDiff: '檔案對比',
diff --git a/frontend/src/lang/modules/zh.ts b/frontend/src/lang/modules/zh.ts
index 2ad78023fecd..6d8165854660 100644
--- a/frontend/src/lang/modules/zh.ts
+++ b/frontend/src/lang/modules/zh.ts
@@ -648,9 +648,6 @@ const message = {
appVersion: '应用版本',
webuiPort: 'WebUI 端口',
allowedOrigins: '访问地址',
- allowedOriginsHelper:
- '一行一个完整访问地址,建议优先使用 HTTPS,例如 https://192.168.1.2:18789.未配置默认访问地址时请手动填写',
- allowedOriginsPlaceholder: 'https://192.168.1.2:18789',
allowedOriginsRequired: '请至少填写一个访问地址',
allowedOriginsInvalid: '访问地址格式错误,请输入 http(s)://域名或IP[:端口]',
provider: '模型供应商',
@@ -2290,10 +2287,11 @@ const message = {
showLocal: '本地应用',
reload: '重载',
upgradeWarn: '升级应用会替换 docker-compose.yml 文件,如有更改,可以点击查看文件对比',
- openclawHttpsUpgradeNoticeTitle: '注意:以下说明仅适用于 OpenClaw 从 2026.3.13 之前版本升级的用户:',
- openclawHttpsUpgradeNoticeItem1: '已部署的智能体升级完成后,需要进入 配置 → 设置 → 安全 页面手动添加访问地址。',
- openclawHttpsUpgradeNoticeItem2:
- '新版本已强制使用 HTTPS 访问智能体。如果之前通过反向代理网站访问,请将代理目标地址修改为 https://IP:Port。',
+ openclawHttpsUpgradeNoticeTitle:
+ '注意:以下说明仅适用于 OpenClaw 从 2026.3.13 ~ 2026.3.22 版本升级到 2026.3.23 及以上版本的用户:',
+ openclawHttpsUpgradeNoticeItem1:
+ '升级完成后,智能体访问协议将恢复为 HTTP,请进入 配置 → 设置 → 安全 检查访问地址。',
+ openclawHttpsUpgradeNoticeItem2: '如果之前通过反向代理网站访问,请将代理目标地址修改为 http://IP:Port。',
newVersion: '新版本',
oldVersion: '当前版本',
composeDiff: '文件对比',
diff --git a/frontend/src/utils/agent.ts b/frontend/src/utils/agent.ts
index f64107ff9811..b6c684890144 100644
--- a/frontend/src/utils/agent.ts
+++ b/frontend/src/utils/agent.ts
@@ -1,4 +1,9 @@
import i18n from '@/lang';
+import { compareVersion } from '@/utils/version';
+
+const openclawHTTPSVersion = '2026.3.13';
+const openclawHTTPVersion = '2026.3.23';
+const openclawDefaultAccessHost = '127.0.0.1';
export const getAgentProviderDisplayName = (provider: string, displayName?: string): string => {
if (provider === 'custom' || displayName === 'Custom') {
@@ -10,13 +15,25 @@ export const getAgentProviderDisplayName = (provider: string, displayName?: stri
return displayName || provider;
};
-export const buildDefaultAllowedOrigin = (systemIP: string, port?: number | string): string => {
- const target = String(systemIP || '').trim();
- if (!target || !port) {
+export const isOpenclawHTTPSWindowVersion = (version: string): boolean => {
+ return compareVersion(version, openclawHTTPSVersion) && !compareVersion(version, openclawHTTPVersion);
+};
+
+export const isOpenclawCurrentHTTPVersion = (version: string): boolean => {
+ return compareVersion(version, openclawHTTPVersion);
+};
+
+export const getOpenclawAccessScheme = (version: string): 'http' | 'https' => {
+ return isOpenclawHTTPSWindowVersion(version) ? 'https' : 'http';
+};
+
+export const buildDefaultAllowedOrigin = (systemIP: string, port?: number | string, version?: string): string => {
+ const target = String(systemIP || '').trim() || openclawDefaultAccessHost;
+ if (!port) {
return '';
}
const host = target.includes(':') && !target.startsWith('[') && !target.endsWith(']') ? `[${target}]` : target;
- return `https://${host}:${port}`;
+ return `${getOpenclawAccessScheme(String(version || ''))}://${host}:${port}`;
};
export const normalizeAllowedOrigin = (value: string): string => {
diff --git a/frontend/src/views/ai/agents/agent/add/index.vue b/frontend/src/views/ai/agents/agent/add/index.vue
index 69b9897e8757..cb86fef34661 100644
--- a/frontend/src/views/ai/agents/agent/add/index.vue
+++ b/frontend/src/views/ai/agents/agent/add/index.vue
@@ -28,12 +28,9 @@
v-model="form.allowedOrigins"
type="textarea"
:rows="3"
- :placeholder="$t('aiTools.agents.allowedOriginsPlaceholder')"
+ :placeholder="allowedOriginsPlaceholder"
@input="handleAllowedOriginsInput"
/>
-
- {{ $t('aiTools.agents.allowedOriginsHelper') }}
-
@@ -199,11 +196,13 @@ const filteredModels = computed(() => {
return selected?.models || [];
});
+const allowedOriginsPlaceholder = computed(() => buildDefaultAllowedOrigin('192.168.1.2', 18789, form.appVersion));
+
const syncAllowedOriginsWithDefault = (force = false) => {
if (form.agentType !== 'openclaw') {
return;
}
- const defaultOrigin = buildDefaultAllowedOrigin(systemIP.value, form.webUIPort);
+ const defaultOrigin = buildDefaultAllowedOrigin(systemIP.value, form.webUIPort, form.appVersion);
if (!force && !allowedOriginsAutoFilled.value && form.allowedOrigins !== lastAutoAllowedOrigins.value) {
return;
}
@@ -479,6 +478,7 @@ watch(
if (!value || value === oldValue) {
return;
}
+ syncAllowedOriginsWithDefault();
if (form.editCompose) {
await loadCompose();
}
diff --git a/frontend/src/views/ai/agents/agent/config/index.vue b/frontend/src/views/ai/agents/agent/config/index.vue
index 1e960ce7b152..cd8f938e509e 100644
--- a/frontend/src/views/ai/agents/agent/config/index.vue
+++ b/frontend/src/views/ai/agents/agent/config/index.vue
@@ -37,6 +37,7 @@ const header = ref('');
const agentId = ref(0);
const accountId = ref(0);
const model = ref('');
+const appVersion = ref('');
const channelsRef = ref();
const modelRef = ref();
const skillsRef = ref();
@@ -47,7 +48,10 @@ const loadSettings = async () => {
return;
}
await nextTick();
- await settingsRef.value?.load(agentId.value);
+ await settingsRef.value?.load({
+ agentId: agentId.value,
+ appVersion: appVersion.value,
+ });
};
const loadModel = async () => {
@@ -105,6 +109,7 @@ const openDrawer = async (agent: AI.AgentItem) => {
agentId.value = agent.id;
accountId.value = agent.accountId;
model.value = agent.model;
+ appVersion.value = agent.appVersion;
header.value = `${agent.name} - ${t('menu.config')}`;
activeTab.value = 'channels';
open.value = true;
diff --git a/frontend/src/views/ai/agents/agent/config/tabs/settings.vue b/frontend/src/views/ai/agents/agent/config/tabs/settings.vue
index 4f33479ae18f..7367ed8d17be 100644
--- a/frontend/src/views/ai/agents/agent/config/tabs/settings.vue
+++ b/frontend/src/views/ai/agents/agent/config/tabs/settings.vue
@@ -22,6 +22,7 @@ import ConfigFileTab from './settings/config-file.vue';
const { t } = useI18n();
const activeTab = ref('security');
const agentId = ref(0);
+const appVersion = ref('');
const securityRef = ref();
const otherRef = ref();
const configFileRef = ref();
@@ -32,7 +33,7 @@ const loadCurrentTab = async () => {
}
await nextTick();
if (activeTab.value === 'security') {
- await securityRef.value?.load(agentId.value);
+ await securityRef.value?.load(agentId.value, appVersion.value);
return;
}
if (activeTab.value === 'other') {
@@ -48,8 +49,9 @@ const handleTabClick = async () => {
await loadCurrentTab();
};
-const load = async (id: number) => {
- agentId.value = id;
+const load = async (params: { agentId: number; appVersion: string }) => {
+ agentId.value = params.agentId;
+ appVersion.value = params.appVersion;
activeTab.value = 'security';
await loadCurrentTab();
};
diff --git a/frontend/src/views/ai/agents/agent/config/tabs/settings/security.vue b/frontend/src/views/ai/agents/agent/config/tabs/settings/security.vue
index b7e9dab1d79f..32dcd6116df1 100644
--- a/frontend/src/views/ai/agents/agent/config/tabs/settings/security.vue
+++ b/frontend/src/views/ai/agents/agent/config/tabs/settings/security.vue
@@ -5,11 +5,8 @@
v-model="form.allowedOrigins"
type="textarea"
:rows="4"
- :placeholder="t('aiTools.agents.allowedOriginsPlaceholder')"
+ :placeholder="allowedOriginsPlaceholder"
/>
-
- {{ t('aiTools.agents.allowedOriginsHelper') }}
-
@@ -20,17 +17,18 @@