Table of Contents
Server-Side Request Forgery (SSRF)
Inferno is designed to make requests against user-submitted urls, which makes it important to mitigate against SSRF. It is not practical to implement SSRF protection within Inferno itself because which urls are valid and invalid vary based on the particular deployment. Because of this, it is recommended that deployments use network-layer SSRF mitigations. For example, the Inferno team protects against SSRF in public deployments by implementing firewall rules in the host operating system which deny Inferno access to the internal network.