fix(phase3): skip templateless domains in scheduler; block CGNAT range in webhook SSRF guard
Domains imported without a template (TemplateID == nil) are a valid, unconfigured state, not a failure — RunOnce now skips them before calling checkDomain instead of letting LoadDomain's "no template" error turn into StatusError and a spammy unknown->error notification. isBlockedIP now also rejects 100.64.0.0/10 (RFC 6598 carrier-grade NAT), which net.IP.IsPrivate() does not cover, closing an SSRF gap in the webhook destination guard (both the pre-request check and the per-dial check use isBlockedIP). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01BwxdSt4reTm7Dj1oxRvpP3
This commit is contained in:
@@ -102,6 +102,16 @@ func (s *Scheduler) RunOnce(ctx context.Context, now time.Time) error {
|
||||
}
|
||||
|
||||
for _, d := range domains {
|
||||
// A domain with no template attached is not yet configured for
|
||||
// checking (a valid, expected state right after import) — not a
|
||||
// failure. Checking it would make LoadDomain return "domain has
|
||||
// no template", turning into a StatusError that spams a
|
||||
// notification and shows a red badge for a domain the user
|
||||
// simply hasn't set up yet. Skip it silently: no check, no
|
||||
// status change, no notification.
|
||||
if d.TemplateID == nil {
|
||||
continue
|
||||
}
|
||||
s.checkDomain(ctx, sch.ProjectID, d, now)
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user