René's URL Explorer Experiment

Title: Security: add ignoreXForwardedHost option to block SSRF attacks by nico014 · Pull Request #241 · prerender/prerender-node · GitHub

Open Graph Title: Security: add ignoreXForwardedHost option to block SSRF attacks by nico014 · Pull Request #241 · prerender/prerender-node

X Title: Security: add ignoreXForwardedHost option to block SSRF attacks by nico014 · Pull Request #241 · prerender/prerender-node

Description: This option is a workaround to block potential SSRF attacks on Prerender servers until Prerender has found a way to address the vulnerability themselves. (It's been over 3 months at the time of wri...

Open Graph Description: This option is a workaround to block potential SSRF attacks on Prerender servers until Prerender has found a way to address the vulnerability themselves. (It's been over 3 months at the time of...

X Description: This option is a workaround to block potential SSRF attacks on Prerender servers until Prerender has found a way to address the vulnerability themselves. (It's been over 3 months at the tim...

Opengraph URL: https://github.com/prerender/prerender-node/pull/241

X: @github

direct link

Domain: patch-diff.githubusercontent.com

route-pattern	/_view_fragments/voltron/pull_requests/show/:user_id/:repository/:id/pull_request_layout(.:format)
route-controller	voltron_pull_requests_fragments
route-action	pull_request_layout
fetch-nonce	v2:5c6b5e81-0f75-d1d8-f042-726dbd200a58
current-catalog-service-hash	ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-id	A830:2AF88A:711EF0E:9A69C09:697872EB
html-safe-nonce	8be6b615d06961670231788c5502a189d842f6e99e1647c6fd79f2dfa96ca8ed
visitor-payload	eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJBODMwOjJBRjg4QTo3MTFFRjBFOjlBNjlDMDk6Njk3ODcyRUIiLCJ2aXNpdG9yX2lkIjoiODM2OTc3ODEyMjExNDQ5NTIxMSIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9
visitor-hmac	d69b6530d40b105b3dd1651cda82d1ee32d4294a7b9d489fe951964e72e63daa
hovercard-subject-tag	pull_request:1690093786
github-keyboard-shortcuts	repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verification	Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-url	https://collector.github.com/github/collect
analytics-location	///voltron/pull_requests_fragments/pull_request_layout
fb:app_id	1401488693436528
apple-itunes-app	app-id=1477376905, app-argument=https://github.com/_view_fragments/voltron/pull_requests/show/prerender/prerender-node/241/pull_request_layout
twitter:image	https://opengraph.githubassets.com/239ea2a7ec167de738de73bb6ac89b2f802bc9fa08d402739211d3461d311c73/prerender/prerender-node/pull/241
twitter:card	summary_large_image
og:image	https://opengraph.githubassets.com/239ea2a7ec167de738de73bb6ac89b2f802bc9fa08d402739211d3461d311c73/prerender/prerender-node/pull/241
og:image:alt	This option is a workaround to block potential SSRF attacks on Prerender servers until Prerender has found a way to address the vulnerability themselves. (It's been over 3 months at the time of...
og:image:width	1200
og:image:height	600
og:site_name	GitHub
og:type	object
og:author:username	nico014
hostname	github.com
expected-hostname	github.com
None	2981c597c945c1d90ac6fa355ce7929b2f413dfe7872ca5c435ee53a24a1de50
turbo-cache-control	no-preview
go-import	github.com/prerender/prerender-node git https://github.com/prerender/prerender-node.git
octolytics-dimension-user_id	5633297
octolytics-dimension-user_login	prerender
octolytics-dimension-repository_id	13142168
octolytics-dimension-repository_nwo	prerender/prerender-node
octolytics-dimension-repository_public	true
octolytics-dimension-repository_is_fork	false
octolytics-dimension-repository_network_root_id	13142168
octolytics-dimension-repository_network_root_nwo	prerender/prerender-node
turbo-body-classes	logged-out env-production page-responsive
disable-turbo	false
browser-stats-url	https://api.github.com/_private/browser/stats
browser-errors-url	https://api.github.com/_private/browser/errors
release	520b65a872113b919c1bbdb03834a50af15859fd
ui-target	full
theme-color	#1e2327
color-scheme	light dark

Links:

Skip to content	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241#start-of-content
	https://patch-diff.githubusercontent.com/
Sign in	https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fprerender%2Fprerender-node%2Fpull%2F241
GitHub CopilotWrite better code with AI	https://github.com/features/copilot
GitHub SparkBuild and deploy intelligent apps	https://github.com/features/spark
GitHub ModelsManage and compare prompts	https://github.com/features/models
MCP RegistryNewIntegrate external tools	https://github.com/mcp
ActionsAutomate any workflow	https://github.com/features/actions
CodespacesInstant dev environments	https://github.com/features/codespaces
IssuesPlan and track work	https://github.com/features/issues
Code ReviewManage code changes	https://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilities	https://github.com/security/advanced-security
Code securitySecure your code as you build	https://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they start	https://github.com/security/advanced-security/secret-protection
Why GitHub	https://github.com/why-github
Documentation	https://docs.github.com
Blog	https://github.blog
Changelog	https://github.blog/changelog
Marketplace	https://github.com/marketplace
View all features	https://github.com/features
Enterprises	https://github.com/enterprise
Small and medium teams	https://github.com/team
Startups	https://github.com/enterprise/startups
Nonprofits	https://github.com/solutions/industry/nonprofits
App Modernization	https://github.com/solutions/use-case/app-modernization
DevSecOps	https://github.com/solutions/use-case/devsecops
DevOps	https://github.com/solutions/use-case/devops
CI/CD	https://github.com/solutions/use-case/ci-cd
View all use cases	https://github.com/solutions/use-case
Healthcare	https://github.com/solutions/industry/healthcare
Financial services	https://github.com/solutions/industry/financial-services
Manufacturing	https://github.com/solutions/industry/manufacturing
Government	https://github.com/solutions/industry/government
View all industries	https://github.com/solutions/industry
View all solutions	https://github.com/solutions
AI	https://github.com/resources/articles?topic=ai
Software Development	https://github.com/resources/articles?topic=software-development
DevOps	https://github.com/resources/articles?topic=devops
Security	https://github.com/resources/articles?topic=security
View all topics	https://github.com/resources/articles
Customer stories	https://github.com/customer-stories
Events & webinars	https://github.com/resources/events
Ebooks & reports	https://github.com/resources/whitepapers
Business insights	https://github.com/solutions/executive-insights
GitHub Skills	https://skills.github.com
Documentation	https://docs.github.com
Customer support	https://support.github.com
Community forum	https://github.com/orgs/community/discussions
Trust center	https://github.com/trust-center
Partners	https://github.com/partners
GitHub SponsorsFund open source developers	https://github.com/sponsors
Security Lab	https://securitylab.github.com
Maintainer Community	https://maintainers.github.com
Accelerator	https://github.com/accelerator
Archive Program	https://archiveprogram.github.com
Topics	https://github.com/topics
Trending	https://github.com/trending
Collections	https://github.com/collections
Enterprise platformAI-powered developer platform	https://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security features	https://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI features	https://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 support	https://github.com/premium-support
Pricing	https://github.com/pricing
Search syntax tips	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentation	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in	https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fprerender%2Fprerender-node%2Fpull%2F241
Sign up	https://patch-diff.githubusercontent.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fpull_requests_fragments%2Fpull_request_layout&source=header-repo&source_repo=prerender%2Fprerender-node
Reload	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241
Reload	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241
Reload	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241
prerender	https://patch-diff.githubusercontent.com/prerender
prerender-node	https://patch-diff.githubusercontent.com/prerender/prerender-node
Notifications	https://patch-diff.githubusercontent.com/login?return_to=%2Fprerender%2Fprerender-node
Fork 183	https://patch-diff.githubusercontent.com/login?return_to=%2Fprerender%2Fprerender-node
Star 921	https://patch-diff.githubusercontent.com/login?return_to=%2Fprerender%2Fprerender-node
Code	https://patch-diff.githubusercontent.com/prerender/prerender-node
Issues 24	https://patch-diff.githubusercontent.com/prerender/prerender-node/issues
Pull requests 13	https://patch-diff.githubusercontent.com/prerender/prerender-node/pulls
Discussions	https://patch-diff.githubusercontent.com/prerender/prerender-node/discussions
Actions	https://patch-diff.githubusercontent.com/prerender/prerender-node/actions
Projects 0	https://patch-diff.githubusercontent.com/prerender/prerender-node/projects
Wiki	https://patch-diff.githubusercontent.com/prerender/prerender-node/wiki
Security 0	https://patch-diff.githubusercontent.com/prerender/prerender-node/security
Insights	https://patch-diff.githubusercontent.com/prerender/prerender-node/pulse
Code	https://patch-diff.githubusercontent.com/prerender/prerender-node
Issues	https://patch-diff.githubusercontent.com/prerender/prerender-node/issues
Pull requests	https://patch-diff.githubusercontent.com/prerender/prerender-node/pulls
Discussions	https://patch-diff.githubusercontent.com/prerender/prerender-node/discussions
Actions	https://patch-diff.githubusercontent.com/prerender/prerender-node/actions
Projects	https://patch-diff.githubusercontent.com/prerender/prerender-node/projects
Wiki	https://patch-diff.githubusercontent.com/prerender/prerender-node/wiki
Security	https://patch-diff.githubusercontent.com/prerender/prerender-node/security
Insights	https://patch-diff.githubusercontent.com/prerender/prerender-node/pulse
Sign up for GitHub	https://patch-diff.githubusercontent.com/signup?return_to=%2Fprerender%2Fprerender-node%2Fissues%2Fnew%2Fchoose
terms of service	https://docs.github.com/terms
privacy statement	https://docs.github.com/privacy
Sign in	https://patch-diff.githubusercontent.com/login?return_to=%2Fprerender%2Fprerender-node%2Fissues%2Fnew%2Fchoose
Jump to bottom	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241#issue-comment-box
nico014	https://patch-diff.githubusercontent.com/nico014
prerender:master	https://patch-diff.githubusercontent.com/prerender/prerender-node/tree/master
nico014:master	https://patch-diff.githubusercontent.com/nico014/prerender-node/tree/master
Security: add ignoreXForwardedHost option to block SSRF attacks	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241#top
nico014	https://patch-diff.githubusercontent.com/nico014
prerender:master	https://patch-diff.githubusercontent.com/prerender/prerender-node/tree/master
nico014:master	https://patch-diff.githubusercontent.com/nico014/prerender-node/tree/master
Conversation 0	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241
Commits 4	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241/commits
Checks 0	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241/checks
Files changed	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241/files
Please reload this page	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241
	https://github.co/hiddenchars
	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/{{ revealButtonHref }}
	https://patch-diff.githubusercontent.com/nico014
nico014	https://patch-diff.githubusercontent.com/nico014
Jan 22, 2024	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241#issue-2094213121
Please reload this page	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241
December 22, 2023 14:54	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241#commits-pushed-9dc32aa
Added ignoreXForwardedHost option	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241/commits/9dc32aab6ef2bb15357881bc9e1ef66cbe7c2c28
9dc32aa	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241/commits/9dc32aab6ef2bb15357881bc9e1ef66cbe7c2c28
bump version to 3.8.0	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241/commits/c06161ccc77d09917291b16a2be1aef1817f182c
c06161c	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241/commits/c06161ccc77d09917291b16a2be1aef1817f182c
Update README spacing	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241/commits/b40fda9369c4b79c1ac144e425f360b24ac7dc15
b40fda9	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241/commits/b40fda9369c4b79c1ac144e425f360b24ac7dc15
Reset package url	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241/commits/861f52b13da97701234e2733ade4a0c120efd4c5
861f52b	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241/commits/861f52b13da97701234e2733ade4a0c120efd4c5
Sign up for free	https://patch-diff.githubusercontent.com/join?source=comment-repo
Sign in to comment	https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fprerender%2Fprerender-node%2Fpull%2F241
Please reload this page	https://patch-diff.githubusercontent.com/prerender/prerender-node/pull/241
	https://patch-diff.githubusercontent.com/nico014
	https://github.com
Terms	https://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacy	https://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Security	https://github.com/security
Status	https://www.githubstatus.com/
Community	https://github.community/
Docs	https://docs.github.com/
Contact	https://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.