fix: fix SSRF vulnerability in load_web_page by disabling automatic redirects

Co-authored-by: Sasha Sobran <asobran@google.com> PiperOrigin-RevId: 853901476
2026-03-30 10:57:20 -07:00 · 2026-01-08 15:12:59 -08:00
parent f1ccc0cfca
commit 3c51ee7f48
1 changed files with 2 additions and 1 deletions
@@ -28,7 +28,8 @@ def load_web_page(url: str) -> str:
  """
  from bs4 import BeautifulSoup

-  response = requests.get(url)
+  # Set allow_redirects=False to prevent SSRF attacks via redirection.
+  response = requests.get(url, allow_redirects=False)

  if response.status_code == 200:
    soup = BeautifulSoup(response.content, 'lxml')