javier/Stirling-PDF
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Hardening suggestions for Stirling-PDF / multipleFix (#1743)

Browse Source 
Sandboxed URL creation to prevent SSRF attacks

Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
This commit is contained in:
pixeebot[bot]
2024-08-23 09:18:08 +01:00
committed by GitHub
parent c4efed87b4
commit fcc78089ad
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/stirling/software/SPDF/utils/GeneralUtils.java
View File

@@ -77,7 +77,7 @@ public class GeneralUtils {
public static boolean isURLReachable(String urlStr) { public static boolean isURLReachable(String urlStr) {
try { try {
URL url = new URL(urlStr); URL url = Urls.create(urlStr, Urls.HTTP_PROTOCOLS, HostValidator.DENY_COMMON_INFRASTRUCTURE_TARGETS);
HttpURLConnection connection = (HttpURLConnection) url.openConnection(); HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("HEAD"); connection.setRequestMethod("HEAD");
int responseCode = connection.getResponseCode(); int responseCode = connection.getResponseCode();