From 9e49c37867d0a14d3fdefbe8912c568266c85c20 Mon Sep 17 00:00:00 2001 From: Artem Niehrieiev Date: Thu, 4 Jun 2026 17:13:49 +0000 Subject: [PATCH] fix(table-action-activation): temporarily disable SSRF/URL safety check in activateTableAction --- .../table-action-activation.service.ts | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/backend/src/entities/table-actions/table-actions-module/table-action-activation.service.ts b/backend/src/entities/table-actions/table-actions-module/table-action-activation.service.ts index 632587225..efdee71b4 100644 --- a/backend/src/entities/table-actions/table-actions-module/table-action-activation.service.ts +++ b/backend/src/entities/table-actions/table-actions-module/table-action-activation.service.ts @@ -13,7 +13,8 @@ import { isSaaS } from '../../../helpers/app/is-saas.js'; import { Encryptor } from '../../../helpers/encryption/encryptor.js'; import { actionSlackPostMessage } from '../../../helpers/slack/action-slack-post-message.js'; import { isObjectPropertyExists } from '../../../helpers/validators/is-object-property-exists-validator.js'; -import { getSsrfSafeRequestConfig } from '../../../helpers/validators/ssrf-safe-http.js'; +// TODO: temporarily disabled SSRF/URL safety check in activateTableAction. Restore import to re-enable. +// import { getSsrfSafeRequestConfig } from '../../../helpers/validators/ssrf-safe-http.js'; import { ConnectionEntity } from '../../connection/connection.entity.js'; import { EmailService } from '../../email/email/email.service.js'; import { escapeHtml } from '../../email/utils/escape-html.util.js'; @@ -211,7 +212,9 @@ export class TableActionActivationService { let result: AxiosResponse | undefined; try { result = await axios.post(tableAction.url, actionRequestBody, { - ...getSsrfSafeRequestConfig(), + // TODO: SSRF/URL safety check temporarily disabled. Restore the line below to re-enable. + // ...getSsrfSafeRequestConfig(), + timeout: 10_000, headers: { 'Rocketadmin-Signature': autoadminSignatureHeader, 'Content-Type': 'application/json' }, maxRedirects: 0, validateStatus: (status) => status <= 599,