Skip to content

fix: validate universe domain input to prevent SSRF credential leak#472

Open
adilburaksen wants to merge 1 commit intogoogle-github-actions:mainfrom
adilburaksen:fix/universe-ssrf-validation
Open

fix: validate universe domain input to prevent SSRF credential leak#472
adilburaksen wants to merge 1 commit intogoogle-github-actions:mainfrom
adilburaksen:fix/universe-ssrf-validation

Conversation

@adilburaksen
Copy link
Copy Markdown

@adilburaksen adilburaksen commented Apr 28, 2026

Summary

The universe input is interpolated directly into the Cloud Functions API endpoint:

cloudfunctions: 'https://cloudfunctions.{universe}/v2',

Setting universe: attacker.com routes all API calls — including Bearer GCP access tokens — to cloudfunctions.attacker.com.

Fix

Validates universe against known-safe patterns before use:

if (!/^([a-z0-9-]+\.)*googleapis\.com$/.test(universe)) {
  throw new Error(`Invalid universe domain "${universe}": ...`);
}

Allows googleapis.com (default) and Trusted Partner Cloud subdomains like us-central1.rep.googleapis.com. Blocks arbitrary hostnames.

Related

Companion PR for upload-cloud-storage: google-github-actions/upload-cloud-storage#404
Same class, same root cause in expandUniverseEndpoints.

@adilburaksen adilburaksen requested a review from a team as a code owner April 28, 2026 17:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ChrisGe4 ChrisGe4 Awaiting requested review from ChrisGe4 ChrisGe4 is a code owner automatically assigned from google-github-actions/maintainers

@verbanicm verbanicm Awaiting requested review from verbanicm verbanicm is a code owner automatically assigned from google-github-actions/maintainers

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@adilburaksen