preventing abuse of user-configurable fetches
Is there a general way of combatting stuff like that when providing the option of user-configurable outbound web-traffic?
4 Replies
do you mean combatting SSRF https://portswigger.net/web-security/ssrf ?
internally convex uses something like https://github.com/stripe/smokescreen to prevent your
fetch from contacting internal convex servers. but if you're writing http actions, they are accessible from anywhere including themselvesWhat is SSRF (Server-side request forgery)? Tutorial & Examples | W...
In this section we explain what server-side request forgery (SSRF) is, and describe some common examples. We also show you how to find and exploit SSRF ...
GitHub
GitHub - stripe/smokescreen: A simple HTTP proxy that fogs over nau...
A simple HTTP proxy that fogs over naughty URLs - GitHub - stripe/smokescreen: A simple HTTP proxy that fogs over naughty URLs
I think I need to think about what the desired behavior should be here. I am wanting the Convex-app to be able to call itself using HTTP. But I also need to break chain when it gets too deep. I can probably do it with a healthy mixture of headers and rate-limiting. And, of course, charging the customer on a per-call basis.
cool good idea. you could consider adding a request param or header that indicates recursion depth, so it throws an error after a certain depth
Yes, I already added that, but I was confused by the OpenAI client library that seems to both have implicit retries and not breaking the retry-chain on 400-messages. I might be wrong, but this certainly seems solvable, thanks for the help.