[PR #19201] [CLOSED] feat/security: Add SSRF protection with configurable blocklist #63984

New Issue

GiteaMirror · 2026-05-06T09:14:08-05:00

GiteaMirror commented

2026-05-06 09:14:08 -05:00

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/19201
Author: @Classic298
Created: 11/15/2025
Status: ❌ Closed

Base: dev ← Head: sec-enhance-web-fetch

📝 Commits (6)

6269482 fix: Add SSRF protection for web fetch endpoints (#37)
475b0f8 Update config.py
d915a3b Update utils.py
2d61d11 feat: implement unified web fetch filter list with allow/block support (#53)
bf3026b Merge branch 'dev' into sec-enhance-web-fetch
7943ed6 refactor: unify URL filtering logic with DNS resolution security (#57)

📊 Changes

3 files changed (+79 additions, -5 deletions)

View changed files

📝 backend/open_webui/config.py (+17 -0)
📝 backend/open_webui/retrieval/web/main.py (+39 -4)
📝 backend/open_webui/retrieval/web/utils.py (+23 -1)

📄 Description

Target branch: Verify that the pull request targets the dev branch. Not targeting the dev branch will lead to immediate closure of the PR.
Description: Provide a concise description of the changes made in this pull request down below.
Changelog: Ensure a changelog entry following the format of Keep a Changelog is added at the bottom of the PR description.
Documentation: If necessary, update relevant documentation Open WebUI Docs like environment variables, the tutorials, or other documentation sources.
Dependencies: Are there any new dependencies? Have you updated the dependency versions in the documentation?
Testing: Perform manual tests to verify the implemented fix/feature works as intended AND does not break any other functionality. Take this as an opportunity to make screenshots of the feature/fix and include it in the PR description.
Agentic AI Code: Confirm this Pull Request is not written by any AI Agent or has at least gone through additional human review AND manual testing. If any AI Agent is the co-author of this PR, it may lead to immediate closure of the PR.
Code review: Have you performed a self-review of your code, addressing any coding standard issues and ensuring adherence to the project's coding standards?
Title Prefix: To clearly categorize this pull request, prefix the pull request title using one of the following:
- feat: Introduces a new feature or enhancement to the codebase

Changelog Entry

Description

Adds a hardcoded list of common cloud metadata endpoints that will be blocked when attempting to fetch them using the web fetch feature.

Adds a configurable env var to allow admins to define additional blocklisted hostnames and IPs

Screenshots or Videos

Contributor License Agreement

By submitting this pull request, I confirm that I have read and fully agree to the Contributor License Agreement (CLA), and I am providing my contributions under its terms.

Note

Deleting the CLA section will lead to immediate closure of your PR and it will not be merged in.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/19201 **Author:** [@Classic298](https://github.com/Classic298) **Created:** 11/15/2025 **Status:** ❌ Closed **Base:** `dev` ← **Head:** `sec-enhance-web-fetch` --- ### 📝 Commits (6) - [`6269482`](https://github.com/open-webui/open-webui/commit/62694821d960ad5774f29ae05692f5ecb162d78c) fix: Add SSRF protection for web fetch endpoints (#37) - [`475b0f8`](https://github.com/open-webui/open-webui/commit/475b0f8690fcc1db34bce436389581e816145a26) Update config.py - [`d915a3b`](https://github.com/open-webui/open-webui/commit/d915a3b1772b7c1f6e61354d7a4d62c15b7dd275) Update utils.py - [`2d61d11`](https://github.com/open-webui/open-webui/commit/2d61d111f72b5655e143c6197ed0d132cb17645e) feat: implement unified web fetch filter list with allow/block support (#53) - [`bf3026b`](https://github.com/open-webui/open-webui/commit/bf3026be4145980a17e98900bbd901088024e80a) Merge branch 'dev' into sec-enhance-web-fetch - [`7943ed6`](https://github.com/open-webui/open-webui/commit/7943ed662c6daf623943217a693b9b38ceaa37f9) refactor: unify URL filtering logic with DNS resolution security (#57) ### 📊 Changes **3 files changed** (+79 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `backend/open_webui/config.py` (+17 -0) 📝 `backend/open_webui/retrieval/web/main.py` (+39 -4) 📝 `backend/open_webui/retrieval/web/utils.py` (+23 -1) </details> ### 📄 Description - [X] **Target branch:** Verify that the pull request targets the `dev` branch. **Not targeting the `dev` branch will lead to immediate closure of the PR.** - [X] **Description:** Provide a concise description of the changes made in this pull request down below. - [X] **Changelog:** Ensure a changelog entry following the format of [Keep a Changelog](https://keepachangelog.com/) is added at the bottom of the PR description. - [x] **Documentation:** If necessary, update relevant documentation [Open WebUI Docs](https://github.com/open-webui/docs) like environment variables, the tutorials, or other documentation sources. - [X] **Dependencies:** Are there any new dependencies? Have you updated the dependency versions in the documentation? - [x] **Testing:** Perform manual tests to **verify the implemented fix/feature works as intended AND does not break any other functionality**. Take this as an opportunity to **make screenshots of the feature/fix and include it in the PR description**. - [X] **Agentic AI Code:** Confirm this Pull Request is **not written by any AI Agent** or has at least **gone through additional human review AND manual testing**. If any AI Agent is the co-author of this PR, it may lead to immediate closure of the PR. - [X] **Code review:** Have you performed a self-review of your code, addressing any coding standard issues and ensuring adherence to the project's coding standards? - [X] **Title Prefix:** To clearly categorize this pull request, prefix the pull request title using one of the following: - **feat**: Introduces a new feature or enhancement to the codebase # Changelog Entry ### Description Adds a hardcoded list of common cloud metadata endpoints that will be blocked when attempting to fetch them using the web fetch feature. Adds a configurable env var to allow admins to define additional blocklisted hostnames and IPs ### Screenshots or Videos <img width="472" height="16" alt="image" src="https://github.com/user-attachments/assets/68ee29cf-b5d8-41c7-a31d-a84c8ccb1368" /> <img width="912" height="300" alt="image" src="https://github.com/user-attachments/assets/59150968-19cc-401f-a318-ad99861302ee" /> <img width="415" height="168" alt="image" src="https://github.com/user-attachments/assets/6b70a1ee-c10d-46cf-9f92-08655ad43cff" /> <img width="1334" height="46" alt="image" src="https://github.com/user-attachments/assets/0f9e6344-6cc9-4e8d-8465-ca4e17996d2c" /> ### Contributor License Agreement By submitting this pull request, I confirm that I have read and fully agree to the [Contributor License Agreement (CLA)](https://github.com/open-webui/open-webui/blob/main/CONTRIBUTOR_LICENSE_AGREEMENT), and I am providing my contributions under its terms. > [!NOTE] > Deleting the CLA section will lead to immediate closure of your PR and it will not be merged in. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

GiteaMirror added the pull-request label 2026-05-06 09:14:08 -05:00

GiteaMirror closed this issue

2026-05-06 09:14:11 -05:00

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#63984