Hardcoded URLs in Production #7

New Issue

Open

opened 2026-02-02 15:11:00 -05:00 by jared · 0 comments

jared commented 2026-02-02 15:11:00 -05:00

Owner

Copy Link

"http://10.10.10.157:11434/api/generate" # Line 564
"http://10.10.10.67" # PELICAN_URL default

Issue: Exposes internal network topology.

Fix:

Use environment variables without defaults for internal services

OLLAMA_URL = os.getenv('OLLAMA_URL') # No default
if not OLLAMA_URL:
logger.error("OLLAMA_URL not configured")

Validate internal URLs

def validate_internal_url(url: str) -> bool:
"""Ensure URL points to approved internal service"""
# Add your validation logic
return url.startswith(('http://10.', 'https://'))

"http://10.10.10.157:11434/api/generate" # Line 564 "http://10.10.10.67" # PELICAN_URL default Issue: Exposes internal network topology. Fix: # Use environment variables without defaults for internal services OLLAMA_URL = os.getenv('OLLAMA_URL') # No default if not OLLAMA_URL: logger.error("OLLAMA_URL not configured") # Validate internal URLs def validate_internal_url(url: str) -> bool: """Ensure URL points to approved internal service""" # Add your validation logic return url.startswith(('http://10.', 'https://'))

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

No results found.

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

jared

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: LotusGuild/discordBot#7