[APOLLO-2103] Fix SSRF (#2105)

Fix SSRF, resolve #2103

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/controller/SystemInfoController.java

@@ -58,23 +58,7 @@ public class SystemInfoController {
     List<Env> allEnvList = portalSettings.getAllEnvs();
 
     for (Env env : allEnvList) {
-      EnvironmentInfo environmentInfo = new EnvironmentInfo();
-      String metaServerAddresses = MetaDomainConsts.getMetaServerAddress(env);
-
-      environmentInfo.setEnv(env);
-      environmentInfo.setActive(portalSettings.isEnvActive(env));
-      environmentInfo.setMetaServerAddress(metaServerAddresses);
-
-      String selectedMetaServerAddress = MetaDomainConsts.getDomain(env);
-      try {
-        environmentInfo.setConfigServices(getServerAddress(selectedMetaServerAddress, CONFIG_SERVICE_URL_PATH));
-
-        environmentInfo.setAdminServices(getServerAddress(selectedMetaServerAddress, ADMIN_SERVICE_URL_PATH));
-      } catch (Throwable ex) {
-        String errorMessage = "Loading config/admin services from meta server: " + selectedMetaServerAddress + " failed!";
-        logger.error(errorMessage, ex);
-        environmentInfo.setErrorMessage(errorMessage + " Exception: " + ex.getMessage());
-      }
+      EnvironmentInfo environmentInfo = adaptEnv2EnvironmentInfo(env);
 
       systemInfo.addEnvironment(environmentInfo);
     }
@@ -84,8 +68,56 @@ public class SystemInfoController {
 
   @PreAuthorize(value = "@permissionValidator.isSuperAdmin()")
   @GetMapping(value = "/health")
-  public Health checkHealth(@RequestParam String host) {
-    return restTemplate.getForObject(host + "/health", Health.class);
+  public Health checkHealth(@RequestParam String instanceId) {
+    List<Env> allEnvs = portalSettings.getAllEnvs();
+
+    ServiceDTO service = null;
+    for (final Env env : allEnvs) {
+      EnvironmentInfo envInfo = adaptEnv2EnvironmentInfo(env);
+      if (envInfo.getAdminServices() != null) {
+        for (final ServiceDTO s : envInfo.getAdminServices()) {
+          if (instanceId.equals(s.getInstanceId())) {
+            service = s;
+            break;
+          }
+        }
+      }
+      if (envInfo.getConfigServices() != null) {
+        for (final ServiceDTO s : envInfo.getConfigServices()) {
+          if (instanceId.equals(s.getInstanceId())) {
+            service = s;
+            break;
+          }
+        }
+      }
+    }
+
+    if (service == null) {
+      throw new IllegalArgumentException("No such instance of instanceId: " + instanceId);
+    }
+
+    return restTemplate.getForObject(service.getHomepageUrl() + "/health", Health.class);
+  }
+
+  private EnvironmentInfo adaptEnv2EnvironmentInfo(final Env env) {
+    EnvironmentInfo environmentInfo = new EnvironmentInfo();
+    String metaServerAddresses = MetaDomainConsts.getMetaServerAddress(env);
+
+    environmentInfo.setEnv(env);
+    environmentInfo.setActive(portalSettings.isEnvActive(env));
+    environmentInfo.setMetaServerAddress(metaServerAddresses);
+
+    String selectedMetaServerAddress = MetaDomainConsts.getDomain(env);
+    try {
+      environmentInfo.setConfigServices(getServerAddress(selectedMetaServerAddress, CONFIG_SERVICE_URL_PATH));
+
+      environmentInfo.setAdminServices(getServerAddress(selectedMetaServerAddress, ADMIN_SERVICE_URL_PATH));
+    } catch (Throwable ex) {
+      String errorMessage = "Loading config/admin services from meta server: " + selectedMetaServerAddress + " failed!";
+      logger.error(errorMessage, ex);
+      environmentInfo.setErrorMessage(errorMessage + " Exception: " + ex.getMessage());
+    }
+    return environmentInfo;
   }
 
   private ServiceDTO[] getServerAddress(String metaServerAddress, String path) {

apollo-portal/src/main/resources/static/scripts/controller/SystemInfoController.js

@@ -28,10 +28,10 @@ function SystemInfoController($scope, toastr, AppUtil, AppService, ClusterServic
         });
     }
 
-    function check(host) {
-        SystemInfoService.check_health(host).then(function (result) {
+    function check(instanceId, host) {
+        SystemInfoService.check_health(instanceId, host).then(function (result) {
             var status = result.status.code;
-            if (status == 'UP') {
+            if (status === 'UP') {
                 toastr.success(host + ' is healthy!');
             } else {
                 toastr.error(host + ' is not healthy, please check ' + host + '/health for more information!');

apollo-portal/src/main/resources/static/scripts/services/SystemInfoService.js

@@ -20,10 +20,10 @@ appService.service('SystemInfoService', ['$resource', '$q', function ($resource,
             });
             return d.promise;
         },
-        check_health: function (host) {
+        check_health: function (instanceId, host) {
             var d = $q.defer();
             system_info_resource.check_health({
-                host: host
+                  instanceId: instanceId
             },
             function (result) {
                 d.resolve(result);

apollo-portal/src/main/resources/static/system_info.html

@@ -59,7 +59,7 @@
                             <td>{{service.appName}}</td>
                             <td>{{service.instanceId}}</td>
                             <td>{{service.homepageUrl}}</td>
-                            <td><a href="javascript:;" ng-click="check(service.homepageUrl)">check</a>
+                            <td><a href="javascript:;" ng-click="check(service.instanceId, service.homepageUrl)">check</a>
                             </td>
                         </tr>
                         </tbody>
@@ -82,7 +82,7 @@
                             <td>{{service.appName}}</td>
                             <td>{{service.instanceId}}</td>
                             <td>{{service.homepageUrl}}</td>
-                            <td><a href="javascript:;" ng-click="check(service.homepageUrl)">check</a>
+                            <td><a href="javascript:;" ng-click="check(service.instanceId, service.homepageUrl)">check</a>
                         </tr>
                         </tbody>
                     </table>