Skip to content

fix: prevent SSRF via absolute URL bypassing base_uri #830

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jnunemaker merged 1 commit into from
Dec 23, 2025
Merged

fix: prevent SSRF via absolute URL bypassing base_uri #830

jnunemaker merged 1 commit into from
Dec 23, 2025
+95 −1

Conversation

@jnunemaker
Copy link
Owner

@jnunemaker jnunemaker commented Dec 23, 2025

When base_uri is configured and a path argument contains an absolute URL with a different host, HTTParty now raises UnsafeURIError instead of sending the request (and any configured headers/credentials) to the unintended host.

This prevents Server-Side Request Forgery (SSRF) attacks where an attacker controlling the path value could redirect requests to malicious servers and capture API keys or other sensitive headers.

The validation can be bypassed with skip_uri_validation: true for legitimate use cases. Redirects are not validated to allow normal redirect flows.

🤖 Generated with Claude Code

@jnunemaker @claude
fix: prevent SSRF via absolute URL bypassing base_uri (GHSA-hm5p-x4rq…
0529bcd 
…-38w4)

When base_uri is configured and a path argument contains an absolute URL
with a different host, HTTParty now raises UnsafeURIError instead of
sending the request (and any configured headers/credentials) to the
unintended host.

This prevents Server-Side Request Forgery (SSRF) attacks where an attacker
controlling the path value could redirect requests to malicious servers
and capture API keys or other sensitive headers.

The validation can be bypassed with `skip_uri_validation: true` for
legitimate use cases. Redirects are not validated to allow normal
redirect flows.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@jnunemaker jnunemaker self-assigned this Dec 23, 2025
@jnunemaker jnunemaker merged commit ddfbc8d into main Dec 23, 2025
12 checks passed
@ashkulz ashkulz mentioned this pull request Dec 24, 2025
Closed
@ienev
Copy link

ienev commented Jan 6, 2026

Not sure if anyone has already raised this but this PR still doesn't fix the PoC given here GHSA-hm5p-x4rq-38w4

@walro
Copy link

walro commented Jan 9, 2026

The PoC uses the same host (localhost), but different ports. The implementation only checks the host portion (i.e. no port check) why the PoC still 'works'. Changing the PoC to combine, say, 127.0.0.1 and localhost and it does indeed stop the request. However, I am not sure if ports should also be honored. Unlikely it would be abused, but not impossible I guess.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@jnunemaker jnunemaker

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jnunemaker @ienev @walro