feat: add 5 ssrf-guard demos for v3.0.0 multi-module release#6
Merged
Conversation
One demo per significant module — every demo is standalone, self-
contained, and runnable with `./gradlew bootRun`. Each comes with:
- A focused README with curl examples (allowed + blocked paths)
- Spring Boot integration (so curl works out of the box)
- Smoke tests proving the guard blocks the canonical attacks
- Attack-pattern matrix where relevant
Demos:
ssrf-guard-demo
Three Spring HTTP clients (RestClient, RestTemplate, WebClient) wired
through the same UrlPolicy. /attacks catalogues 15 SSRF bypass patterns
with pre-built curls — copy-paste any one to see the block decision.
Includes Micrometer + actuator so /actuator/prometheus shows
ssrf_guard_blocked_total counters.
ssrf-guard-springai-demo ⭐
The differentiating story for ssrf-guard. A FakeLlmService stands in
for a real ChatClient (so the demo runs offline, no API key) and
drives a fetch_url ToolCallback. ssrf-guard-springai's
BeanPostProcessor auto-wraps the tool — URL-shaped arguments are
validated before the tool runs, with attacker-controlled URLs
returning a structured JSON error the LLM can interpret.
ssrf-guard-feign-demo
Spring Cloud OpenFeign integration. Two @FeignClient interfaces —
one whitelisted (httpbin.org), one not (evil.com) — show the
RequestInterceptor block path. Pinned to Spring Cloud 2025.0.x for
Spring Boot 3.5 compatibility.
ssrf-guard-jdkhttp-demo
java.net.http.HttpClient wrapper — the library has no Spring
dependency itself, the demo uses Spring Boot only to expose a curl
endpoint. Three-line wiring in main() shows the non-Spring usage.
ssrf-guard-okhttp-demo
OkHttp Interceptor + Dns integration — same non-Spring story.
Three-line OkHttpClient.Builder configuration.
All demos depend on freshly-published `kr.devslab:ssrf-guard-*:3.0.0`
artifacts from Maven Central. CI auto-detects them via the existing
top-level matrix workflow.
Notes:
- The feign / jdkhttp / okhttp demos work around a v3.0.0 autoconfig
bug by explicitly pulling in `io.micrometer:micrometer-core`. v3.0.1
will gate the metrics bean by class-presence to remove this
requirement.
- Spring Cloud 2024.0.x is NOT compatible with Spring Boot 3.5; the
feign demo uses 2025.0.2 instead.
This was referenced May 23, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds five runnable demos — one per significant module from the
ssrf-guardv3.0.0 release. Each demo is a standalone Spring Boot app with curl-ready endpoints and smoke tests.Demos
ssrf-guard-demoUrlPolicy./attacksendpoint catalogues 15 SSRF bypass patterns with pre-built curls. Includes Micrometer + actuator.ssrf-guard-springai-demo⭐FakeLlmServicesimulates a realChatClientdriving afetch_urltool. The auto-wrap on everyToolCallbackbean blocks URL-shaped attacker arguments before the tool runs — and returns a structured JSON error the LLM can interpret.ssrf-guard-feign-demo@FeignClientinterfaces (one whitelisted, one not) show the block path through theRequestInterceptor.ssrf-guard-jdkhttp-demojava.net.http.HttpClientwrapper — three-line wiring with no Spring dependency on the library itself.ssrf-guard-okhttp-demoInterceptor+Dns— three-lineOkHttpClient.Buildersetup.Highlights
169.254.169.254), decimal-encoded loopback (2130706433), IPv4-mapped IPv6 ([::ffff:10.0.0.5]), userinfo bypass (user:pass@evil.com), redirect-to-private (httpbin.org/redirect-to?url=169.254...).FakeLlmServicefor aChatClientand the wrap behaviour is identical.ssrf-guard-demoandssrf-guard-springai-demo—GET /attacks/GET /agent/attacksreturns every blocked pattern with a copy-paste curl per entry.Test plan
./gradlew buildgreenBlockReasonfor attack URLsssrf-guard:3.0.0propagation confirmed)Notes for review
io.micrometer:micrometer-coreis added explicitly to-feign,-jdkhttp,-okhttpdemos. ssrf-guard v3.0.0's auto-config referencesMeterRegistryby type even when no metrics bean is registered, so consumers without Actuator hit aClassNotFoundException. Tracked as a v3.0.1 follow-up — once fixed, these declarations can come out.