@aikidosec/firewall/vulnerabilities/ssrf/findHostnameInContext.js

Zen by Aikido is an embedded Web Application Firewall that autonomously protects Node.js apps against common and critical attacks

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.findHostnameInContext = findHostnameInContext;
const Source_1 = require("../../agent/Source");
const attackPath_1 = require("../../helpers/attackPath");
const extractStringsFromUserInputCached_1 = require("../../helpers/extractStringsFromUserInputCached");
const findHostnameInUserInput_1 = require("./findHostnameInUserInput");
const isRequestToItself_1 = require("./isRequestToItself");
function findHostnameInContext(hostname, context, port) {
    if (context.url &&
        (0, isRequestToItself_1.isRequestToItself)({
            serverUrl: context.url,
            outboundHostname: hostname,
            outboundPort: port,
        })) {
        // We don't want to block outgoing requests to the same host as the server
        // (often happens that we have a match on headers like `Host`, `Origin`, `Referer`, etc.)
        return undefined;
    }
    for (const source of Source_1.SOURCES) {
        const userInput = (0, extractStringsFromUserInputCached_1.extractStringsFromUserInputCached)(context, source);
        if (!userInput) {
            continue;
        }
        for (const str of userInput) {
            const found = (0, findHostnameInUserInput_1.findHostnameInUserInput)(str, hostname, port);
            if (found) {
                const paths = (0, attackPath_1.getPathsToPayload)(str, context[source]);
                return {
                    source: source,
                    pathsToPayload: paths,
                    payload: str,
                    port: port,
                    hostname: hostname,
                };
            }
        }
    }
    return undefined;
}