Scala Ssrf Untrusted Url
Description
Detects potential Server-Side Request Forgery (SSRF) vulnerabilities in Scala applications using the Dispatch HTTP client library. The vulnerability occurs when untrusted user input is used to construct URLs in Dispatch HTTP requests, which could allow attackers to make requests to unintended internal or external systems.
Detection Strategy
• Check if the Dispatch HTTP client library is imported in the Scala source code
• Look for calls to the Dispatch 'url' method that constructs HTTP request URLs
• Analyze if the URL parameter contains or is constructed from external/untrusted input sources
• Report a vulnerability when user-controlled data flows into URL construction without proper validation
Vulnerable code example
import play.api.mvc._
import dispatch._
import Defaults._
def vulnerable = Action.async { request =>
// VULNERABLE: Uses user-controlled URL directly in HTTP client
val requestUrl = request.getQueryString("url").getOrElse("")
val req = url(requestUrl)...✅ Secure code example
import play.api.mvc._
import dispatch._
import Defaults._
import scala.concurrent.Future
def secured = Action.async { request =>
val requestUrl = request.getQueryString("url").getOrElse("").trim
// Define allowed URL prefixes to prevent SSRF attacks...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.