fix(system): allow configured image proxy private ranges (#5831)

2026-06-03 07:26:51 +00:00 · 2026-05-25 14:16:54 +08:00
parent 0e8bcb4df6
commit 98e3ea4e6f
5 changed files with 265 additions and 8 deletions
--- a/app/api/endpoints/system.py
+++ b/app/api/endpoints/system.py
@@ -361,7 +361,10 @@ async def fetch_image(
    fetch_url = SecurityUtils.strip_url_signature(url)
    # 验证URL安全性
    if not SecurityUtils.is_safe_url(
-        url, allowed_domains, block_private=True
+        url,
+        allowed_domains,
+        block_private=True,
+        allowed_private_ranges=settings.IMAGE_PROXY_ALLOWED_PRIVATE_RANGES,
    ) and not (fetch_url := SecurityUtils.verify_signed_url(url)):
        logger.warn(f"Blocked unsafe image URL: {url}")
        return None