Prevent server-side request forgery (SSRF) attacks by validating webhook URLs before sending requests. Blocks loopback addresses, cloud metadata endpoints, and localhost URLs. - Add SafeWebhookUrl rule validation in SendWebhookJob.handle() - Log warning when unsafe URLs are rejected - Add comprehensive unit tests covering valid and invalid URL scenarios |
||
|---|---|---|
| .. | ||
| Actions | ||
| Console | ||
| Contracts | ||
| Data | ||
| Enums | ||
| Events | ||
| Exceptions | ||
| Helpers | ||
| Http | ||
| Jobs | ||
| Listeners | ||
| Livewire | ||
| Models | ||
| Notifications | ||
| Policies | ||
| Providers | ||
| Repositories | ||
| Rules | ||
| Services | ||
| Support | ||
| Traits | ||
| View/Components | ||