Avoid potential server side request forgeries (SSRFs)

문서 > Datadog 보안 > Code Security > Static Code Analysis (SAST) > SAST 규칙 > Avoid potential server side request forgeries (SSRFs)

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Metadata

ID: csharp-security/avoid-potential-ssrf

Language: C#

Severity: Error

Category: Security

CWE: 918

Description

No description found

Non-Compliant Code Examples

using System.Net.Http;
using Microsoft.AspNetCore.Mvc;

public class DocumentController : Controller
{
    private readonly HttpClient _httpClient;
    
    public DocumentController(HttpClient httpClient)
    {
        _httpClient = httpClient;
    }
    
    [HttpPost]
    public async Task<IActionResult> FetchDocument(string documentUrl)
    {
        var response = await _httpClient.GetAsync(documentUrl); // Noncompliant
        var content = await response.Content.ReadAsStringAsync();
        return Content(content);
    }
}

Compliant Code Examples

public class DocumentController : Controller
{
    private readonly HttpClient _httpClient;
    private readonly HashSet<string> _allowedHosts = new() 
    { 
        "api.company.com", 
        "documents.trusted.org" 
    };
    
    public DocumentController(HttpClient httpClient)
    {
        _httpClient = httpClient;
    }
    
    [HttpPost]
    public async Task<IActionResult> FetchDocument(string documentUrl)
    {
        if (!Uri.TryCreate(documentUrl, UriKind.Absolute, out Uri uri))
        {
            return BadRequest("Invalid URL format");
        }
        
        if (uri.Scheme != "https" || !_allowedHosts.Contains(uri.Host))
        {
            return BadRequest("URL not allowed");
        }
        
        var response = await _httpClient.GetAsync(documentUrl);
        var content = await response.Content.ReadAsStringAsync();
        return Content(content);
    }
}