Watcher: Add URL whitelist #29937
Description
Original comment by @clintongormley:
Watcher can perform searches as the watch user then post the results to any http endpoint. We should tighten up the security here by adding a URL whitelist.
A blacklist that overwrites a whitelist might be a good idea on top of that. On top of that we have to make sure that redirects are handled properly. Those lists might just be regular expressions that match the URLs.
Ideally those settings should be dynamically updateable.
SSRF might also be an issue (which make sense to block localhost and 169.254.*)