memos

Commit Graph

Author	SHA1	Message	Date
Steven	150371d211	fix(webhook): remediate SSRF vulnerability in webhook dispatcher - Add plugin/webhook/validate.go as single source of truth for SSRF protection: reserved CIDR list parsed once at init(), isReservedIP(), and exported ValidateURL() used at registration/update time - Replace unguarded http.Client in webhook.go with safeClient whose Transport uses a custom DialContext that re-resolves hostnames at dial time, defeating DNS rebinding attacks - Call webhook.ValidateURL() in CreateUserWebhook and both UpdateUserWebhook paths to reject non-http/https schemes and reserved/private IP targets before persisting - Strip internal service response body from non-2xx error log messages to prevent data leakage via application logs	2026-02-23 10:14:24 +08:00

Author

SHA1

Message

Date

Steven

150371d211

fix(webhook): remediate SSRF vulnerability in webhook dispatcher

- Add plugin/webhook/validate.go as single source of truth for SSRF
  protection: reserved CIDR list parsed once at init(), isReservedIP(),
  and exported ValidateURL() used at registration/update time
- Replace unguarded http.Client in webhook.go with safeClient whose
  Transport uses a custom DialContext that re-resolves hostnames at
  dial time, defeating DNS rebinding attacks
- Call webhook.ValidateURL() in CreateUserWebhook and both
  UpdateUserWebhook paths to reject non-http/https schemes and
  reserved/private IP targets before persisting
- Strip internal service response body from non-2xx error log messages
  to prevent data leakage via application logs

2026-02-23 10:14:24 +08:00

1 Commits