Add env ALLOW_ANY_HOST to skip host check (#16351)

2026-06-29 15:31:05 +08:00 · 2026-06-25 17:17:02 +08:00
parent 6e7aa75e71
commit 97c519662a
3 changed files with 34 additions and 0 deletions
--- a/common/ssrf_guard.py
+++ b/common/ssrf_guard.py
@@ -21,6 +21,7 @@ Uses only the standard library so it can be imported from both ``api/`` and

 import ipaddress
 import logging
+import os
 import socket
 import threading
 from contextlib import contextmanager
@@ -91,6 +92,11 @@ def pin_dns_global(hostname: str, ip: str):


 _DEFAULT_ALLOWED_SCHEMES: frozenset[str] = frozenset({"http", "https"})
+_ALLOW_ANY_HOST_ENV = "ALLOW_ANY_HOST"
+
+
+def _allow_any_host() -> bool:
+    return os.environ.get(_ALLOW_ANY_HOST_ENV, "").strip().lower() in {"1", "true", "yes", "on"}


 def _effective_ip(
@@ -181,8 +187,16 @@ def assert_host_is_safe(host: str) -> str:

    Returns the first validated public IP string so the caller can pin it if needed.
    """
+    host = host.strip()
    if not host:
        raise ValueError("Host must not be empty.")
+    if _allow_any_host():
+        logger.warning(
+            "SSRF guard bypass enabled via %s; allowing host without validation: host=%r",
+            _ALLOW_ANY_HOST_ENV,
+            host,
+        )
+        return host

    try:
        addr_infos = socket.getaddrinfo(host, None)
--- a/docker/.env
+++ b/docker/.env
@@ -161,6 +161,10 @@ GO_ADMIN_PORT=9383
 # API_PROXY_SCHEME=hybrid # go and python hybrid deploy mode
 API_PROXY_SCHEME=python # use pure python server deployment

+# Development-only: set to 1 to bypass host safety checks for test_db_connection and allow private/local database hosts.
+# Do not enable in production.
+ALLOW_ANY_HOST=0
+
 # The RAGFlow Docker image to download. v0.22+ doesn't include embedding models.
 RAGFLOW_IMAGE=infiniflow/ragflow:v0.26.1

--- a/internal/service/agent_dbcheck.go
+++ b/internal/service/agent_dbcheck.go
@@ -24,6 +24,7 @@ import (
 	"fmt"
 	"net"
 	"net/netip"
+	"os"
 	"strconv"
 	"strings"
 	"time"
@@ -53,6 +54,12 @@ func AssertHostIsSafe(host string) (string, error) {
 	if host == "" {
 		return "", errors.New("Host must not be empty.")
 	}
+	if allowAnyHost() {
+		zap.L().Warn("SSRF guard bypass enabled via ALLOW_ANY_HOST; allowing host without validation",
+			zap.String("host", host),
+		)
+		return host, nil
+	}

 	ips, err := net.LookupIP(host)
 	if err != nil {
@@ -95,6 +102,15 @@ func AssertHostIsSafe(host string) (string, error) {
 	return resolvedIP, nil
 }

+func allowAnyHost() bool {
+	switch strings.ToLower(strings.TrimSpace(os.Getenv("ALLOW_ANY_HOST"))) {
+	case "1", "true", "yes", "on":
+		return true
+	default:
+		return false
+	}
+}
+
 func isPublicAddr(addr netip.Addr) bool {
 	addr = addr.Unmap()