From 9d5b28d83e264988d97d0f01bad4f4c7665a3515 Mon Sep 17 00:00:00 2001
From: akiba <akiba@anzu.link>
Date: Sun, 20 Aug 2023 21:41:27 +0800
Subject: [PATCH] fix potential ssrf attack in #12663

---
 modules/api/api.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/modules/api/api.py b/modules/api/api.py
index 6e8d21a35db..855e4386ddc 100644
--- a/modules/api/api.py
+++ b/modules/api/api.py
@@ -4,6 +4,8 @@
 import time
 import datetime
 import uvicorn
+import ipaddress
+import requests
 import gradio as gr
 from threading import Lock
 from io import BytesIO
@@ -57,7 +59,11 @@ def setUpscalers(req: dict):
 
 def decode_base64_to_image(encoding):
     if encoding.startswith("http://") or encoding.startswith("https://"):
-        import requests
+        ip = ipaddress.ip_address(encoding)
+        # https://docs.python.org/3/library/ipaddress.html#ipaddress.IPv4Address.is_global
+        if not ip.is_global:
+            raise HTTPException(status_code=500, detail="Invalid image url")
+
         response = requests.get(encoding, timeout=30, headers={'user-agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36'})
         try:
             image = Image.open(BytesIO(response.content))