Skip to content

[codex] feat(ai plugin): support custom request options #534

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
jn12-29 wants to merge 2 commits into
base: main
Choose a base branch
from
Open

[codex] feat(ai plugin): support custom request options #534

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8518e28
feat(ai plugin): add support for custom headers and extra request body
jn12-29 Jun 7, 2026
b26cff4
fix(ai plugin): harden request option validation
jn12-29 Jun 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
89 changes: 87 additions & 2 deletions src/main/api/plugin/ai.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ export interface AiOption {
model?: string // AI 模型,为空默认使用第一个配置的模型
messages: Message[] // 消息列表
tools?: Tool[] // 工具列表
headers?: Record<string, string> // Extra request headers; sensitive/framing headers are rejected.
extraBody?: Record<string, unknown> // Extra OpenAI-compatible fields; core fields are rejected.
}

/** 文本内容块 */
Expand Down Expand Up @@ -72,6 +74,28 @@ export interface Tool {
}
/** 工具调用循环最大轮次 */
const MAX_TOOL_ROUNDS = 25
const RESERVED_EXTRA_BODY_KEYS = ['model', 'messages', 'tools', 'stream'] as const
const RESERVED_HEADER_KEYS = new Set([
'accept',
'authorization',
'connection',
'content-length',
'content-type',
'cookie',
'host',
'keep-alive',
'openai-beta',
'openai-organization',
'openai-project',
'proxy-authenticate',
'proxy-authorization',
'te',
'trailer',
'transfer-encoding',
'upgrade',
'user-agent'
])
const RESERVED_HEADER_PREFIXES = ['x-stainless-']

/**
* AI 调用 API(插件专用)- 基于 OpenAI SDK 直接调用
Expand Down Expand Up @@ -227,6 +251,55 @@ class PluginAiAPI {
baseURL: modelConfig.apiUrl
})
}

private isPlainObject(value: unknown): value is Record<string, unknown> {
if (typeof value !== 'object' || value === null) return false
const prototype = Object.getPrototypeOf(value)
return prototype === Object.prototype || prototype === null
}

private normalizeHeaders(headers: unknown): Record<string, string> | undefined {
if (headers == null) return undefined
if (!this.isPlainObject(headers)) {
throw new Error('headers 必须是对象')
}

const normalized: Record<string, string> = {}
for (const [key, value] of Object.entries(headers)) {
const normalizedKey = key.trim().toLowerCase()
if (
RESERVED_HEADER_KEYS.has(normalizedKey) ||
RESERVED_HEADER_PREFIXES.some((prefix) => normalizedKey.startsWith(prefix))
) {
throw new Error(`headers 不能包含保留请求头: ${key}`)
}
if (value != null) {
if (typeof value !== 'string') {
throw new Error(`headers.${key} 必须是字符串`)
}
normalized[key] = value
}
}
return Object.keys(normalized).length > 0 ? normalized : undefined
}

private normalizeExtraBody(extraBody: unknown): Record<string, unknown> | undefined {
if (extraBody == null) return undefined
if (!this.isPlainObject(extraBody)) {
throw new Error('extraBody 必须是对象')
}

const reservedKey = RESERVED_EXTRA_BODY_KEYS.find((key) =>
Object.prototype.hasOwnProperty.call(extraBody, key)
)
if (reservedKey) {
throw new Error(`extraBody 不能包含保留字段: ${reservedKey}`)
}

const normalized = { ...extraBody }
return Object.keys(normalized).length > 0 ? normalized : undefined
}
Comment on lines +255 to +301

@gemini-code-assist gemini-code-assist Bot Jun 7, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

There are a few areas where robustness and correctness can be improved:

  1. Stricter Plain Object Validation: The current isPlainObject implementation returns true for instances of Date, RegExp, Map, Set, etc. Checking the prototype using Object.getPrototypeOf ensures only plain objects are accepted.
  2. Defensive Programming (Null Safety): The current checks only handle undefined. If null is passed (which is common in JSON/IPC payloads), it will fail the isPlainObject check and throw an error. Using == null safely handles both null and undefined.
  3. Header Stringification Pitfall: Using String(value) directly on object entries can convert null or undefined values to "null" or "undefined" strings, which will be sent as actual header values. It is safer to filter out null and undefined values before stringifying.
  private isPlainObject(value: unknown): value is Record<string, unknown> {
    if (typeof value !== 'object' || value === null) return false
    const proto = Object.getPrototypeOf(value)
    return proto === null || proto === Object.prototype
  }

  private normalizeHeaders(headers: unknown): Record<string, string> | undefined {
    if (headers == null) return undefined
    if (!this.isPlainObject(headers)) {
      throw new Error('headers 必须是对象')
    }

    const normalized: Record<string, string> = {}
    for (const [key, value] of Object.entries(headers)) {
      if (value !== null && value !== undefined) {
        normalized[key] = String(value)
      }
    }
    return Object.keys(normalized).length > 0 ? normalized : undefined
  }

  private normalizeExtraBody(extraBody: unknown): Record<string, unknown> | undefined {
    if (extraBody == null) return undefined
    if (!this.isPlainObject(extraBody)) {
      throw new Error('extraBody 必须是对象')
    }

    const normalized = { ...extraBody }
    for (const key of RESERVED_EXTRA_BODY_KEYS) {
      delete normalized[key]
    }
    return Object.keys(normalized).length > 0 ? normalized : undefined
  }

Comment on lines +286 to +301

/**
* 将 Message[] 转为 OpenAI SDK 格式
* 关键:保留 assistant 消息的 reasoning_content,解决 DeepSeek thinking mode 报错
Expand Down Expand Up @@ -325,17 +398,23 @@ class PluginAiAPI {
const client = this.createClient(modelConfig)
const openaiTools = option.tools?.length ? this.convertTools(option.tools) : undefined
const messages = [...option.messages]
const requestHeaders = this.normalizeHeaders(option.headers)
const extraBody = this.normalizeExtraBody(option.extraBody)

for (let round = 0; round < MAX_TOOL_ROUNDS; round++) {
this.notifyAiStatus(round === 0 ? 'sending' : 'receiving', webContents)

const response = await client.chat.completions.create(
{
...extraBody,
model: modelConfig.id,
messages: this.convertMessages(messages),
...(openaiTools?.length ? { tools: openaiTools } : {})
},
{ signal: abortController.signal }
{
signal: abortController.signal,
...(requestHeaders ? { headers: requestHeaders } : {})
}
Comment on lines 407 to +417
)

const choice = response.choices[0]
Expand Down Expand Up @@ -423,18 +502,24 @@ class PluginAiAPI {
const client = this.createClient(modelConfig)
const openaiTools = option.tools?.length ? this.convertTools(option.tools) : undefined
const messages = [...option.messages]
const requestHeaders = this.normalizeHeaders(option.headers)
const extraBody = this.normalizeExtraBody(option.extraBody)

for (let round = 0; round < MAX_TOOL_ROUNDS; round++) {
this.notifyAiStatus(round === 0 ? 'sending' : 'receiving', webContents)

const stream = await client.chat.completions.create(
{
...extraBody,
model: modelConfig.id,
messages: this.convertMessages(messages),
stream: true,
...(openaiTools?.length ? { tools: openaiTools } : {})
},
{ signal: abortController.signal }
{
signal: abortController.signal,
...(requestHeaders ? { headers: requestHeaders } : {})
}
)

let fullContent = ''
Expand Down