navidrome

mirror of https://github.com/navidrome/navidrome.git synced 2026-05-21 10:19:57 +00:00

History

Deluan Quintão 652c27690b Some checks are pending Pipeline: Test, Lint, Build / Push to Docker Hub (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Get version info (push) Waiting to run Details Pipeline: Test, Lint, Build / Lint Go code (push) Waiting to run Details Pipeline: Test, Lint, Build / Test Go code (push) Waiting to run Details Pipeline: Test, Lint, Build / Test JS code (push) Waiting to run Details Pipeline: Test, Lint, Build / Lint i18n files (push) Waiting to run Details Pipeline: Test, Lint, Build / Check Docker configuration (push) Waiting to run Details Pipeline: Test, Lint, Build / Cleanup digest artifacts (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build-1 (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build-2 (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build-3 (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build-4 (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build-5 (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build-6 (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build-7 (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build-8 (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build-9 (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build-10 (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Push to GHCR (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Build Windows installers (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Package/Release (push) Blocked by required conditions Details Pipeline: Test, Lint, Build / Upload Linux PKG (push) Blocked by required conditions Details feat(plugins): add HTTP host service (#5095 ) * feat(httpclient): implement HttpClient service for outbound HTTP requests in plugins Signed-off-by: Deluan <deluan@navidrome.org> * feat(httpclient): enhance SSRF protection by validating host requests against private IPs Signed-off-by: Deluan <deluan@navidrome.org> * feat(httpclient): support DELETE requests with body in HttpClient service Signed-off-by: Deluan <deluan@navidrome.org> * feat(httpclient): refactor HTTP client initialization and enhance redirect handling Signed-off-by: Deluan <deluan@navidrome.org> * refactor(http): standardize naming conventions for HTTP types and methods Signed-off-by: Deluan <deluan@navidrome.org> * refactor example plugin to use host.HTTPSend for improved error management Signed-off-by: Deluan <deluan@navidrome.org> * fix(plugins): fix IPv6 SSRF bypass and wildcard host matching Fix two bugs in the plugin HTTP/WebSocket host validation: 1. extractHostname now strips IPv6 brackets when no port is present (e.g. "[::1]" → "::1"). Previously, net.SplitHostPort failed for bracketed IPv6 without a port, leaving brackets intact. This caused net.ParseIP to return nil, bypassing the private/loopback SSRF guard. 2. matchHostPattern now treats "" as an allow-all pattern. Previously, a bare "" only matched via exact equality, so plugins declaring requiredHosts: ["*"] (like webhook-rs) had all requests rejected. --------- Signed-off-by: Deluan <deluan@navidrome.org>		2026-02-24 14:28:36 -05:00
..
host	feat(plugins): add HTTP host service (#5095 )	2026-02-24 14:28:36 -05:00