问题
Getting "Server-Side Request Forgery" issue in Fortify report while using spring restTemplate.
I am making a call using restTemplate to some other REST service and passing this url from my controller class. The url is hardcoded in my controller and not user-controlled data.
HttpEntity<R> response = restTemplate.exchange(uri, HttpMethod.POST, entity,
parameterizedTypeReference);
Not sure how to fix this issue.
回答1:
SSRF is exploited by an attacker controlling an outgoing request that the server is making. If uri is indeed hard-coded, then the attacker has no ability to influence where the request is going, so it would indeed look to be a false positive. However, although Fortify is known for false positives, I have not seen it make that type of mistake (i.e. claimed SSRF despite a hard-coded URI), so I am a bit surprised to hear it. Have you checked the whole source-to-sink trace that Fortify provides? If it is reporting only that one line as the source and sink, then yes it is a false positive. If there is more, then it would be helpful if you provided the full trace.
回答2:
this is FalsePositive from your SAST Scanner
来源:https://stackoverflow.com/questions/52775798/how-to-fix-server-side-request-forgery-issue-in-spring-resttemplate