fix(discord): add SSRF policy for Discord CDN to unblock Clash TUN fake-ip

white-rf · white-rf · commit 6442ff9bc121 · 2026-02-26T21:32:45.000+08:00
diff --git a/src/discord/monitor/message-utils.test.ts b/src/discord/monitor/message-utils.test.ts
@@ -94,6 +94,10 @@ describe("resolveForwardedMediaList", () => {
       filePathHint: attachment.filename,
       maxBytes: 512,
       fetchImpl: undefined,
+      ssrfPolicy: {
+        allowedHostnames: ["cdn.discordapp.com", "media.discordapp.net"],
+        allowRfc2544BenchmarkRange: true,
+      },
     });
     expect(saveMediaBuffer).toHaveBeenCalledTimes(1);
     expect(saveMediaBuffer).toHaveBeenCalledWith(expect.any(Buffer), "image/png", "inbound", 512);
@@ -168,6 +172,10 @@ describe("resolveForwardedMediaList", () => {
       filePathHint: "wave.png",
       maxBytes: 512,
       fetchImpl: undefined,
+      ssrfPolicy: {
+        allowedHostnames: ["cdn.discordapp.com", "media.discordapp.net"],
+        allowRfc2544BenchmarkRange: true,
+      },
     });
     expect(saveMediaBuffer).toHaveBeenCalledTimes(1);
     expect(saveMediaBuffer).toHaveBeenCalledWith(expect.any(Buffer), "image/png", "inbound", 512);
@@ -236,6 +244,10 @@ describe("resolveMediaList", () => {
       filePathHint: "hello.png",
       maxBytes: 512,
       fetchImpl: undefined,
+      ssrfPolicy: {
+        allowedHostnames: ["cdn.discordapp.com", "media.discordapp.net"],
+        allowRfc2544BenchmarkRange: true,
+      },
     });
     expect(saveMediaBuffer).toHaveBeenCalledTimes(1);
     expect(saveMediaBuffer).toHaveBeenCalledWith(expect.any(Buffer), "image/png", "inbound", 512);
diff --git a/src/discord/monitor/message-utils.ts b/src/discord/monitor/message-utils.ts
@@ -2,6 +2,7 @@ import type { ChannelType, Client, Message } from "@buape/carbon";
 import { StickerFormatType, type APIAttachment, type APIStickerItem } from "discord-api-types/v10";
 import { buildMediaPayload } from "../../channels/plugins/media-payload.js";
 import { logVerbose } from "../../globals.js";
+import type { SsrFPolicy } from "../../infra/net/ssrf.js";
 import { fetchRemoteMedia, type FetchLike } from "../../media/fetch.js";
 import { saveMediaBuffer } from "../../media/store.js";
 
@@ -53,6 +54,13 @@ const DISCORD_CHANNEL_INFO_CACHE = new Map<
 >();
 const DISCORD_STICKER_ASSET_BASE_URL = "https://media.discordapp.net/stickers";
 
+const DISCORD_MEDIA_SSRF_POLICY: SsrFPolicy = {
+  // Discord CDN downloads should be trusted even when DNS/proxy resolution
+  // maps to private/internal ranges (e.g. Clash TUN fake-ip 198.18.x.x).
+  allowedHostnames: ["cdn.discordapp.com", "media.discordapp.net"],
+  allowRfc2544BenchmarkRange: true,
+};
+
 export function __resetDiscordChannelInfoCacheForTest() {
   DISCORD_CHANNEL_INFO_CACHE.clear();
 }
@@ -228,6 +236,7 @@ async function appendResolvedMediaFromAttachments(params: {
         filePathHint: attachment.filename ?? attachment.url,
         maxBytes: params.maxBytes,
         fetchImpl: params.fetchImpl,
+        ssrfPolicy: DISCORD_MEDIA_SSRF_POLICY,
       });
       const saved = await saveMediaBuffer(
         fetched.buffer,
@@ -320,6 +329,7 @@ async function appendResolvedMediaFromStickers(params: {
           filePathHint: candidate.fileName,
           maxBytes: params.maxBytes,
           fetchImpl: params.fetchImpl,
+          ssrfPolicy: DISCORD_MEDIA_SSRF_POLICY,
         });
         const saved = await saveMediaBuffer(
           fetched.buffer,
