Summary
ValidateRepoHandler accepts arbitrary user-supplied URLs and performs remote validation (including dulwich ls_remote) without applying the same provider whitelist checks used by the spawner path.
Why this matters
This broad URL reachability can be abused for SSRF-style probing/internal network access attempts from the hub context.
Current behavior
ValidateRepoHandler validates arbitrary URL input.- It can attempt outbound requests to non-approved hosts.
- Spawner path has whitelist checks, but validation API does not enforce equivalent constraints.
Expected behavior
Repository validation should enforce scheme and hostname restrictions identical (or stricter) to spawn-time validation.
Proposed fix
- Require
http/https scheme.
- Enforce host whitelist via
gitClone.allowedProviders (same matching rule as spawner).
- Return clear 4xx responses for disallowed hosts.
- Add tests for allowed/disallowed host cases.
Acceptance criteria
- Validation API rejects non-whitelisted providers with 4xx.
- Allowed providers continue to validate normally.
- Tests cover whitelist enforcement.
Summary
ValidateRepoHandleraccepts arbitrary user-supplied URLs and performs remote validation (includingdulwich ls_remote) without applying the same provider whitelist checks used by the spawner path.Why this matters
This broad URL reachability can be abused for SSRF-style probing/internal network access attempts from the hub context.
Current behavior
ValidateRepoHandlervalidates arbitrary URL input.Expected behavior
Repository validation should enforce scheme and hostname restrictions identical (or stricter) to spawn-time validation.
Proposed fix
http/httpsscheme.gitClone.allowedProviders(same matching rule as spawner).Acceptance criteria