-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Webhook error 502 after SSRF improvement #6760
Comments
Hi, for a local deployment with docker you can try the following:
And restart the containers with
The commands above are for linux, so windows deployments can have some differences. Please do not use this approach in production deployments. |
You can find the list of available options in the Smokescreen README: https://github.com/stripe/smokescreen/blob/master/README.md. |
Thanks for your help everyone, @SpecLad solution works perfectly <3 |
Hello!
When running CVAT, I also do an export, but with the port specified: |
@DenisN03, have you tried the advice about using a user-defined network in docker compose? It's possible that CVAT server can't reach your application from the docker container. |
Merged everything into user-defined network. Tried with fastapi ip 0.0.0.0.0 and 127.0.0.1, but the problem remains. What ip should I specify for the fastapi server? |
@DenisN03, you can find the container ip by calling |
I got it! Thank you very much for your help! |
My actions before raising this issue
I have a Flask server running on the same server as CVAT.
When i create a webhook request and i click on ping for exemple, i have an error 502 with dns name and 407 with IP.
I read the patch with SSRF sercurity improvement but even if i set the SMOKESCREEN_OPTS I'm getting the same error, the only difference is that I does'nt have error description when I ping with the API and i only have 502 and no 407.
Steps to Reproduce (for bugs)
Expected Behaviour
Ping request should success with status_code 200
Current Behaviour
Ping request fails with status_code 502
Possible Solution
Maybe my SMOKESCREEN_OPTS in my .env is not properly set.
Or SMOKESCREEN_OPTS does'nt work correctly with webhooks.
Context
Here is my webhook
with {{IP}} = my server IP, for exemple 123.45.67.89
@flask.route("/test", methods=['POST'])
def cvat():
content = request.get_json(silent=True)
print(content)
return {}, 200
My Flask server was working great before the update 2.5.0 so i don't think that it comes from this one.
Here is my .env:
CVAT_VERSION=v2.6.0
SMOKESCREEN_OPTS=123.45.67.89
Your Environment
The text was updated successfully, but these errors were encountered: