Allow configuring local resolved hosts

Author: mbv06

src/slicer_uri_bridge/handler.py

@@ -122,6 +122,10 @@ def load_config() -> dict:
         logger.warning("Invalid security.allow_any_original_host; using false")
         security["allow_any_original_host"] = False
 
+    if not isinstance(security.get("allow_local_resolved_hosts", False), bool):
+        logger.warning("Invalid security.allow_local_resolved_hosts; using false")
+        security["allow_local_resolved_hosts"] = False
+
     security["post_process_action"] = normalize_post_process_action(security.get("post_process_action"))
 
     allowed_hosts = security.get("allowed_hosts", [])
@@ -312,6 +316,7 @@ def validate_remote_url(
     allow_any_original_host: bool,
     allow_plain_http: bool,
     check_allowlist: bool,
+    allow_local_resolved_hosts: bool,
 ) -> None:
     parsed = urllib.parse.urlsplit(url)
     if not parsed.scheme or not parsed.netloc:
@@ -331,7 +336,8 @@ def validate_remote_url(
         if normalize_host(host) not in allowed_hosts:
             raise BridgeError(f"Download host is not allow-listed: {host}")
 
-    assert_public_host(host)
+    if not allow_local_resolved_hosts:
+        assert_public_host(host)
 
 
 def download_folder_from_config(config: dict) -> Path | None:
@@ -410,6 +416,7 @@ def download_model(
     allowed_hosts: set[str],
     allow_any_original_host: bool,
     allow_plain_http: bool,
+    allow_local_resolved_hosts: bool,
 ) -> Path:
     opener = urllib.request.build_opener(NoRedirectHandler())
     current_url = initial_url
@@ -422,6 +429,7 @@ def download_model(
             allow_any_original_host=allow_any_original_host,
             allow_plain_http=allow_plain_http,
             check_allowlist=redirect_index == 0,
+            allow_local_resolved_hosts=allow_local_resolved_hosts,
         )
 
         request = urllib.request.Request(
@@ -701,6 +709,7 @@ def main(argv: list[str] | None = None) -> int:
         config = load_config()
         security = config["security"]
         allow_plain_http = security.get("allow_plain_http", False)
+        allow_local_resolved_hosts = security.get("allow_local_resolved_hosts", False)
         allowed_extensions = security["allowed_extensions"]
         download_folder = download_folder_from_config(config)
 
@@ -722,6 +731,7 @@ def main(argv: list[str] | None = None) -> int:
             allow_any_original_host=allow_any_original_host,
             allow_plain_http=allow_plain_http,
             check_allowlist=True,
+            allow_local_resolved_hosts=allow_local_resolved_hosts,
         )
 
         command = resolve_bambu_command(config)
@@ -734,6 +744,7 @@ def main(argv: list[str] | None = None) -> int:
             allowed_hosts=allowed_hosts,
             allow_any_original_host=allow_any_original_host,
             allow_plain_http=allow_plain_http,
+            allow_local_resolved_hosts=allow_local_resolved_hosts,
         )
         validate_downloaded_file(local_path)
         check_3mf_post_process(local_path, security["post_process_action"])

src/slicer_uri_bridge/resources/default_config.toml

@@ -3,6 +3,7 @@
 [security]
 allow_plain_http = false
 allow_any_original_host = true
+allow_local_resolved_hosts = false
 allowed_extensions = [".3mf", ".stl", ".step", ".stp", ".obj"]
 # 3MF files can contain Bambu/Orca post-processing commands.
 # Values: "ignore", "warn" (show a warning and open), or "block" (refuse to open).

tests/test_handler.py

@@ -213,6 +213,7 @@ def test_validate_remote_url_checks_allowlist_and_public_host(self) -> None:
                 allow_any_original_host=False,
                 allow_plain_http=False,
                 check_allowlist=True,
+                allow_local_resolved_hosts=False,
             )
 
         assert_public_host.assert_called_once_with("files.example")
@@ -225,6 +226,7 @@ def test_validate_remote_url_rejects_plain_http_by_default(self) -> None:
                 allow_any_original_host=False,
                 allow_plain_http=False,
                 check_allowlist=True,
+                allow_local_resolved_hosts=False,
             )
 
     def test_validate_remote_url_rejects_embedded_credentials(self) -> None:
@@ -235,6 +237,7 @@ def test_validate_remote_url_rejects_embedded_credentials(self) -> None:
                 allow_any_original_host=False,
                 allow_plain_http=False,
                 check_allowlist=True,
+                allow_local_resolved_hosts=False,
             )
 
     def test_validate_remote_url_skips_allowlist_for_redirect_targets(self) -> None:
@@ -245,10 +248,24 @@ def test_validate_remote_url_skips_allowlist_for_redirect_targets(self) -> None:
                 allow_any_original_host=False,
                 allow_plain_http=False,
                 check_allowlist=False,
+                allow_local_resolved_hosts=False,
             )
 
         assert_public_host.assert_called_once_with("cdn.example")
 
+    def test_validate_remote_url_can_allow_local_resolved_hosts(self) -> None:
+        with patch("slicer_uri_bridge.handler.assert_public_host") as assert_public_host:
+            validate_remote_url(
+                "https://localhost/model.3mf",
+                allowed_hosts={"localhost"},
+                allow_any_original_host=False,
+                allow_plain_http=False,
+                check_allowlist=True,
+                allow_local_resolved_hosts=True,
+            )
+
+        assert_public_host.assert_not_called()
+
 
 class FileValidationTests(unittest.TestCase):
     def test_validate_downloaded_file_accepts_non_empty_model_payload(self) -> None:
@@ -402,6 +419,7 @@ def test_load_config_defaults_post_process_action_to_warn(self) -> None:
                 config = load_config()
 
         self.assertEqual(config["security"]["post_process_action"], "warn")
+        self.assertFalse(config["security"].get("allow_local_resolved_hosts", False))
 
 
 class ProtocolFileTests(unittest.TestCase):