MCPcopy Index your code
hub / github.com/simstudioai/sim / assertEndpointIsPublic

Function assertEndpointIsPublic

apps/sim/lib/data-drains/destinations/s3.ts:129–135  ·  view source on GitHub ↗

DNS-aware SSRF check: catches hostnames that resolve to internal IPs (the schema check only catches IP literals).

(endpoint: string | undefined)

Source from the content-addressed store, hash-verified

127
128/** DNS-aware SSRF check: catches hostnames that resolve to internal IPs (the schema check only catches IP literals). */
129async function assertEndpointIsPublic(endpoint: string | undefined): Promise<void> {
130 if (!endpoint) return
131 const result = await validateUrlWithDNS(endpoint, 'endpoint')
132 if (!result.isValid) {
133 throw new Error(result.error ?? 'S3 endpoint failed SSRF validation')
134 }
135}
136
137/**
138 * Surfaces actionable S3 SDK error codes (`AccessDenied`, `NoSuchBucket`,

Callers 2

testFunction · 0.85
deliverFunction · 0.85

Calls 1

validateUrlWithDNSFunction · 0.90

Tested by 1

testFunction · 0.68