fix: harden fetching on upload endpoint (#14012)

2026-04-08 10:47:54 +05:30
parent 4f94ad4a75
commit 871f2f4d56
7 changed files with 494 additions and 29 deletions
--- a/2
+++ b/2
@@ -40,6 +40,8 @@ gem 'json_refs'
 gem 'rack-attack', '>= 6.7.0'
 # a utility tool for streaming, flexible and safe downloading of remote files
 gem 'down'
+# SSRF-safe URL fetching
+gem 'ssrf_filter', '~> 1.5'
 # authentication type to fetch and send mail over oauth2.0
 gem 'gmail_xoauth'
 # Lock net-smtp to 0.3.4 to avoid issues with gmail_xoauth2