|
| 1 | +""" |
| 2 | +Behavioral tests for the 0.8.9 non-breaking security patch. |
| 3 | +
|
| 4 | +Closes the proxy-injection SSRF class in the Docker server: an unauthenticated |
| 5 | +/crawl could set a proxy (or proxy-redirecting Chromium flag) pointing at an |
| 6 | +internal IP and route the browser through it, reaching internal services and |
| 7 | +cloud metadata. The crawl-target URL was validated; the proxy address was not. |
| 8 | +
|
| 9 | +All fixes are backward compatible: a legitimate public proxy still works; only |
| 10 | +non-global proxy hosts are rejected and dangerous --proxy/--host-resolver flags |
| 11 | +are stripped from extra_args. |
| 12 | +""" |
| 13 | + |
| 14 | +import os |
| 15 | +import sys |
| 16 | + |
| 17 | +import pytest |
| 18 | + |
| 19 | +DOCKER_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) |
| 20 | +if DOCKER_DIR not in sys.path: |
| 21 | + sys.path.insert(0, DOCKER_DIR) |
| 22 | + |
| 23 | + |
| 24 | +class TestValidateProxyDestination: |
| 25 | + # IP literals so getaddrinfo is numeric (no network needed). |
| 26 | + @pytest.mark.parametrize("server", [ |
| 27 | + "http://169.254.169.254:8080", # cloud metadata |
| 28 | + "http://127.0.0.1:8888", |
| 29 | + "http://10.0.0.5:3128", |
| 30 | + "http://192.168.1.10:3128", |
| 31 | + "169.254.169.254:8080", # bare host:port (no scheme) |
| 32 | + "socks5://10.1.2.3:1080", |
| 33 | + "http://[::1]:8080", # ipv6 loopback |
| 34 | + "http://[::ffff:169.254.169.254]:80", # v4-mapped metadata |
| 35 | + ]) |
| 36 | + def test_internal_proxy_rejected(self, server): |
| 37 | + import utils |
| 38 | + with pytest.raises(ValueError): |
| 39 | + utils.validate_proxy_destination(server) |
| 40 | + |
| 41 | + @pytest.mark.parametrize("server", [ |
| 42 | + "http://8.8.8.8:3128", |
| 43 | + "https://1.1.1.1:443", |
| 44 | + "8.8.8.8:3128", |
| 45 | + ]) |
| 46 | + def test_public_proxy_allowed(self, server): |
| 47 | + import utils |
| 48 | + utils.validate_proxy_destination(server) # no raise |
| 49 | + |
| 50 | + def test_empty_is_noop(self): |
| 51 | + import utils |
| 52 | + utils.validate_proxy_destination("") # no raise |
| 53 | + utils.validate_proxy_destination(None) # no raise |
| 54 | + |
| 55 | + |
| 56 | +class TestScrubExtraArgs: |
| 57 | + def test_strips_dangerous_flags(self): |
| 58 | + import utils |
| 59 | + args = [ |
| 60 | + "--headless", |
| 61 | + "--proxy-server=http://10.0.0.1:3128", |
| 62 | + "--host-resolver-rules=MAP * 169.254.169.254", |
| 63 | + "--proxy-bypass-list=*", |
| 64 | + "--proxy-pac-url=http://evil/p.pac", |
| 65 | + "--disable-gpu", |
| 66 | + ] |
| 67 | + out = utils.scrub_browser_extra_args(args) |
| 68 | + assert out == ["--headless", "--disable-gpu"] |
| 69 | + |
| 70 | + def test_keeps_benign(self): |
| 71 | + import utils |
| 72 | + args = ["--headless", "--no-sandbox", "--disable-dev-shm-usage"] |
| 73 | + assert utils.scrub_browser_extra_args(args) == args |
| 74 | + |
| 75 | + def test_empty(self): |
| 76 | + import utils |
| 77 | + assert utils.scrub_browser_extra_args([]) == [] |
| 78 | + assert utils.scrub_browser_extra_args(None) is None |
| 79 | + |
| 80 | + |
| 81 | +class TestEnforceProxySafety: |
| 82 | + def test_browser_proxy_config_internal_400(self): |
| 83 | + import api |
| 84 | + from fastapi import HTTPException |
| 85 | + from crawl4ai import BrowserConfig, ProxyConfig |
| 86 | + b = BrowserConfig(proxy_config=ProxyConfig(server="http://169.254.169.254:8080")) |
| 87 | + with pytest.raises(HTTPException) as e: |
| 88 | + api._enforce_proxy_safety(b, None) |
| 89 | + assert e.value.status_code == 400 |
| 90 | + assert "169.254" not in str(e.value.detail) # opaque |
| 91 | + |
| 92 | + def test_deprecated_proxy_field_internal_400(self): |
| 93 | + import api |
| 94 | + from fastapi import HTTPException |
| 95 | + from crawl4ai import BrowserConfig |
| 96 | + b = BrowserConfig(proxy="http://10.0.0.9:3128") |
| 97 | + with pytest.raises(HTTPException): |
| 98 | + api._enforce_proxy_safety(b, None) |
| 99 | + |
| 100 | + def test_crawler_proxy_config_internal_400(self): |
| 101 | + import api |
| 102 | + from fastapi import HTTPException |
| 103 | + from crawl4ai import BrowserConfig, CrawlerRunConfig, ProxyConfig |
| 104 | + c = CrawlerRunConfig(proxy_config=ProxyConfig(server="http://192.168.0.2:3128")) |
| 105 | + with pytest.raises(HTTPException): |
| 106 | + api._enforce_proxy_safety(BrowserConfig(), c) |
| 107 | + |
| 108 | + def test_extra_args_proxy_scrubbed(self): |
| 109 | + import api |
| 110 | + from crawl4ai import BrowserConfig |
| 111 | + b = BrowserConfig(extra_args=["--proxy-server=http://10.0.0.1", "--headless"]) |
| 112 | + api._enforce_proxy_safety(b, None) # no raise (scrub, not block) |
| 113 | + assert b.extra_args == ["--headless"] |
| 114 | + |
| 115 | + def test_public_proxy_passes(self): |
| 116 | + import api |
| 117 | + from crawl4ai import BrowserConfig, ProxyConfig |
| 118 | + b = BrowserConfig(proxy_config=ProxyConfig(server="http://8.8.8.8:3128")) |
| 119 | + api._enforce_proxy_safety(b, None) # no raise |
0 commit comments