💄 style: allow users to disable SSRF or set a whitelist (#4633)

* feat: allow users to disable SSRF or set a whitelist

* chore: add document description

* chore:  refactor code

* chore: modify code specification

---------

Co-authored-by: coulsonpl <[email protected]>

Author: coulsontl

docs/self-hosting/environment-variables/basic.mdx

@@ -93,6 +93,20 @@ For specific content, please refer to the [Feature Flags](/docs/self-hosting/adv
   try using `host.docker.internal` instead of `localhost`.
 </Callout>
 
+### `SSRF_ALLOW_PRIVATE_IP_ADDRESS`
+
+- Type: Optional
+- Description: Allow to connect private IP address. In a trusted environment, it can be set to true to turn off SSRF protection.
+- Default: `0`
+- Example: `1` or `0`
+
+### `SSRF_ALLOW_IP_ADDRESS_LIST`
+
+- Type: Optional
+- Description: Allow private IP address list, multiple IP addresses are separated by commas. Only when `SSRF_ALLOW_PRIVATE_IP_ADDRESS` is `0`, it takes effect.
+- Default: -
+- Example: `198.18.1.62,224.0.0.3`
+
 ## Plugin Service
 
 ### `PLUGINS_INDEX_URL`

docs/self-hosting/environment-variables/basic.zh-CN.mdx

@@ -88,6 +88,20 @@ LobeChat 在部署时提供了一些额外的配置项，你可以使用环境
   是走到自身容器的 `localhost`，此时请尝试用 `host.docker.internal` 替代 `localhost`
 </Callout>
 
+### `SSRF_ALLOW_PRIVATE_IP_ADDRESS`
+
+- 类型：可选
+- 描述：是否允许连接私有IP地址。在可信环境中可以设置为true来关闭SSRF防护。
+- 默认值：`0`
+- 示例：`1` or `0`
+
+### `SSRF_ALLOW_IP_ADDRESS_LIST`
+
+- 类型：可选
+- 描述：允许连接的私有IP地址列表，多个IP地址时使用逗号分隔。当 `SSRF_ALLOW_PRIVATE_IP_ADDRESS` 为 `0` 时才会生效。
+- 默认值：-
+- 示例：`198.18.1.62,224.0.0.3`
+
 ## 插件服务
 
 ### `PLUGINS_INDEX_URL`

src/app/(backend)/webapi/proxy/route.ts

@@ -1,6 +1,8 @@
 import { NextResponse } from 'next/server';
 import fetch from 'node-fetch';
-import { useAgent as ssrfAgent } from 'request-filtering-agent';
+import { RequestFilteringAgentOptions, useAgent as ssrfAgent } from 'request-filtering-agent';
+
+import { appEnv } from '@/config/app';
 
 /**
  * just for a proxy
@@ -9,7 +11,14 @@ export const POST = async (req: Request) => {
   const url = await req.text();
 
   try {
-    const res = await fetch(url, { agent: ssrfAgent(url) });
+    // https://www.npmjs.com/package/request-filtering-agent
+    const options: RequestFilteringAgentOptions = {
+      allowIPAddressList: appEnv.SSRF_ALLOW_IP_ADDRESS_LIST?.split(',') || [],
+      allowMetaIPAddress: appEnv.SSRF_ALLOW_PRIVATE_IP_ADDRESS,
+      allowPrivateIPAddress: appEnv.SSRF_ALLOW_PRIVATE_IP_ADDRESS,
+      denyIPAddressList: [],
+    };
+    const res = await fetch(url, { agent: ssrfAgent(url, options) });
 
     return new Response(await res.arrayBuffer(), { headers: { ...res.headers } });
   } catch (err) {

src/config/app.ts

@@ -46,6 +46,9 @@ export const getAppConfig = () => {
       CDN_USE_GLOBAL: z.boolean().optional(),
       CUSTOM_FONT_FAMILY: z.string().optional(),
       CUSTOM_FONT_URL: z.string().optional(),
+
+      SSRF_ALLOW_PRIVATE_IP_ADDRESS: z.boolean().optional(),
+      SSRF_ALLOW_IP_ADDRESS_LIST: z.string().optional(),
     },
     runtimeEnv: {
       NEXT_PUBLIC_BASE_PATH: process.env.NEXT_PUBLIC_BASE_PATH || '',
@@ -72,6 +75,9 @@ export const getAppConfig = () => {
       CUSTOM_FONT_FAMILY: process.env.CUSTOM_FONT_FAMILY,
       CUSTOM_FONT_URL: process.env.CUSTOM_FONT_URL,
       CDN_USE_GLOBAL: process.env.CDN_USE_GLOBAL === '1',
+
+      SSRF_ALLOW_PRIVATE_IP_ADDRESS: process.env.SSRF_ALLOW_PRIVATE_IP_ADDRESS === '1',
+      SSRF_ALLOW_IP_ADDRESS_LIST: process.env.SSRF_ALLOW_IP_ADDRESS_LIST,
     },
   });
 };