Skip to content

Commit 948e5d0

Browse files
laraib-Wclaude
andcommitted
Fix Flowise 6602: add HTTP_ALLOW_LIST to bypass SSRF deny list for trusted hosts
Custom MCP servers reachable via Docker Compose service names (e.g. mcp-server) resolve into 172.16.0.0/12 and are rejected by checkDenyList. The only prior escape hatch was HTTP_SECURITY_CHECK=false, which disables SSRF protection globally. Introduces HTTP_ALLOW_LIST — a comma-separated list of hostnames whose deny-list check is skipped. Entries are exact, case-insensitive hostname matches (no wildcards). Applies to both checkDenyList and the pinned-agent resolveAndValidate path used by secureFetch / secureAxiosRequest, so redirect chains remain safe: a hop off an allowed host to an unrelated private IP is still blocked. Adds 13 tests covering the allow list, whitespace/case normalization, DNS-skip behavior in checkDenyList, and the direct-IP + hostname paths in resolveAndValidate via secureFetch. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1 parent bb773ff commit 948e5d0

4 files changed

Lines changed: 205 additions & 54 deletions

File tree

0 commit comments

Comments
 (0)