Deno `fetch()` SSRF prevention: Best practices for user-supplied URLs?
What are the best practices for preventing SSRF vulnerabilities when using the
fetch() API in Deno, especially when the input URL for fetch() needs to be arbitrarily received from users?
I understand that using a whitelist for allowed hosts is a good starting point, but I'm looking for a more comprehensive approach. Are there any specific Deno APIs or techniques to effectively block internal IP addresses, limit URL schemes, prevent DNS rebinding attacks, or handle redirects securely? Any example code snippets would be greatly appreciated!1 Reply
Does no one have experience preventing SSRF attacks in Deno? 😂