Enhance SSRF DNS validation with comprehensive IP checks and IPv6 support

[Copilot]

Addresses review feedback on the SSRF DNS resolution fix to close remaining security gaps and edge cases.

Changes

• Expanded IP range validation: Added checks for is_link_local, is_reserved, and is_multicast in addition to is_private and is_loopback. Applied consistently to both literal IP and DNS resolution paths.

• IPv6 zone identifier handling: Strip zone IDs (e.g., %eth0) from IPv6 addresses before validation to prevent parsing errors:

  ip_no_zone = ip_str.split('%', 1)[0]
  resolved_ip = ipaddress.ip_address(ip_no_zone)

• Comprehensive exception handling: Catch OSError in addition to socket.gaierror during DNS resolution to handle network failures and timeouts.

• TOCTOU limitation documented: Added inline comments and sentinel.md entry noting that DNS rebinding attacks remain theoretically possible—an attacker's DNS server could return safe IPs during validation and private IPs during the actual request. This is a known limitation of DNS-based SSRF protection.

Example

# Now blocks all restricted ranges consistently
validate_folder_url('https://fe80::1/test')      # link-local IPv6
validate_folder_url('https://224.0.0.1/test')    # multicast
validate_folder_url('https://[fe80::1%eth0]/test')  # IPv6 with zone ID

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[Copilot]

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• example.com
  • Triggering command: `/usr/bin/python3 python3 -c
    import sys
    sys.path.insert(0, '.')
    from main import validate_folder_url

Test valid URL

print('Testing valid URL:', validate_folder_url('REDACTED'))

Test localhost

print('Testing localhost:', validate_folder_url('https://localhost/te 53 -j ACCEPT` (dns block)

• nonexistent.invalid
  • Triggering command: `/usr/bin/python3 python3 -c
    import socket

Test different exception types

test_cases = [
('nonexistent.invalid', socket.gaierror),
]

print('Testing exception handling...')
for host, expected_exc in test_cases:
try:
result = socket.getaddrinfo(host, None)` (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[Copilot]

Pull request overview

This pull request enhances SSRF protection in URL validation by adding DNS resolution checks to detect domains that resolve to restricted IP addresses, expanding IP range validation to include link-local, reserved, and multicast addresses, and properly handling IPv6 zone identifiers.

Key Changes:

• Enhanced IP range validation to check for link_local, reserved, and multicast addresses in addition to private and loopback
• Added DNS resolution logic to validate domains don't resolve to restricted IPs
• Implemented proper IPv6 zone identifier stripping before IP validation
• Documented TOCTOU vulnerability limitations in both code comments and sentinel.md

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
main.py	Enhanced validate_folder_url with comprehensive IP range checks for both literal IPs and DNS-resolved IPs, added IPv6 zone identifier handling, and documented TOCTOU limitations
.jules/sentinel.md	Documented the SSRF via DNS resolution vulnerability, prevention measures, and known limitations including DNS rebinding attacks

Comments suppressed due to low confidence (2)

main.py:223

• There are duplicate TOCTOU comments. Lines 216-219 and lines 222-223 both describe the same Time-Of-Check-Time-Of-Use limitation. Remove the duplicate comment at lines 222-223 to avoid redundancy.

            # Note: This check has a Time-Of-Check-Time-Of-Use (TOCTOU) limitation.
            # DNS rebinding attacks could return a safe IP during validation and a
            # private IP during the actual request. This is a known limitation of
            # DNS-based SSRF protection.
            try:
                # Resolve hostname to IPs
                # Note: This check has a Time-Of-Check-Time-Of-Use (TOCTOU) limitation.
                # A malicious DNS server could return a safe IP now and a private IP later.

.jules/sentinel.md:57

• The documentation contains duplicate content. Lines 45-52 and lines 53-57 both describe the same vulnerability, learning, and prevention steps. Remove the duplicate section (lines 53-57) to avoid confusion and maintain clean documentation.

**Learning:** Blocking IP literals is insufficient for SSRF protection. DNS resolution must be performed to verify that a domain does not resolve to a restricted IP address. Note that check-time validation has TOCTOU limitations vs request-time verification.
**Prevention:**
1. Resolve domain names using `socket.getaddrinfo` before making requests.
2. Verify all resolved IP addresses against private, loopback, link-local, reserved, and multicast ranges.
3. Handle DNS resolution failures and zone identifiers (IPv6) securely.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.