this repo has no description
relay: add basic SSRF protection to CheckHost
+7
-1
+7
-1
cmd/relay/relay/host_checker.go
+7
-1
cmd/relay/relay/host_checker.go
···
4
4
"context"
5
5
"fmt"
6
6
"net/http"
7
+
"time"
7
8
8
9
comatproto "github.com/bluesky-social/indigo/api/atproto"
9
10
"github.com/bluesky-social/indigo/atproto/identity"
11
+
"github.com/bluesky-social/indigo/util/ssrf"
10
12
"github.com/bluesky-social/indigo/xrpc"
11
13
)
12
14
···
30
32
if userAgent == "" {
31
33
userAgent = "indigo-relay (atproto-relay)"
32
34
}
35
+
c := http.Client{
36
+
Timeout: 5 * time.Second,
37
+
Transport: ssrf.PublicOnlyTransport(),
38
+
}
33
39
return &HostClient{
34
-
Client: http.DefaultClient,
40
+
Client: &c,
35
41
UserAgent: userAgent,
36
42
}
37
43
}