Module: SsrfFilter::Patch::HTTPGenericRequest
- Defined in:
- lib/ssrf_filter/patch/http_generic_request.rb
Class Method Summary collapse
-
.apply! ⇒ Object
Apply the patch from the linked commit onto ::Net::HTTPGenericRequest.
-
.should_apply? ⇒ Boolean
Ruby had a bug in its Http library where if you set a custom ‘Host` header on a request it would get overwritten.
Class Method Details
.apply! ⇒ Object
Apply the patch from the linked commit onto ::Net::HTTPGenericRequest. Since this is 3rd party code, disable code coverage and rubocop linting for this section. :nocov: rubocop:disable all
30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 |
# File 'lib/ssrf_filter/patch/http_generic_request.rb', line 30 def self.apply! return if instance_variable_defined?(:@checked_http_generic_request) @checked_http_generic_request = true return unless should_apply? ::Net::HTTPGenericRequest.class_eval do def exec(sock, ver, path) if @body send_request_with_body sock, ver, path, @body elsif @body_stream send_request_with_body_stream sock, ver, path, @body_stream elsif @body_data send_request_with_body_data sock, ver, path, @body_data else write_header sock, ver, path end end def update_uri(addr, port, ssl) # reflect the connection and @path to @uri return unless @uri if ssl scheme = 'https'.freeze klass = URI::HTTPS else scheme = 'http'.freeze klass = URI::HTTP end if host = self['host'] host.sub!(/:.*/s, ''.freeze) elsif host = @uri.host else host = addr end # convert the class of the URI if @uri.is_a?(klass) @uri.host = host @uri.port = port else @uri = klass.new( scheme, @uri.userinfo, host, port, nil, @uri.path, nil, @uri.query, nil) end end end end |
.should_apply? ⇒ Boolean
Ruby had a bug in its Http library where if you set a custom ‘Host` header on a request it would get overwritten. This was tracked in: bugs.ruby-lang.org/issues/10054 and resolved with the commit: github.com/ruby/ruby/commit/70a2eb63999265ff7e8d46d1f5b410c8ee3d30d7#diff-5c08b4ae27d2294a8294a27ff9af4a85 Versions of Ruby that don’t have this fix applied will fail to connect to certain hosts via SsrfFilter. The patch below backports the fix from the linked commit.
14 15 16 17 18 19 20 21 22 23 24 |
# File 'lib/ssrf_filter/patch/http_generic_request.rb', line 14 def self.should_apply? # Check if the patch needs to be applied: # The Ruby bug was that HTTPGenericRequest#exec overwrote the Host header, so this snippet checks # if we can reproduce that behavior. It does not actually open any network connections. uri = URI('https://www.example.com') request = ::Net::HTTPGenericRequest.new('HEAD', false, false, uri) request['host'] = '127.0.0.1' request.exec(StringIO.new, '1.1', '/') request['host'] == uri.hostname end |