Skip to content

Commit

Permalink
Merge pull request #1833 from itowlson/report-blocked-http-hosts
Browse files Browse the repository at this point in the history
Always print warning on blocked outbound HTTP
  • Loading branch information
itowlson authored Oct 3, 2023
2 parents 179f78c + ac4d6c6 commit b4c54ca
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 0 deletions.
1 change: 1 addition & 0 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions crates/outbound-http/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -14,5 +14,6 @@ reqwest = { version = "0.11", features = ["gzip"] }
spin-app = { path = "../app" }
spin-core = { path = "../core" }
spin-world = { path = "../world" }
terminal = { path = "../terminal" }
tracing = { workspace = true }
url = "2.2.1"
10 changes: 10 additions & 0 deletions crates/outbound-http/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,10 @@ impl outbound_http::Host for OutboundHttp {
.map_err(|_| HttpError::RuntimeError)?
{
tracing::log::info!("Destination not allowed: {}", req.uri);
if let Some(host) = host(&req.uri) {
terminal::warn!("A component tried to make a HTTP request to non-allowed host '{host}'.");
eprintln!("To allow requests, add 'allowed_http_hosts = [\"{host}\"]' to the manifest component section.");
}
return Err(HttpError::DestinationNotAllowed);
}

Expand Down Expand Up @@ -167,3 +171,9 @@ fn response_headers(h: &HeaderMap) -> anyhow::Result<Option<Vec<(String, String)

Ok(Some(res))
}

fn host(url: &str) -> Option<String> {
url::Url::parse(url)
.ok()
.and_then(|u| u.host().map(|h| h.to_string()))
}

0 comments on commit b4c54ca

Please # to comment.