Browse Source

fix: add SSRF validation for fal CDN upload/file URLs

Validate uploadUrl and fileUrl from fal CDN initiate response through
validateMediaUrl() and HTTPS check before performing the PUT request.
Throws if either URL is missing or fails validation.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
handoff-20260429-1057
shrimbly 5 months ago
parent
commit
dde89f18b4
  1. 17
      src/app/api/generate/route.ts

17
src/app/api/generate/route.ts

@ -842,7 +842,22 @@ async function uploadImageToFal(base64DataUrl: string, apiKey: string | null): P
const { upload_url: uploadUrl, file_url: fileUrl } = await initiateResponse.json();
// Step 2: PUT the binary data to the signed URL
// Validate both URLs before using them (SSRF protection)
if (!uploadUrl || !fileUrl) {
throw new Error("fal CDN initiate response missing upload_url or file_url");
}
const uploadUrlCheck = validateMediaUrl(uploadUrl);
if (!uploadUrlCheck.valid || !uploadUrl.startsWith('https://')) {
throw new Error(`fal CDN upload_url failed validation: ${uploadUrlCheck.error || 'not HTTPS'}`);
}
const fileUrlCheck = validateMediaUrl(fileUrl);
if (!fileUrlCheck.valid || !fileUrl.startsWith('https://')) {
throw new Error(`fal CDN file_url failed validation: ${fileUrlCheck.error || 'not HTTPS'}`);
}
// Step 2: PUT the binary data to the validated signed URL
const putResponse = await fetch(uploadUrl, {
method: "PUT",
headers: { "Content-Type": contentType },

Loading…
Cancel
Save