logo

Database

Elixir Httpoison Request Forgery

Description

This detector identifies server-side request forgery (SSRF) vulnerabilities in Elixir applications using the HTTPoison library. SSRF occurs when an attacker can manipulate HTTP requests to access internal systems or external resources that should not be accessible, potentially leading to data exposure, internal network scanning, or further attacks.

Weakness:

100 - Server-side request forgery (SSRF)

Category: Deceptive Interactions

Detection Strategy

    Reports vulnerabilities when HTTPoison HTTP client function calls are made with user-controllable or unsafe parameters

    Triggers when the detector identifies HTTPoison method calls where the URL, headers, or request parameters could be influenced by external input without proper validation

    Focuses on detecting patterns where HTTPoison requests could be manipulated to target unintended hosts or internal services

Vulnerable code example

defmodule VulnerableExample do
  def unsafe_get_from_params(conn) do
    url = conn.params["url"]
    # VULNERABLE: User input directly controls HTTP destination, enabling SSRF attacks
    HTTPoison.get(url)
    Plug.Conn.send_resp(conn, 200, "done")
  end
...

✅ Secure code example

defmodule SecureExample do
  def safe_get_from_params(conn) do
    service = conn.params["service"]
    
    allowed_services = %{
      "users" => "https://api.example.com/users",
      "orders" => "https://api.example.com/orders"
    }...