[APOLLO-2103] Fix SSRF (#2105)

Fix SSRF, resolve #2103

[APOLLO-2103] Fix SSRF (#2105)
Fix SSRF, resolve #2103
ad448d78 · kezhenxu94 · Jason Song · f50dc4e8 · ad448d78 · ad448d78
Commit ad448d78 authored Apr 07, 2019 by kezhenxu94 Committed by Jason Song Apr 07, 2019
4 changed files
--- a/apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/controller/SystemInfoController.java
+++ b/apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/controller/SystemInfoController.java
@@ -58,6 +58,48 @@ public class SystemInfoController {
    List<Env> allEnvList = portalSettings.getAllEnvs();

    for (Env env : allEnvList) {
+      EnvironmentInfo environmentInfo = adaptEnv2EnvironmentInfo(env);
+
+      systemInfo.addEnvironment(environmentInfo);
+    }
+
+    return systemInfo;
+  }
+
+  @PreAuthorize(value = "@permissionValidator.isSuperAdmin()")
+  @GetMapping(value = "/health")
+  public Health checkHealth(@RequestParam String instanceId) {
+    List<Env> allEnvs = portalSettings.getAllEnvs();
+
+    ServiceDTO service = null;
+    for (final Env env : allEnvs) {
+      EnvironmentInfo envInfo = adaptEnv2EnvironmentInfo(env);
+      if (envInfo.getAdminServices() != null) {
+        for (final ServiceDTO s : envInfo.getAdminServices()) {
+          if (instanceId.equals(s.getInstanceId())) {
+            service = s;
+            break;
+          }
+        }
+      }
+      if (envInfo.getConfigServices() != null) {
+        for (final ServiceDTO s : envInfo.getConfigServices()) {
+          if (instanceId.equals(s.getInstanceId())) {
+            service = s;
+            break;
+          }
+        }
+      }
+    }
+
+    if (service == null) {
+      throw new IllegalArgumentException("No such instance of instanceId: " + instanceId);
+    }
+
+    return restTemplate.getForObject(service.getHomepageUrl() + "/health", Health.class);
+  }
+
+  private EnvironmentInfo adaptEnv2EnvironmentInfo(final Env env) {
    EnvironmentInfo environmentInfo = new EnvironmentInfo();
    String metaServerAddresses = MetaDomainConsts.getMetaServerAddress(env);

@@ -75,17 +117,7 @@ public class SystemInfoController {
      logger.error(errorMessage, ex);
      environmentInfo.setErrorMessage(errorMessage + " Exception: " + ex.getMessage());
    }
-
-      systemInfo.addEnvironment(environmentInfo);
-    }
-
-    return systemInfo;
-  }
-
-  @PreAuthorize(value = "@permissionValidator.isSuperAdmin()")
-  @GetMapping(value = "/health")
-  public Health checkHealth(@RequestParam String host) {
-    return restTemplate.getForObject(host + "/health", Health.class);
+    return environmentInfo;
  }

  private ServiceDTO[] getServerAddress(String metaServerAddress, String path) {

--- a/apollo-portal/src/main/resources/static/scripts/controller/SystemInfoController.js
+++ b/apollo-portal/src/main/resources/static/scripts/controller/SystemInfoController.js
@@ -28,10 +28,10 @@ function SystemInfoController($scope, toastr, AppUtil, AppService, ClusterServic
        });
    }

-    function check(host) {
-        SystemInfoService.check_health(host).then(function (result) {
+    function check(instanceId, host) {
+        SystemInfoService.check_health(instanceId, host).then(function (result) {
            var status = result.status.code;
-            if (status == 'UP') {
+            if (status === 'UP') {
                toastr.success(host + ' is healthy!');
            } else {
                toastr.error(host + ' is not healthy, please check ' + host + '/health for more information!');

--- a/apollo-portal/src/main/resources/static/scripts/services/SystemInfoService.js
+++ b/apollo-portal/src/main/resources/static/scripts/services/SystemInfoService.js
@@ -20,10 +20,10 @@ appService.service('SystemInfoService', ['$resource', '$q', function ($resource,
            });
            return d.promise;
        },
-        check_health: function (host) {
+        check_health: function (instanceId, host) {
            var d = $q.defer();
            system_info_resource.check_health({
-                host: host
+                  instanceId: instanceId
            },
            function (result) {
                d.resolve(result);

--- a/apollo-portal/src/main/resources/static/system_info.html
+++ b/apollo-portal/src/main/resources/static/system_info.html
@@ -59,7 +59,7 @@
                            <td>{{service.appName}}</td>
                            <td>{{service.instanceId}}</td>
                            <td>{{service.homepageUrl}}</td>
-                            <td><a href="javascript:;" ng-click="check(service.homepageUrl)">check</a>
+                            <td><a href="javascript:;" ng-click="check(service.instanceId, service.homepageUrl)">check</a>
                            </td>
                        </tr>
                        </tbody>
@@ -82,7 +82,7 @@
                            <td>{{service.appName}}</td>
                            <td>{{service.instanceId}}</td>
                            <td>{{service.homepageUrl}}</td>
-                            <td><a href="javascript:;" ng-click="check(service.homepageUrl)">check</a>
+                            <td><a href="javascript:;" ng-click="check(service.instanceId, service.homepageUrl)">check</a>
                        </tr>
                        </tbody>
                    </table>