From b63a49fc3980296c6a6ea6ac0624142e8af94d52 Mon Sep 17 00:00:00 2001 From: Mohamed Bassem Date: Sun, 2 Nov 2025 17:19:28 +0000 Subject: fix: Stricter SSRF validation (#2082) * fix: Stricter SSRF validation * skip dns resolution if running in proxy context * more fixes * Add LRU cache * change the env variable for internal hostnames * make dns resolution timeout configerable * upgrade ipaddr * handle ipv6 * handle proxy bypass for request interceptor --- apps/workers/package.json | 2 ++ 1 file changed, 2 insertions(+) (limited to 'apps/workers/package.json') diff --git a/apps/workers/package.json b/apps/workers/package.json index b02c3bc9..f35a52f4 100644 --- a/apps/workers/package.json +++ b/apps/workers/package.json @@ -23,8 +23,10 @@ "hono": "^4.7.10", "http-proxy-agent": "^7.0.2", "https-proxy-agent": "^7.0.6", + "ipaddr.js": "^2.2.0", "jsdom": "^24.0.0", "liteque": "^0.6.2", + "lru-cache": "^11.2.2", "metascraper": "^5.49.5", "metascraper-amazon": "^5.49.5", "metascraper-author": "^5.49.5", -- cgit v1.2.3-70-g09d2