upstream/mattermost
1
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2026-04-15 22:12:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 13
22250 commits 1319 branches 1499 tags 2 GiB
Commit graph

5 commits

Author SHA1 Message Date
Jesse Hallam
5d787969c2
MM-67268: Fix SSRF bypass via IPv4-mapped IPv6 literals (#35097) 
Canonicalize IPv4-mapped IPv6 addresses (e.g., ::ffff:127.0.0.1) to
their native IPv4 form in IsReservedIP before checking against reserved
IP ranges. This prevents attackers from bypassing SSRF protections by
using IPv4-mapped IPv6 literals to access internal services.
 2026-01-29 14:36:47 +01:00
Ben Schumacher
53809e4500
Improve HTTP service IP and host validation error messages (#33450) 
Co-authored-by: Nick Misasi <nick.misasi@mattermost.com>
 2025-07-22 14:49:32 +02:00
Claudio Costa
8c41ec75db
httpservice: improve validation of proxied URLs (#29600) 2024-12-19 17:55:42 +00:00
Agniva De Sarker
d89ffe269f
MM-59026: Update reserved IP ranges (#27751) 
https://mattermost.atlassian.net/browse/MM-59026
```release-note
NONE
```
 2024-07-25 19:38:56 +05:30
Christopher Speller
04181247f8
Move HTTP service to public for plugin use (#27284) 
* Move httpservice for use in plugins

* Adapt httpservice for plugin use

* Fix lint
 2024-06-05 09:58:04 -07:00
Renamed from server/platform/services/httpservice/client.go (Browse further)