Resource library

Cyber QA

Testing SSRF: A QA Guide (2026)

A safe, practical guide to testing SSRF through URL discovery, allowlists, redirects, DNS, blind callbacks, cloud boundaries, automation, and regression.

24 min read | 3,755 words

TL;DR

Testing SSRF means proving that user-controlled URLs cannot make an application reach forbidden destinations or protocols. Work only in an authorized lab, map every outbound-fetch feature, verify exact allowlists and canonical parsing, revalidate redirects and DNS results, test blind callbacks, and confirm network egress controls contain application mistakes.

Key Takeaways

  • Inventory every feature that causes the server or a worker to retrieve a user-influenced location.
  • Use an isolated lab with owned callback, internal-simulation, and redirect services before sending adversarial URLs.
  • Test parsing, canonicalization, resolution, redirects, and connection destination as separate security decisions.
  • Prefer exact destination allowlists, outbound network controls, and redirect validation over blocklists alone.
  • Detect blind SSRF with unique authorized callbacks and correlate asynchronous workers without exposing secrets.
  • Turn every confirmed root cause into a focused regression test at the lowest reliable layer.

A safe approach to testing SSRF determines whether an application can be tricked into making server-side requests to forbidden destinations. The safest and most effective approach uses owned callback endpoints, an internal-service simulator, controlled DNS, and explicit scope. Do not probe real cloud metadata, neighboring tenants, production control planes, or third-party systems.

Server-side request forgery appears whenever user-influenced data reaches an outbound client. Obvious examples include URL preview and webhook features. Less obvious paths include image optimization, document conversion, feed imports, repository integrations, SSO metadata retrieval, PDF renderers, XML processors, and asynchronous media workers. A browser may display only a generic job result while a backend with broader network access performs the dangerous request.

This 2026 QA guide focuses on defensive test design, reliable evidence, and regression automation. It avoids a bypass cookbook. The goal is to identify parsing and policy gaps in a controlled environment, prove impact with harmless markers, and help engineering implement layered outbound controls.

TL;DR

Control point Question to test Safe evidence
Input contract Which fields can influence a destination? Request-to-fetch data-flow map
URL parser Is one canonical parser used consistently? Accepted and rejected lab cases
Destination policy Are schemes, hosts, ports, and IP classes constrained? Decision log with normalized destination
DNS and connect Does the connected address match validated policy? Resolver and egress-proxy telemetry
Redirect Is every hop revalidated or disabled? Owned redirect-chain trace
Network egress Can the workload route to forbidden ranges? Denied internal-simulator connection
Blind processing Does a background worker call out? Unique owned callback correlation

A robust pass requires application checks and a network boundary. URL validation can contain bugs, while egress controls can be misconfigured. Independent layers reduce the chance that one mistake becomes an incident.

1. Authorization before testing SSRF

Get written scope for endpoints, environments, accounts, source addresses, callback domains, test windows, and prohibited targets. Define stop conditions for unusual load, data exposure, instability, or contact with an unexpected system. Even a simple URL submission can trigger asynchronous work, retries, malware scanners, or third-party callbacks, so ownership of the visible API does not imply permission to target any destination.

Map trust boundaries. Identify the public application, API gateway, queues, workers, service mesh, proxies, DNS resolvers, outbound NAT, firewall, private services, and cloud control surfaces. Record which component performs resolution and which component opens the connection. An API may validate a hostname, enqueue it, and let a worker resolve it later under different DNS and network policy.

Define forbidden destination classes without enumerating real assets in test data: loopback, link-local, private, shared or special-purpose ranges, internal DNS zones, workload control endpoints, Unix sockets, local files, and unsupported schemes. Include IPv4 and IPv6. The exact policy may also restrict public destinations to an approved partner list.

Rank impact. Can the fetcher send only GET, or can it choose method, headers, and body? Are response bytes returned, summarized, cached, or discarded? Does it follow redirects? Can it reach authenticated internal services through ambient identity, client certificates, service tokens, or network trust? These factors determine severity and the safest proof. Use OWASP API security testing practices to connect SSRF with authorization, resource consumption, and unsafe API consumption risks.

2. Inventory every server-side fetch entry point

Search product requirements, API schemas, code, network logs, and UI labels for terms such as URL, URI, webhook, callback, import, preview, avatar, image, feed, remote file, template, repository, endpoint, proxy, redirect, metadata, and convert. Do not restrict the inventory to string fields named url. A structured object with host and port, an XML element, a file containing remote references, or an uploaded document can influence a fetch too.

Trace direct and indirect flows. A request may store a URL that a scheduler retrieves hours later. An image service may fetch a URL embedded in HTML. A PDF engine may load stylesheets, fonts, frames, or images referenced by a submitted page. A source-control integration may follow a repository manifest to another location. Each hop needs an owner and a policy.

For every sink, record accepted schemes, hostname policy, port policy, redirect policy, DNS behavior, HTTP method, forwarded headers, credential source, response handling, maximum bytes, timeouts, retries, caching, and network identity. Note whether the client honors environment proxy variables or OS-level handlers. The inventory becomes the test matrix and prevents an engineer from securing the preview endpoint while leaving the thumbnail worker exposed.

Review schemas but verify runtime behavior. A format marked uri in an API description validates shape, not destination safety. Unknown or nested fields may still reach a generic fetcher. Pair OpenAPI schema testing with data-flow and network observation so contract validation is not mistaken for SSRF prevention.

3. Build a safe SSRF lab and evidence model

Use at least three owned components. First, a public callback service records unique tokens, method, safe headers, source network, and time. Second, an internal-service simulator runs on a test-only private network and returns a harmless marker such as INTERNAL_SIMULATOR_ONLY. Third, a redirect service produces controlled one-hop and multi-hop responses to approved destinations. Controlled DNS is valuable for resolution changes, mixed address answers, and short TTLs.

Keep the lab isolated from production and real control planes. The workload under test should have a dedicated network policy that denies actual metadata, cluster administration, databases, and unrelated services. The simulator represents those destinations without containing credentials or sensitive data. This allows a meaningful forbidden-route test without touching a real asset.

Give every attempt a unique correlation token in the owned hostname or path. Record input, normalized URL, validation decision, resolved addresses, connection destination, redirect hops, worker identity, callback time, response behavior, and application trace ID. Redact cookies, authorization headers, query secrets, and returned document content. A callback proves a request occurred, but server or egress logs are needed to show which component made it.

Define result categories before testing: rejected at input, rejected by destination policy, denied by egress, outbound request permitted to an approved endpoint, timed out, and application error. A generic 500 is not a security pass. It might mean the forbidden connection happened and response parsing failed. Evidence should identify the last control reached.

4. Test schemes, authority, host allowlists, and ports

Begin with the simplest policy partitions. Submit an approved HTTPS URL, a syntactically invalid URL, a relative reference, missing scheme, unsupported scheme, empty host, explicit default port, disallowed port, credentials in the authority component, an approved host, a sibling host, and a lookalike host under a different parent. Use domains and endpoints you own. The success case is important because a policy that blocks every request is secure but does not meet the feature requirement.

Exact host allowlists are safer than substring matching. If media.example.test is allowed, a hostile name containing that text elsewhere must not qualify. Trailing dots, case normalization, internationalized names, and percent encoding can make two textual forms refer to the same or different authority. The application should parse once with a well-tested URL library, normalize according to a documented policy, and compare structured fields.

Port handling is part of the destination. Allowing an approved hostname with any port may expose administrative listeners on that host or route. Test omitted default port, explicit default port, zero, out-of-range syntax, and unapproved values through the normal parser. Catch parser exceptions and return a bounded client error rather than falling back to a default.

Blocklists alone are weak when arbitrary public destinations are not a true requirement. Prefer an allowlist of partners or an outbound proxy that knows permitted destinations. Where arbitrary external webhooks are required, constrain schemes and ports, reject nonpublic resolution results, isolate the fetcher, remove ambient credentials, limit response processing, and enforce egress policy. The test report should distinguish application validation from network containment.

5. Challenge canonicalization without building a payload cookbook

Different URL parsers can disagree about scheme, host, port, user information, escapes, backslashes, and numeric address representations. The highest-value test is differential: feed a corpus of owned lab cases through the validator, the HTTP client, the proxy, and any queue serializer, then compare the destination each component believes it will use. One security decision must govern the actual connection.

Build corpus categories rather than copying exploit strings into a shared guide. Include alternate but standards-relevant case, a trailing root label, percent-encoded components, Unicode and its ASCII form, IPv4 and IPv6 literals, user information, fragment, query-carried nested URL, unusual whitespace, duplicate separators, and malformed port text. Label each expected result from the documented parser policy.

Avoid normalize-and-reparse chains. Decoding before parsing, parsing before decoding, or serializing through another language can change the authority. Test the exact asynchronous path because a queue consumer may use a different library from the API validator. If a product accepts a URL object and later reconstructs a string, preserve and compare structured scheme, canonical host, port, and path fields.

Do not assert that every unusual spelling is malicious. Some are legitimate equivalent forms. The security property is that validation and connection agree, and every resulting address remains allowed. When a regression case is found, reduce it to the smallest safe lab input, record parser versions, and add it to unit tests without publishing a weaponized list in ordinary CI logs.

6. Test DNS resolution, address classes, and time-of-check gaps

Hostname approval is only one step. Resolve the host using the same path the outbound client will use and inspect every answer. A hostname that returns both permitted and forbidden addresses should fail or be handled by a controlled resolver and connection policy. Check IPv4 and IPv6, because validating only one family leaves a gap. Classify loopback, link-local, private, unspecified, multicast, reserved, and other nonpublic destinations according to the platform's policy.

Resolution can change between validation and connection. In a controlled DNS zone, return one approved lab address during validation and a forbidden simulator address later. The test passes only if the application pins the validated address through connection, revalidates at connection time, or an egress layer denies the forbidden route. Merely resolving once and then asking a generic client to resolve the hostname again creates a time-of-check to time-of-use gap.

Connection reuse and proxies complicate the oracle. A proxy may perform its own DNS lookup, while a pooled connection may not resolve again. Record who resolved and who connected. If the design uses an egress proxy, enforce hostname and resolved-address policy there and prevent workloads from bypassing it. Test direct egress denial as well as proxy approval.

DNS failures should be bounded. Test no answer, multiple answers, timeout, temporary failure, and an answer that changes during retries. Retries must not fall back to an unchecked resolver or a previously rejected address. Cache lifetimes and negative caching should follow operational policy, but security decisions must remain valid for every new connection.

7. Verify redirect handling on every hop

Redirects can convert an approved starting URL into a forbidden final destination. The simplest secure policy for server-side fetch features is often to disable redirects. If the business feature requires them, apply the complete scheme, hostname, port, resolution, and address policy to every hop before connecting. Limit hop count and detect loops.

Use the owned redirect service to cover approved-to-approved, approved-to-forbidden-simulator, relative location, scheme change, port change, hostname change, a chain that exceeds the limit, and a loop. Include redirect status codes supported by the client and verify method behavior if non-GET requests are possible. Some redirect codes can cause clients to change a POST to GET, while others preserve method and body. The product must not forward sensitive request bodies or credentials to a new authority.

Test header stripping. Authorization, cookies, internal tracing, client identity, and partner-specific secrets should not be forwarded to an unexpected host. Even an allowed cross-host redirect may require a fresh authentication decision. Capture only safe marker headers at the lab endpoint, never real secrets.

The response itself can trigger secondary fetches if the service renders HTML, parses XML, follows feed links, processes manifests, or expands remote assets. Redirect validation protects the first HTTP client but not every embedded-resource loader. Map those sinks separately and keep their network policy equally strict.

8. Detect blind and asynchronous SSRF safely

Blind SSRF occurs when the application makes an outbound request but does not return the response to the user. Use a unique subdomain or path on the owned callback service for each test. Correlate DNS and HTTP observations because some paths resolve a host but never complete HTTP. Allow for the documented queue and retry window, then close the observation cleanly.

A callback alone does not prove access to a forbidden destination. It proves user influence reached an outbound resolution or request. To test policy, compare an approved callback with the forbidden internal simulator under the same feature. Expected evidence might be successful approved callback plus application-policy or egress denial for the simulator. This positive control prevents a broken worker from masquerading as secure behavior.

Asynchronous systems need lifecycle cases. Cancel the job, delete the object, revoke the user, and change the URL before execution. Determine whether queued work uses a validated immutable destination or revalidates current data. Verify retry count, backoff, timeout, and dead-letter behavior. Unbounded retries to a slow destination can become an availability incident even when no private service is reachable.

Use timing differences cautiously. Response time can hint at network access but is not reliable proof because queues, DNS, proxies, and retries add noise. Prefer callback telemetry, egress-deny logs, and internal-simulator logs. Do not scan ports or infer internal topology when a harmless single-service simulator can validate the same control.

9. Test cloud, container, and service-identity boundaries

Cloud and container platforms expose sensitive local or link-local control services, workload identity, cluster APIs, and private service discovery. Do not send test requests to real endpoints. Represent each class with lab routes and prove network policy denies the real address ranges independently through infrastructure tests owned by the platform team. Provider-specific metadata protections are valuable defense in depth, not permission to leave application fetchers unrestricted.

Remove ambient authority from fetch workers. A preview worker rarely needs database credentials, a broad service account, or access to the control plane. Test from the actual workload identity because a local developer process may have a very different route. Verify DNS policy, namespace network policy, security groups or firewall rules, egress gateway rules, and proxy-bypass prevention as applicable.

Test tenant boundaries in shared fetch services. Tenant A should not be able to reuse tenant B's approved destination, credentials, cached response, DNS decision, or connection. Cache keys must include the security context where content or authorization differs. A redirect or URL alias must not escape the tenant's allowlist.

Observe deployment drift. Compare outbound policy across development, staging, canary, and production infrastructure using nonintrusive configuration and simulator tests. An application regression suite can pass while one environment has an overly broad egress rule. Treat policy as code, review changes, and alert on denied connection trends without logging sensitive URLs.

10. Automate testing SSRF policy with safe Python unit tests

The fastest regression layer tests destination decision logic without making network requests. The Python example below accepts only HTTPS, exact allowed hosts, the default HTTPS port, no URL credentials, and globally routable resolved addresses. Its DNS calls are mocked, so python -m unittest ssrf_policy_test.py is safe and deterministic. Save it as ssrf_policy_test.py.

import ipaddress
import socket
import unittest
from unittest.mock import patch
from urllib.parse import urlsplit

ALLOWED_HOSTS = frozenset({'images.example.test', 'hooks.example.test'})

def validate_outbound_url(raw_url: str) -> str:
    parsed = urlsplit(raw_url)
    if parsed.scheme.lower() != 'https':
        raise ValueError('only https is allowed')
    if parsed.username is not None or parsed.password is not None:
        raise ValueError('URL credentials are not allowed')
    if parsed.hostname is None:
        raise ValueError('host is required')

    host = parsed.hostname.rstrip('.').encode('idna').decode('ascii').lower()
    if host not in ALLOWED_HOSTS:
        raise ValueError('host is not allowlisted')
    if parsed.port not in (None, 443):
        raise ValueError('port is not allowed')

    answers = socket.getaddrinfo(host, 443, type=socket.SOCK_STREAM)
    addresses = {answer[4][0] for answer in answers}
    if not addresses:
        raise ValueError('host did not resolve')
    if any(not ipaddress.ip_address(address).is_global for address in addresses):
        raise ValueError('all resolved addresses must be global')
    return parsed.geturl()

class OutboundPolicyTest(unittest.TestCase):
    @patch('socket.getaddrinfo')
    def test_accepts_allowlisted_public_destination(self, resolve):
        resolve.return_value = [
            (socket.AF_INET, socket.SOCK_STREAM, 6, '', ('8.8.8.8', 443))
        ]
        self.assertEqual(
            validate_outbound_url('https://images.example.test/photo.png'),
            'https://images.example.test/photo.png'
        )

    @patch('socket.getaddrinfo')
    def test_rejects_allowlisted_name_resolving_to_private_space(self, resolve):
        resolve.return_value = [
            (socket.AF_INET, socket.SOCK_STREAM, 6, '', ('10.20.30.40', 443))
        ]
        with self.assertRaisesRegex(ValueError, 'must be global'):
            validate_outbound_url('https://images.example.test/photo.png')

    def test_rejects_lookalike_host_and_non_https_scheme(self):
        with self.assertRaisesRegex(ValueError, 'not allowlisted'):
            validate_outbound_url('https://images.example.test.attacker.test/a')
        with self.assertRaisesRegex(ValueError, 'only https'):
            validate_outbound_url('file:///etc/example')

if __name__ == '__main__':
    unittest.main()

This function is an admission policy, not a complete HTTP client. Production code must ensure the actual connection uses the validated address or revalidates every resolution, and it must apply the same checks to redirects. A managed egress proxy can centralize these controls. The public address in the mocked success case is never contacted.

Add unit cases for parser exceptions, trailing dot policy, uppercase host, internationalized host, explicit port, mixed IPv4 and IPv6 answers, empty answers, and every approved partner. Keep raw adversarial corpus data out of normal logs. Integration tests should use the lab DNS, redirector, and internal simulator to prove the policy still governs the real client and deployed network.

11. Verify response handling, limits, errors, and observability

Even approved public fetches need limits. Test connection, read, and total timeouts; maximum redirects; maximum response bytes; decompression limits; supported content types; and parsing depth. A small compressed response can expand dramatically, and an endless stream can hold workers. The service should stop work, release resources, and return a stable safe error.

Decide how much fetched content can reach the user. If the product returns a preview, verify it strips active content, private headers, cookies, and upstream error details. If it caches content, test cache scope, expiration, revalidation, and authorization. Never include internal connection errors, resolved private addresses, stack traces, or proxy credentials in public responses. Apply API error handling and negative testing to keep failures useful without revealing topology.

Log security decisions with a trace ID, normalized scheme and approved destination identifier, decision reason, resolver or proxy component, redirect count, byte count, duration, and worker identity. Avoid full URLs when query strings can contain secrets. Hash or classify destinations according to privacy policy. Send repeated policy denials and unusual outbound attempts to monitoring with rate controls so an attacker cannot flood logs.

Test cleanup during cancellation, timeout, parser failure, and client disconnect. Open connections, temporary files, queued retries, and partial cache entries should be released. Resource behavior is part of SSRF defense because an attacker may not need internal data if outbound requests can exhaust the service.

12. Turn findings into regression and release gates

When a lab case succeeds unexpectedly, stop at the minimum harmless proof. Preserve the request, normalized decision, callback or simulator evidence, component trace, and network-policy result. Do not retrieve secrets or expand to neighboring services. Report the user-controlled source, outbound sink, trust boundary, required privileges, response visibility, and root cause.

Fixes should be layered: narrow the business requirement, exact allowlist where possible, one canonical parser, scheme and port constraints, resolved-address policy, connection pinning or controlled proxy, per-hop redirect checks, outbound network denial, no ambient credentials, and response limits. Validate the fix at the layer it changed and through the complete deployed path.

Create unit tests for the reduced parser or policy case, integration tests for redirect and DNS behavior, and an environment test for egress denial. Keep a single positive approved fetch in every layer. Version controlled network policy and configuration checks can run in CI, while blind asynchronous and controlled DNS cases may run on a scheduled security pipeline.

Review new features during design. Any addition that imports, previews, renders, calls back, or accepts a remote resource should trigger the outbound-request checklist. The broader API security testing basics guide helps teams embed this gate alongside authentication, authorization, validation, rate limiting, and safe dependency handling.

Interview Questions and Answers

Q: What is SSRF?

SSRF is a weakness where user-influenced input causes a trusted server or worker to request a destination it should not reach. The impact depends on network access, ambient credentials, request control, response visibility, and available internal services.

Q: How do you test SSRF safely?

I obtain explicit scope and use owned callback, redirect, DNS, and internal-simulator services in an isolated environment. I prove approved access works and forbidden simulator access is rejected or denied. I stop at a harmless marker and never target real metadata or unrelated systems.

Q: Why is a hostname blocklist insufficient?

Textual hosts can have alternate representations, DNS can return different address classes, and redirects can change destinations. Exact allowlists where possible, structured parsing, address validation at connection time, redirect checks, and egress controls provide stronger layers.

Q: What is blind SSRF?

The server makes an outbound request but does not return the fetched response to the tester. I detect it with a unique authorized callback token and correlate DNS, HTTP, worker, and egress logs within the job's expected processing window.

Q: How do redirects affect SSRF controls?

An initially approved URL can redirect to a forbidden scheme, host, port, or address. I disable redirects when the feature does not need them, or reapply the full destination policy at every hop and strip sensitive headers across authority changes.

Q: What is the DNS time-of-check risk?

The address approved during validation may differ from the address used when the client connects. The design should pin the approved address, revalidate at connection, or enforce policy at an egress proxy. Network denial remains an independent containment layer.

Q: What evidence makes an SSRF report credible?

I include the controlled source field, unique test token, normalized destination decision, callback or simulator record, application trace, worker identity, redirect path, and egress result. I redact secrets and avoid retrieving any real internal data.

Common Mistakes

  • Testing without explicit authorization, destination scope, and stop conditions.
  • Probing real metadata or internal services when a harmless simulator proves the same control.
  • Searching only fields literally named url and missing renderers, imports, workers, and embedded resources.
  • Treating a generic timeout or 500 as a pass. It may occur after a forbidden request was sent.
  • Comparing hostnames with substring logic. Parse structured components and use exact policy matches.
  • Validating a hostname but not every resolved IPv4 and IPv6 address.
  • Checking only the first URL and automatically following redirects. Revalidate every hop or disable them.
  • Forgetting the worker path. Validation and fetch may happen in different processes with different parsers.
  • Relying only on application validation. Egress policy should independently deny forbidden networks.
  • Logging full URLs, credentials, or fetched content in test artifacts.
  • Publishing a large bypass payload list instead of reduced defensive regression cases.

Conclusion

Testing SSRF is a controlled validation of outbound trust boundaries. Inventory every user-influenced fetch, build an owned lab, test structured URL policy, prove DNS and redirects cannot change the approved destination, and use network egress controls to contain application mistakes. Blind and asynchronous paths need unique callbacks plus worker-level observability.

Start with the safe Python policy tests, then connect the real client to an owned redirector, controlled DNS, and an internal-service simulator. Add egress verification and lifecycle limits before release. This method produces strong evidence without touching sensitive infrastructure and turns each discovery into a durable regression guard.

Interview Questions and Answers

Describe your approach to testing SSRF.

I begin with written authorization and a data-flow inventory of every outbound fetch. In an isolated lab I use owned callback, DNS, redirect, and internal-simulator services. I test parser policy, resolution, connection, redirects, egress, response limits, and asynchronous workers, then add reduced regression cases.

What is the difference between direct and blind SSRF?

With direct SSRF, response data or a clear result is visible to the requester. With blind SSRF, the outbound action occurs without returning the remote response. Blind testing relies on unique authorized callbacks and correlated infrastructure evidence rather than timing alone.

How do you prevent false positives in SSRF testing?

I correlate a unique token across callback, worker, and egress logs and include a positive approved destination. I distinguish DNS-only observation from a completed HTTP request and distinguish application rejection from network denial. Generic errors and timeouts are not sufficient evidence.

Why should every redirect hop be validated?

The first URL can be approved while a later location changes scheme, authority, port, or resolved address. I either disable redirects or apply the complete policy before each connection and prevent credential forwarding to a new authority.

How would you test SSRF defenses in a distributed worker system?

I trace the value from API validation through serialization, queueing, worker parsing, DNS, proxy, and connection. I compare policy decisions across components, test cancellation and retries, and prove the worker's network identity cannot bypass egress controls.

What is defense in depth for SSRF?

It combines a narrow business requirement, exact destination allowlists where possible, one canonical parser, scheme and port limits, resolution and redirect validation, controlled egress, minimal workload identity, and bounded response processing. Observability and regression tests verify every layer.

What should you avoid when demonstrating SSRF impact?

I avoid real metadata services, production internal hosts, broad scans, secret retrieval, persistence, and third-party destinations. A harmless owned callback or internal simulator is enough to prove the control gap and support remediation.

Frequently Asked Questions

What is SSRF testing?

It is authorized testing that verifies user-controlled input cannot make a server or worker request forbidden destinations or protocols. It covers URL parsing, destination policy, DNS, redirects, egress, response handling, and asynchronous processing.

How can QA test SSRF safely?

Use a test-only environment with owned callback, redirect, DNS, and internal-simulator services. Define scope and stop conditions, use harmless markers, and never probe real metadata, internal control planes, or third-party targets.

What features are commonly vulnerable to SSRF?

Potential sinks include webhooks, URL previews, image and document processors, remote imports, feed readers, SSO metadata, repository integrations, PDF renderers, and any background worker that retrieves user-influenced locations.

How do you test blind SSRF?

Assign a unique token to an owned callback destination, submit it through the suspected feature, and correlate DNS or HTTP observations with application and worker traces. Use an approved positive control and a bounded asynchronous wait.

Are URL blocklists enough to prevent SSRF?

No. Strong designs prefer exact allowlists where possible and add canonical parsing, port and scheme rules, address validation, redirect controls, an egress proxy or firewall, limited worker identity, and response limits.

Why must SSRF tests cover DNS?

A permitted hostname can resolve to multiple address classes or change between validation and connection. Tests should cover all IPv4 and IPv6 answers and prove the actual connection remains within policy.

How should SSRF findings be reported?

Report the controllable input, outbound component, safe callback or simulator evidence, normalized destination, trace correlation, required privilege, response visibility, and defense layer that failed. Stop before retrieving real sensitive data.

Related Guides