• Thong Kuah's avatar
    Do not allow local urls in Kubernetes form · e5181ff4
    Thong Kuah authored
    Use existing `public_url` validation to block various local urls. Note
    that this validation will allow local urls if the "Allow requests to the
    local network from hooks and services" admin setting is enabled.
    Block KubeClient from using local addresses
    It will also respect `allow_local_requests_from_hooks_and_services` so
    if that is enabled KubeClinet will allow local addresses
security-kubernetes-local-ssrf.yml 93 Bytes