Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolved ssrf vulnerability #2657

Open
wants to merge 12 commits into
base: main
Choose a base branch
from
Open

Resolved ssrf vulnerability #2657

wants to merge 12 commits into from

Conversation

Uttkarsh-raj
Copy link
Contributor

PR Desc:

This pr is regarding the issue in the server-side request forgery vulnerability. This pr aims to fix #2650 .

@sentry-io Sentry.io
Copy link

sentry-io bot commented Aug 19, 2024

🔍 Existing Issues For Review

Your pull request is modifying functions with the following pre-existing issues:

📄 File: website/views.py

Function Unhandled Issue
get AttributeError: 'NoneType' object has no attribute 'github' /is...
Event Count: 100

Did you find this useful? React with a 👍 or 👎

arkid15r
arkid15r reviewed Aug 19, 2024
View reviewed changes
website/views.py Outdated Show resolved Hide resolved
website/views.py Outdated Show resolved Hide resolved
website/views.py
company_name = request.POST.get("company")
company = Company.objects.filter(name=company_name).first()

if not company:
try:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is very basic check for company name in the response body. Let's at least check that the request isn't being redirected to another location (status code 200 might work)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have made the changes, plz do check if this satisfies the requirements. Thank you.

github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 20, 2024
View reviewed changes
website/views.py
# back to the domain detail page
return redirect("domain", slug=domain.url)
try:
response = requests.get(domain.url, allow_redirects=False)

Check failure

Code scanning / CodeQL

Full server-side request forgery Critical

The full URL of this request depends on a
user-provided value
Loading
.
@DonnieBLT
Copy link
Collaborator

can you please fix the conflicts?

DonnieBLT
DonnieBLT requested changes Nov 24, 2024
View reviewed changes
Copy link
Collaborator

@DonnieBLT DonnieBLT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you please fix the conflicts?

@Uttkarsh-raj
Copy link
Contributor Author

can you please fix the conflicts?

On It. Will try to fix this asap.

@DonnieBLT
Copy link
Collaborator

We split this file up

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arkid15r arkid15r arkid15r left review comments

@DonnieBLT DonnieBLT Awaiting requested review from DonnieBLT

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
requested changes
Projects
📌 All
Status: Ready
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Fix code scanning alert - Full server-side request forgery
3 participants
@Uttkarsh-raj @DonnieBLT @arkid15r