Undo change

AikidoSec · Feb 21, 2025 · bbbb3b7 · bbbb3b7
1 parent 7cdde05
commit bbbb3b7
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/library/vulnerabilities/ssrf/findHostnameInUserInput.ts b/library/vulnerabilities/ssrf/findHostnameInUserInput.ts
@@ -10,10 +10,15 @@ export function findHostnameInUserInput(
     return false;
   }
 
+  const hostnameURL = tryParseURL(`http://${hostname}`);
+  if (!hostnameURL) {
+    return false;
+  }
+
   const variants = [userInput, `http://${userInput}`, `https://${userInput}`];
   for (const variant of variants) {
     const userInputURL = tryParseURL(variant);
-    if (userInputURL && userInputURL.hostname === hostname) {
+    if (userInputURL && userInputURL.hostname === hostnameURL.hostname) {
       const userPort = getPortFromURL(userInputURL);
 
       if (!port) {