farcasclaudiu/Flowise
1
0
Fork 0
mirror of https://github.com/farcasclaudiu/Flowise.git synced 2026-06-28 21:00:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

Chore/Prevent invalid http redirect (#4990)

Browse Source 
prevent invalid http redirect
This commit is contained in:
Henry Heng
2025-07-31 12:24:08 +01:00
committed by GitHub
parent ed27ad0c58
commit 89a806f722
6 changed files with 181 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/components/nodes/agentflow/HTTP/HTTP.ts
+4 -6
View File
@@ -1,9 +1,9 @@
import { ICommonObject, INode, INodeData, INodeParams } from '../../../src/Interface'
import axios, { AxiosRequestConfig, Method, ResponseType } from 'axios'
import { AxiosRequestConfig, Method, ResponseType } from 'axios'
import FormData from 'form-data'
import * as querystring from 'querystring'
import { getCredentialData, getCredentialParam } from '../../../src/utils'
import { checkDenyList } from '../../../src/httpSecurity'
import { secureAxiosRequest } from '../../../src/httpSecurity'
class HTTP_Agentflow implements INode {
label: string
@@ -293,8 +293,6 @@ class HTTP_Agentflow implements INode {
// Build final URL with query parameters
const finalUrl = queryString ? `${url}${url.includes('?') ? '&' : '?'}${queryString}` : url
await checkDenyList(finalUrl)
// Prepare request config
const requestConfig: AxiosRequestConfig = {
method: method as Method,
@@ -331,8 +329,8 @@ class HTTP_Agentflow implements INode {
}
}
// Make the HTTP request
const response = await axios(requestConfig)
// Make the secure HTTP request that validates all URLs in redirect chains
const response = await secureAxiosRequest(requestConfig)
// Process response based on response type
let responseData