laoxong/nofx
1
0
Fork 0
mirror of https://github.com/laoxong/nofx.git synced 2026-06-04 09:58:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
1464cedeff0ef86982504fe87d7b0e3d13b9e775
nofx/security
T
History
tinkle-community abaffaddb9 fix: add SSRF protection for user-controlled URLs 
- Add security/url_validator.go with ValidateURL, SafeHTTPClient, SafeGet
- Block private IP ranges (127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16)
- Block cloud metadata endpoints (169.254.169.254, metadata.google.internal)
- Validate DNS resolution to prevent DNS rebinding attacks
- Check redirect destinations for SSRF
- Fix FetchQuantData, FetchOIRanking, fetchAI500, fetchOITop, fetchSingleExternalSource
2025-12-14 12:01:23 +08:00
..
url_validator.go
fix: add SSRF protection for user-controlled URLs
2025-12-14 12:01:23 +08:00