groove/audiobookshelf
1
0
Fork 0
mirror of https://github.com/advplyr/audiobookshelf.git synced 2026-05-08 23:09:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Implement SSRF filter for podcast episode downloads

Browse source
This commit is contained in:
advplyr 2026-04-25 16:46:54 -05:00
parent 7c0ca44727
commit 3ccdcaec1a
1 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
server/utils/ffmpegHelpers.js
View file

@ -1,4 +1,5 @@
const axios = require('axios')
const ssrfFilter = require('ssrf-req-filter')
const Ffmpeg = require('../libs/fluentFfmpeg')
const ffmpgegUtils = require('../libs/fluentFfmpeg/utils')
const fs = require('../libs/fsExtra')
@ -97,6 +98,8 @@ async function resizeImage(filePath, outputPath, width, height) {
module.exports.resizeImage = resizeImage
/**
* Download podcast episode
* Uses SSRF filter to prevent internal URLs
*
* @param {import('../objects/PodcastEpisodeDownload')} podcastEpisodeDownload
* @returns {Promise<{success: boolean, isRequestError?: boolean}>}
@ -121,7 +124,9 @@ module.exports.downloadPodcastEpisode = (podcastEpisodeDownload) => {
Accept: '*/*',
'User-Agent': userAgent
},
timeout: global.PodcastDownloadTimeout
timeout: global.PodcastDownloadTimeout,
httpAgent: global.DisableSsrfRequestFilter?.(podcastEpisodeDownload.url) ? null : ssrfFilter(podcastEpisodeDownload.url),
httpsAgent: global.DisableSsrfRequestFilter?.(podcastEpisodeDownload.url) ? null : ssrfFilter(podcastEpisodeDownload.url)
})
Logger.debug(`[ffmpegHelpers] Successfully connected with User-Agent: ${userAgent}`)