Skip to content

fix: harden /api/redux proxy against SSRF (code-scanning #40)#134

Open
wrigjl wants to merge 1 commit into
ReduxISU:ReduxAPI_GUIfrom
wrigjl:fix/40-ssrf-redux-proxy
Open

fix: harden /api/redux proxy against SSRF (code-scanning #40)#134
wrigjl wants to merge 1 commit into
ReduxISU:ReduxAPI_GUIfrom
wrigjl:fix/40-ssrf-redux-proxy

Conversation

@wrigjl

@wrigjl wrigjl commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

What

Hardens the /api/redux/* proxy handler (pages/api/redux/[...path].js) against server-side request forgery:

  • Origin allowlist: resolve the proxy target with the WHATWG URL parser and require it to stay on the configured backend's origin, with an http:/https: scheme, before calling fetch.
  • No server-side redirect following: switch to redirect: 'manual' so a misbehaving/compromised backend can't 3xx the server toward an internal address. The redirect is forwarded to the client instead.

Which scan instance this fixes

Resolves code-scanning alert #40js/request-forgery (SSRF, critical), flagged at the fetch(...) call on pages/api/redux/[...path].js:34 ("The URL of this request depends on a user-provided value").

Note: not actually exploitable (but CodeQL couldn't prove it)

The prior code was not exploitable for host injection. The user-controlled suffix is appended after "<baseUrl>/", so once the full string is parsed as a URL the authority stays pinned to the backend host — tested payloads (https://evil.com/x, //evil.com/x, @evil.com/x, backslash tricks) all resolved back to the backend origin. CodeQL flags it regardless because taint tracking can't prove that invariant.

This change makes the guarantee explicit and machine-verifiable (so the alert clears) and additionally closes the redirect-following vector, which was a real second SSRF path.

Scope / not included

This does not restrict which backend paths or methods a client can reach — the proxy remains a full-surface passthrough to the backend origin. A path allowlist and Cookie/Authorization stripping were discussed as follow-up defense-in-depth but intentionally left out of this focused fix.

🤖 Generated with Claude Code

Resolve the proxy target with the WHATWG URL parser and require it to
stay on the configured backend's origin (and an http/https scheme)
before calling fetch. Also switch to `redirect: 'manual'` so a
misbehaving backend can't 3xx the server toward an internal address;
the redirect is forwarded to the client instead.

This addresses the js/request-forgery alert at
pages/api/redux/[...path].js:34. In practice the previous code was not
exploitable for host injection: the user-controlled suffix is appended
after "<baseUrl>/", so the WHATWG parser keeps the authority pinned to
the backend host. CodeQL flags it anyway because it can't prove that
invariant via taint tracking. The explicit origin check makes the
guarantee machine-verifiable and closes the additional redirect vector.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant