This commit is contained in:
Alan Guo Xiang Tan
GitHub
parent
500d0f6daf
commit
cf0a0945e4
|
|
@ -1,7 +1,6 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class FinalDestination
|
||||
module SSRFSafeNetHTTP
|
||||
class FinalDestination::HTTP < Net::HTTP
|
||||
def connect
|
||||
original_open_timeout = @open_timeout
|
||||
return super if @ipaddr
|
||||
|
|
@ -11,8 +10,7 @@ class FinalDestination
|
|||
# This iteration through addresses would normally happen in Socket#tcp
|
||||
# We do it here because we're tightly controlling addresses rather than
|
||||
# handing Socket#tcp a hostname
|
||||
ips =
|
||||
FinalDestination::SSRFDetector.lookup_and_filter_ips(@address, timeout: @connect_timeout)
|
||||
ips = FinalDestination::SSRFDetector.lookup_and_filter_ips(@address, timeout: @connect_timeout)
|
||||
|
||||
ips.each_with_index do |ip, index|
|
||||
debug "[FinalDestination] Attempting connection to #{ip}..."
|
||||
|
|
@ -40,8 +38,3 @@ class FinalDestination
|
|||
Process.clock_gettime(Process::CLOCK_MONOTONIC)
|
||||
end
|
||||
end
|
||||
|
||||
class HTTP < ::Net::HTTP
|
||||
include SSRFSafeNetHTTP
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -7,15 +7,7 @@ WebMock::HttpLibAdapterRegistry.instance.register(
|
|||
|
||||
def self.enable!
|
||||
FinalDestination.send(:remove_const, :HTTP)
|
||||
|
||||
# At this point, `Net::HTTP` has already been patched by WebMock so we need to re-declare `FinalDestination::HTTP`
|
||||
# but inherit from the patched `Net::HTTP` class. This is to allow requests made using `FinalDestination::HTTP` to be
|
||||
# intercepted by WebMock.
|
||||
FinalDestination.send(
|
||||
:const_set,
|
||||
:HTTP,
|
||||
Class.new(Net::HTTP) { include FinalDestination::SSRFSafeNetHTTP },
|
||||
)
|
||||
FinalDestination.send(:const_set, :HTTP, Net::HTTP)
|
||||
end
|
||||
|
||||
def self.disable!
|
||||
|
|
|
|||
Loading…
Reference in New Issue