Check HTML Text for SSRF Threats in PHP

Server-side request forgery (SSRF) attacks target servers in an attempt to gain full or partial control of requests sent by a web application. And while these attacks target servers, they can also be threat to other connected information sources, such as cloud services in Azure, AWS, OpenStack, and more. One way these threats can make their way into your system is via HTML injection; to ensure HTML inputs are safe, you can run the following API in PHP to check HTML text for SSRF threats.

Let’s start the process by running this command to install the SDK:

composer require cloudmersive/cloudmersive_validate_api_client

Then, we can call the function with the below code:

<?php
require_once(__DIR__ . '/vendor/autoload.php');
// Configure API key authorization: Apikey
$config = Swagger\Client\Configuration::getDefaultConfiguration()->setApiKey('Apikey', 'YOUR_API_KEY');
$apiInstance = new Swagger\Client\Api\TextInputApi(
    
    
    new GuzzleHttp\Client(),
    $config
);
$value = "value_example"; // string | User-facing HTML input.
try {
    $result = $apiInstance->textInputCheckHtmlSsrf($value);
    print_r($result);
} catch (Exception $e) {
    echo 'Exception when calling TextInputApi->textInputCheckHtmlSsrf: ', $e->getMessage(), PHP_EOL;
}
?>

With the assistance of this tool, you should be able to detect the issue before it affects your server!