fix: harden /api/redux proxy against SSRF (code-scanning #40)#134
Open
wrigjl wants to merge 1 commit into
Open
fix: harden /api/redux proxy against SSRF (code-scanning #40)#134wrigjl wants to merge 1 commit into
wrigjl wants to merge 1 commit into
Conversation
Resolve the proxy target with the WHATWG URL parser and require it to stay on the configured backend's origin (and an http/https scheme) before calling fetch. Also switch to `redirect: 'manual'` so a misbehaving backend can't 3xx the server toward an internal address; the redirect is forwarded to the client instead. This addresses the js/request-forgery alert at pages/api/redux/[...path].js:34. In practice the previous code was not exploitable for host injection: the user-controlled suffix is appended after "<baseUrl>/", so the WHATWG parser keeps the authority pinned to the backend host. CodeQL flags it anyway because it can't prove that invariant via taint tracking. The explicit origin check makes the guarantee machine-verifiable and closes the additional redirect vector. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Hardens the
/api/redux/*proxy handler (pages/api/redux/[...path].js) against server-side request forgery:URLparser and require it to stay on the configured backend's origin, with anhttp:/https:scheme, before callingfetch.redirect: 'manual'so a misbehaving/compromised backend can't3xxthe server toward an internal address. The redirect is forwarded to the client instead.Which scan instance this fixes
Resolves code-scanning alert #40 —
js/request-forgery(SSRF, critical), flagged at thefetch(...)call onpages/api/redux/[...path].js:34("The URL of this request depends on a user-provided value").Note: not actually exploitable (but CodeQL couldn't prove it)
The prior code was not exploitable for host injection. The user-controlled suffix is appended after
"<baseUrl>/", so once the full string is parsed as a URL the authority stays pinned to the backend host — tested payloads (https://evil.com/x,//evil.com/x,@evil.com/x, backslash tricks) all resolved back to the backend origin. CodeQL flags it regardless because taint tracking can't prove that invariant.This change makes the guarantee explicit and machine-verifiable (so the alert clears) and additionally closes the redirect-following vector, which was a real second SSRF path.
Scope / not included
This does not restrict which backend paths or methods a client can reach — the proxy remains a full-surface passthrough to the backend origin. A path allowlist and Cookie/Authorization stripping were discussed as follow-up defense-in-depth but intentionally left out of this focused fix.
🤖 Generated with Claude Code