Fix Cloudflare Worker remote media conversion#727
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Olmo Maldonado (ibolmo)
changed the title
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5db75087ee
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "Codex (@codex) review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "Codex (@codex) address that feedback".
|
|
||
| return { address: addresses[0].address, url }; | ||
| return { | ||
| address: transport === "node" ? addresses[0] : hostname, |
There was a problem hiding this comment.
When running in Cloudflare Workers, this returns the original hostname after resolveHostnameAddresses() has validated a public address, and fetchValidatedMediaUrl() then calls native fetch(url.toString()), which performs a separate DNS resolution. For an attacker-controlled media hostname that returns a public IP during validation and then a private/link-local IP for the subsequent fetch, this reopens the SSRF case that the Node path avoids by connecting to addresses[0].
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
we can't really fix this. this requires other node modules that are not in cloudflare. what this is complaining about is:
validate...()
<-- in between these two someone could change the url to poitn to something else
fetch();
because we're movign away from the ai proxy "soon" i think it's acceptable to avoid redirect pinning for cloudflare for now.
Alex Z (CLowbrow)
left a comment
Alex Z (CLowbrow)
left a comment
There was a problem hiding this comment.
Please fix codex p1
3 participants
Context
Remote media normalization runs inside the Cloudflare Worker proxy for multimodal provider requests. The previous hostname validation/fetch path depended on Node DNS lookup plus the Node HTTP transport; remote Worker testing showed public media URLs can fail through that transport even though the same URLs work through Worker-native
fetch.Description
Resolver.resolve4()/resolve6()instead ofdns.promises.lookup().fetchfor Cloudflare Workers while preserving the DNS-pinned Nodehttp/httpstransport for Node runtimes.pnpm run test:cloudflare-workerplus a gated CI job that runs a remote Wrangler Worker media conversion check whenTEST_CLOUDFLARE_API_TOKENandTEST_CLOUDFLARE_ACCOUNT_IDsecrets are available.