@abtnode/router-provider 1.16.43-beta-20250430-225854-7914dfe4 → 1.16.43-beta-20250502-005537-bb1702b6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/lib/nginx/includes/security/crs4/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf +9 -1
  2. package/package.json +6 -6
package/lib/nginx/includes/security/crs4/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf CHANGED
@@ -340,7 +340,7 @@ SecRule REQUEST_FILENAME "@beginsWith /api" \
340
340
  "ctl:ruleRemoveByTag=attack-rce"
341
341
 
342
342
  # Allow localhost and 127.0.0.1 in redirect_uri for OAuth
343
- SecRule REQUEST_FILENAME "@contains /.well-known/service/oauth" \
343
+ SecRule REQUEST_FILENAME|ARGS "@contains oauth" \
344
344
  "id:1019,\
345
345
  phase:1,\
346
346
  pass,\
@@ -399,3 +399,11 @@ SecRule REQUEST_FILENAME "@endsWith /api/components/preload" \
399
399
  chain"
400
400
  SecRule REQUEST_METHOD "@pm POST" \
401
401
  "ctl:ruleEngine=Off"
402
+
403
+ # Allow localhost redirects
404
+ SecRule ARGS:redirect "@rx localhost|127\.0\.0\.1" \
405
+ "id:1025,\
406
+ phase:1,\
407
+ pass,\
408
+ nolog,\
409
+ ctl:ruleRemoveByTag=attack-ssrf"
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@abtnode/router-provider",
3
- "version": "1.16.43-beta-20250430-225854-7914dfe4",
3
+ "version": "1.16.43-beta-20250502-005537-bb1702b6",
4
4
  "description": "Routing engine implementations for abt node",
5
5
  "author": "polunzh <polunzh@gmail.com>",
6
6
  "homepage": "https://github.com/ArcBlock/blocklet-server#readme",
@@ -32,10 +32,10 @@
32
32
  "url": "https://github.com/ArcBlock/blocklet-server/issues"
33
33
  },
34
34
  "dependencies": {
35
- "@abtnode/constant": "1.16.43-beta-20250430-225854-7914dfe4",
36
- "@abtnode/logger": "1.16.43-beta-20250430-225854-7914dfe4",
37
- "@abtnode/router-templates": "1.16.43-beta-20250430-225854-7914dfe4",
38
- "@abtnode/util": "1.16.43-beta-20250430-225854-7914dfe4",
35
+ "@abtnode/constant": "1.16.43-beta-20250502-005537-bb1702b6",
36
+ "@abtnode/logger": "1.16.43-beta-20250502-005537-bb1702b6",
37
+ "@abtnode/router-templates": "1.16.43-beta-20250502-005537-bb1702b6",
38
+ "@abtnode/util": "1.16.43-beta-20250502-005537-bb1702b6",
39
39
  "@arcblock/http-proxy": "^1.19.1",
40
40
  "@arcblock/is-valid-domain": "^1.0.5",
41
41
  "axios": "^1.7.9",
@@ -61,5 +61,5 @@
61
61
  "bluebird": "^3.7.2",
62
62
  "fs-extra": "^11.2.0"
63
63
  },
64
- "gitHead": "469f36a58a5906577fe86c5959887e3a0d6f9113"
64
+ "gitHead": "16768b0c0ce5cbbe2acd1b96cf89fb88283bf99c"
65
65
  }