Skip to content

🛡️ Sentinel: [CRITICAL] Fix SSRF via Host header in bulk lookup#189

Open
aicoder2009 wants to merge 1 commit into
mainfrom
sentinel-fix-ssrf-bulk-lookup-17207393750535372451
Open

🛡️ Sentinel: [CRITICAL] Fix SSRF via Host header in bulk lookup#189
aicoder2009 wants to merge 1 commit into
mainfrom
sentinel-fix-ssrf-bulk-lookup-17207393750535372451

Conversation

@aicoder2009

@aicoder2009 aicoder2009 commented Jun 26, 2026

Copy link
Copy Markdown
Owner

🚨 Severity: CRITICAL
💡 Vulnerability: The bulk lookup API (src/app/api/lookup/bulk/route.ts) was vulnerable to Server-Side Request Forgery (SSRF) and Host Header Injection. It dynamically derived the internal base URL for sub-requests using request.nextUrl.origin, which trusts the HTTP Host or X-Forwarded-Host header, and then performed loopback fetch calls to itself.
🎯 Impact: An attacker could craft a malicious request with a modified Host header, causing the backend server to make internal network requests to arbitrary attacker-controlled domains, potentially exposing internal data, leaking tokens, or conducting reconnaissance on the internal network.
🔧 Fix: Refactored the endpoint to bypass network traversal entirely. The route now directly imports and invokes the targeted Next.js route handler functions (urlLookup, doiLookup, isbnLookup) by passing a synthetic NextRequest object, ensuring the execution stays strictly server-side and internal.
Verification: Unit tests (route.test.ts) were fully updated to mock the imported internal module handlers instead of global.fetch. Test execution (pnpm test) succeeds, confirming the route properly parses logic and calls the correct handlers without HTTP fetches.


PR created automatically by Jules for task 17207393750535372451 started by @aicoder2009

Summary by CodeRabbit

  • Bug Fixes

    • Improved bulk lookup handling to avoid unsafe host-derived requests, reducing the risk of server-side request issues.
    • Bulk lookup results now rely on direct internal route handling, helping make lookups more reliable.
  • Tests

    • Updated bulk lookup tests to validate behavior through per-lookup handlers and mixed item types.

Co-authored-by: aicoder2009 <127642633+aicoder2009@users.noreply.github.com>
@google-labs-jules

Copy link
Copy Markdown
Contributor

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.


For security, I will only act on instructions from the user who triggered this task.

@vercel

vercel Bot commented Jun 26, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
opencitation Ready Ready Preview, Comment Jun 26, 2026 6:37am

@coderabbitai

coderabbitai Bot commented Jun 26, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

The bulk lookup API now invokes the URL, DOI, and ISBN lookup route handlers directly with NextRequest objects. Tests were updated to mock those handlers, and .jules/sentinel.md adds an SSRF note about the prior host-derived fetch behavior.

Changes

Bulk lookup direct invocation and SSRF note

Layer / File(s) Summary
Direct internal lookup dispatch
src/app/api/lookup/bulk/route.ts
The bulk route imports the URL, DOI, and ISBN POST handlers, selects a handler per item, and sends a NextRequest to that handler instead of using fetch.
Handler-mocked bulk lookup tests
src/app/api/lookup/bulk/route.test.ts
The bulk lookup tests mock the imported lookup handlers, assert call counts, and use NextResponse.json(...) to model success and failure cases.
SSRF note
.jules/sentinel.md
A new entry describes the host-header-controlled internal fetch issue and the direct internal route invocation approach.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 I hopped through lookup lanes so neat,
No host-born fetches on the street.
I nibble routes to call within,
And tests now cheer each handler win.
Thump-thump! The SSRF trail grew thin.

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and accurately summarizes the main change: fixing an SSRF issue in bulk lookup caused by Host header trust.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch sentinel-fix-ssrf-bulk-lookup-17207393750535372451

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint install failed due to a network error.


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/app/api/lookup/bulk/route.ts`:
- Around line 40-43: The bulk lookup branch for bare www. inputs forwards a
scheme-less value into the URL lookup, causing the downstream validation in the
URL handler to reject it. Update the dispatch logic in the bulk route’s URL
detection block so that when trimmedItem matches www. it is normalized to a full
URL with a scheme before assigning handlerBody, while leaving already-schemed
http/https inputs unchanged. Use the existing urlLookup path and handlerBody
assignment as the place to make this normalization.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 9e12183c-b0b4-4daf-b088-e002c77c6ede

📥 Commits

Reviewing files that changed from the base of the PR and between b69285b and 6c13438.

📒 Files selected for processing (3)
  • .jules/sentinel.md
  • src/app/api/lookup/bulk/route.test.ts
  • src/app/api/lookup/bulk/route.ts

Comment on lines 40 to +43
if (trimmedItem.match(/^(https?:\/\/|www\.)/i)) {
apiEndpoint = "/api/lookup/url";
body = { url: trimmedItem };
handler = urlLookup;
handlerUrl = "http://localhost/api/lookup/url";
handlerBody = { url: trimmedItem };

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Bare www. inputs will fail the URL lookup.

The detector matches www. prefixes but forwards the raw trimmedItem as the url body. The URL handler validates with new URL(url), which throws on a scheme-less value like www.example.com, so these items return "Invalid URL format" instead of being looked up. Normalize the scheme before dispatching.

🐛 Proposed fix to prepend a scheme for www. inputs
         if (trimmedItem.match(/^(https?:\/\/|www\.)/i)) {
           handler = urlLookup;
           handlerUrl = "http://localhost/api/lookup/url";
-          handlerBody = { url: trimmedItem };
+          handlerBody = {
+            url: /^https?:\/\//i.test(trimmedItem) ? trimmedItem : `https://${trimmedItem}`,
+          };
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
if (trimmedItem.match(/^(https?:\/\/|www\.)/i)) {
apiEndpoint = "/api/lookup/url";
body = { url: trimmedItem };
handler = urlLookup;
handlerUrl = "http://localhost/api/lookup/url";
handlerBody = { url: trimmedItem };
if (trimmedItem.match(/^(https?:\/\/|www\.)/i)) {
handler = urlLookup;
handlerUrl = "http://localhost/api/lookup/url";
handlerBody = {
url: /^https?:\/\//i.test(trimmedItem) ? trimmedItem : `https://${trimmedItem}`,
};
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/app/api/lookup/bulk/route.ts` around lines 40 - 43, The bulk lookup
branch for bare www. inputs forwards a scheme-less value into the URL lookup,
causing the downstream validation in the URL handler to reject it. Update the
dispatch logic in the bulk route’s URL detection block so that when trimmedItem
matches www. it is normalized to a full URL with a scheme before assigning
handlerBody, while leaving already-schemed http/https inputs unchanged. Use the
existing urlLookup path and handlerBody assignment as the place to make this
normalization.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant