youngkingdom/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-05-29 05:07:55 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
9e2b6325f3d5fecbe66ddae59a145a03e6a91cb7
dify/docker/ssrf_proxy/conf.d.example
History
-LAN- 23c97ec7f7 chore: strengthen SSRF proxy default configuration 
- Block all private/internal networks by default to prevent SSRF attacks
- Restrict allowed ports to only HTTP (80) and HTTPS (443)
- Remove default domain allowlists (e.g., marketplace.dify.ai)
- Implement deny-all-by-default policy with explicit whitelisting
- Add example configuration files for common customization scenarios
- Provide comprehensive documentation for security configuration

Fixes #24392
2025-09-01 13:45:07 +08:00
..
10-allow-marketplace.conf.example
chore: strengthen SSRF proxy default configuration
2025-09-01 13:45:07 +08:00
20-allow-internal-services.conf.example
chore: strengthen SSRF proxy default configuration
2025-09-01 13:45:07 +08:00
30-allow-external-domains.conf.example
chore: strengthen SSRF proxy default configuration
2025-09-01 13:45:07 +08:00
40-allow-additional-ports.conf.example
chore: strengthen SSRF proxy default configuration
2025-09-01 13:45:07 +08:00