JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 45081
  • Score
    100M100P100Q167563F
  • License MIT

Module to prevent SSRF when making requests

Package Exports

  • ssrf-req-filter

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (ssrf-req-filter) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

ssrf-req-filter - Prevent SSRF Attacks 🛡️

David npm NPM GitHub Workflow Status

Server-Side Request Forgery (SSRF)

SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself. One of the enablers for this vector is the mishandling of URLs. Read More

Install

npm install ssrf-req-filter

Usage

  • Axios:
const ssrfFilter = require('ssrf-req-filter');
axios.get(url, {httpAgent: ssrfFilter(url), httpsAgent: ssrfFilter(url)})
      .then((response) => {
        console.log(`Success`);
      })
      .catch((error) => {
        console.log(`${error.toString().split('\n')[0]}`);
      })
      .then(() => {

      });

Credits: Implementation inspired By https://github.com/welefen/ssrf-agent