mirror of
https://github.com/rcourtman/Pulse.git
synced 2026-07-10 00:14:38 +00:00
NewRestrictedOutboundHTTPClient validates target IPs via a custom DialContext, but when an HTTP proxy is configured (HTTP_PROXY env var) DialContext only validates the proxy's address — the actual target host is never checked. This allows requests to cloud metadata service addresses (169.254.169.254) and other blocked IPs through the proxy. Add a restrictedRoundTripper wrapper that validates the request URL hostname against resolvePermittedOutboundIP before forwarding. This provides defense-in-depth that works regardless of proxy configuration, while the existing DialContext guard continues to prevent DNS rebinding for direct connections. |
||
|---|---|---|
| .. | ||
| agents | ||
| aicontracts | ||
| audit | ||
| auth | ||
| cloudauth | ||
| db | ||
| discovery | ||
| extensions | ||
| fsfilters | ||
| licensing | ||
| metrics | ||
| pbs | ||
| pmg | ||
| proxmox | ||
| pulsecli | ||
| reporting | ||
| securityutil | ||
| server | ||
| tlsutil | ||