SECURITY: SSRF vulnerability in TopicEmbed

Block redirects when making the final request in TopicEmbed to prevent Server Side Request Forgery (SSRF)
2025-02-25 18:55:32 -06:00 · 2023-10-27 14:02:20 +11:00
parent 7d484864fe
commit 5f20748e40
2 changed files with 15 additions and 2 deletions
--- a/app/models/topic_embed.rb
+++ b/app/models/topic_embed.rb
@@ -126,8 +126,8 @@ class TopicEmbed < ActiveRecord::Base
    return if uri.blank?

    begin
-      html = uri.read
-    rescue OpenURI::HTTPError, Net::OpenTimeout
+      html = FinalDestination::HTTP.get(uri)
+    rescue OpenURI::HTTPError, Net::OpenTimeout, FinalDestination::SSRFDetector::DisallowedIpError
      return
    end