fix(tools): make web SSRF protection opt-in, disabled by default

This commit is contained in:
zhayujie
2026-06-24 19:40:55 +08:00
parent 0c20c5c159
commit 915edbe145
3 changed files with 87 additions and 9 deletions

View File

@@ -25,12 +25,24 @@ if "requests" not in sys.modules:
# =============================================================================
class TestVisionSSRFValidation(unittest.TestCase):
"""Test that _validate_url_safe blocks internal/private URLs."""
"""Test that _validate_url_safe blocks internal/private URLs.
SSRF protection is opt-in (disabled by default); enable it via env for
the duration of these tests.
"""
def setUp(self):
self._prev_ssrf_env = os.environ.get("WEB_SECURITY_SSRF_PROTECTION")
os.environ["WEB_SECURITY_SSRF_PROTECTION"] = "true"
from agent.tools.vision.vision import Vision
self.validate = Vision._validate_url_safe
def tearDown(self):
if self._prev_ssrf_env is None:
os.environ.pop("WEB_SECURITY_SSRF_PROTECTION", None)
else:
os.environ["WEB_SECURITY_SSRF_PROTECTION"] = self._prev_ssrf_env
def test_loopback_ipv4_blocked(self):
"""127.0.0.1 must be rejected."""
with self.assertRaises(ValueError) as ctx: