Kharec/goyco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: validateURLForSSRF()

Browse Source
This commit is contained in:
Sandro CURY CAZZANIGA
2025-11-11 16:10:20 +01:00
parent 0026d0d645
commit 325cbe9c2c
1 changed files with 7 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
internal/services/url_metadata_service.go
View File

@@ -450,38 +450,24 @@ func (s *URLMetadataService) optimizedTitleClean(title string) string {
}
func (s *URLMetadataService) validateURLForSSRF(u *url.URL) error {
if u == nil {
switch {
case u == nil,
u.Scheme != "http" && u.Scheme != "https",
u.Host == "",
u.Hostname() == "",
isLocalhost(u.Hostname()):
return ErrSSRFBlocked
}
if u.Scheme != "http" && u.Scheme != "https" {
return ErrSSRFBlocked
}
if u.Host == "" {
return ErrSSRFBlocked
}
hostname := u.Hostname()
if hostname == "" {
return ErrSSRFBlocked
}
if isLocalhost(hostname) {
return ErrSSRFBlocked
}
ips, err := s.resolver.LookupIP(hostname)
ips, err := s.resolver.LookupIP(u.Hostname())
if err != nil {
return ErrSSRFBlocked
}
for _, ip := range ips {
if isPrivateOrReservedIP(ip) {
return ErrSSRFBlocked
}
}
return nil
}