hz/ebiz-dify-ai
1
0
Fork 0
mirror of http://112.124.100.131/huang.ze/ebiz-dify-ai.git synced 2025-12-10 19:36:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

security/SSRF vulns (#6682)

Browse Source
This commit is contained in:
Yeuoly
2024-07-25 20:50:26 +08:00
committed by GitHub
parent c5ac004f15
commit 79cb23e8ac
3 changed files with 13 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
api/core/helper/ssrf_proxy.py
View File

@@ -17,12 +17,15 @@ proxies = {
'https://': SSRF_PROXY_HTTPS_URL
} if SSRF_PROXY_HTTP_URL and SSRF_PROXY_HTTPS_URL else None
BACKOFF_FACTOR = 0.5
STATUS_FORCELIST = [429, 500, 502, 503, 504]
def make_request(method, url, max_retries=SSRF_DEFAULT_MAX_RETRIES, **kwargs):
if "allow_redirects" in kwargs:
allow_redirects = kwargs.pop("allow_redirects")
if "follow_redirects" not in kwargs:
kwargs["follow_redirects"] = allow_redirects
retries = 0
while retries <= max_retries:
try: