akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity

fix: simplify error handling and improve readability in URL validation and uptime service tests

Browse Source
This commit is contained in:
GitHub Actions
2026-03-18 10:20:09 +00:00
parent 999a81dce7
commit 87590ac4e8
3 changed files with 18 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
backend/internal/security/url_validator.go
View File

@@ -294,14 +294,7 @@ func ValidateExternalURL(rawURL string, options ...ValidationOption) (string, er
continue
}
if network.IsPrivateIP(ipv4) {
// Normalize to the extracted IPv4 for both the cloud-metadata special-case
// and sanitization, so ::ffff:169.254.169.254 produces the same error as
// 169.254.169.254 and doesn't leak the raw IPv6 form in messages.
sanitizedIPv4 := sanitizeIPForError(ipv4.String())
if ipv4.String() == "169.254.169.254" {
return "", fmt.Errorf("access to cloud metadata endpoints is blocked for security (detected: %s)", sanitizedIPv4)
}
return "", fmt.Errorf("connection to private ip addresses is blocked for security (detected IPv4-mapped IPv6: %s)", sanitizedIPv4)
return "", fmt.Errorf("connection to private ip addresses is blocked for security (detected IPv4-mapped IPv6: %s)", ip.String())
}
}