Server Side Request Forgery (SSRF) threats are yet another form of attack that businesses need to guard against. While a Cross-Site Request Forgery (CSRF) targets the user, SSRF attacks specifically target a server by sending back-end requests from vulnerable web applications. To ensure this doesn’t happen to you, we have developed an API that will check an input URL for SSRF threats.
To use this API, we first need to install the SDK:
pip install cloudmersive-validate-api-client
Next, we are going to create an instance of the API and call the function with the following code:
from __future__ import print_function
from cloudmersive_validate_api_client.rest import ApiException
from pprint import pprint# Configure API key authorization: Apikey
configuration = cloudmersive_validate_api_client.Configuration()
configuration.api_key['Apikey'] = 'YOUR_API_KEY'# create an instance of the API class
api_instance = cloudmersive_validate_api_client.DomainApi(cloudmersive_validate_api_client.ApiClient(configuration))
request = cloudmersive_validate_api_client.UrlSsrfRequestFull() # UrlSsrfRequestFull | Input URL requesttry:
# Check a URL for SSRF threats
api_response = api_instance.domain_ssrf_check(request)
except ApiException as e:
print("Exception when calling DomainApi->domain_ssrf_check: %s\n" % e)
The returned response will indicate if the URL is free from SSRF threats, as well as the threat level. Visit the Cloudmersive website to retrieve your free API key and gain access to 800 monthly calls across our library of APIs.