Disable env proxies for SSRF-safe requests

This commit is contained in:
Rip&Tear
2026-06-24 14:22:18 +08:00
parent 3f4d1355ec
commit 8593b8990a
2 changed files with 27 additions and 0 deletions

View File

@@ -128,6 +128,9 @@ def create_safe_session() -> requests.Session:
connections to the validated peer IP.
"""
session = requests.Session()
# Ambient proxy settings bypass the protected pool classes via requests'
# proxy manager path, so safe fetches must opt out of environment config.
session.trust_env = False
adapter = SSRFProtectedAdapter()
session.mount("http://", adapter)
session.mount("https://", adapter)

View File

@@ -69,6 +69,30 @@ class TestRedirectRevalidation:
session = create_safe_session()
assert isinstance(session.get_adapter("http://x"), SSRFProtectedAdapter)
assert isinstance(session.get_adapter("https://x"), SSRFProtectedAdapter)
assert session.trust_env is False
def test_safe_get_ignores_environment_proxies(self, monkeypatch):
"""Environment proxies must not route safe fetches around the safe pool."""
monkeypatch.setenv("HTTP_PROXY", "http://127.0.0.1:9999")
monkeypatch.setenv("HTTPS_PROXY", "http://127.0.0.1:9999")
monkeypatch.setattr(safe_requests, "validate_url", lambda url: url)
def fail_proxy_manager(self, proxy, **proxy_kwargs):
raise AssertionError("safe_get unexpectedly used an environment proxy")
def fake_send(self, request, **kwargs):
assert kwargs["proxies"] == {}
response = requests.Response()
response.status_code = 200
response.url = request.url
return response
monkeypatch.setattr(SSRFProtectedAdapter, "proxy_manager_for", fail_proxy_manager)
monkeypatch.setattr(requests.adapters.HTTPAdapter, "send", fake_send)
response = safe_get("http://example.com/", timeout=10)
assert response.status_code == 200
class _FakeSock: