Change summary
pkg/ssrf/ssrf.go | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
Detailed changes
@@ -39,7 +39,14 @@ func NewSecureClient() *http.Client {
ip := net.ParseIP(host)
if ip == nil {
- return nil, fmt.Errorf("unexpected non-IP address in dial: %s", host)
+ ips, err := net.LookupIP(host) //nolint
+ if err != nil {
+ return nil, fmt.Errorf("DNS resolution failed for host %s: %v", host, err)
+ }
+ if len(ips) == 0 {
+ return nil, fmt.Errorf("no IP addresses found for host: %s", host)
+ }
+ ip = ips[0] // Use the first resolved IP address
}
if isPrivateOrInternal(ip) {
return nil, fmt.Errorf("%w", ErrPrivateIP)