fix: validate resolved Ollama URL including env fallback against SSRF allowlist

Author: teedonk

apps/sim/app/api/knowledge/search/route.ts

@@ -329,12 +329,11 @@ export async function POST(request: NextRequest) {
           const config = kbConfigMap.get(kbId)!
           const cfg = (config.chunkingConfig ?? {}) as ExtendedChunkingConfig
           const { modelName } = parseEmbeddingModel(config.embeddingModel)
-          // Re-validate stored URL against SSRF allowlist before making outbound requests
-          if (cfg.ollamaBaseUrl && !isAllowedOllamaUrl(cfg.ollamaBaseUrl)) {
-            logger.warn(`[${requestId}] Blocked disallowed Ollama URL for KB ${kbId}: ${cfg.ollamaBaseUrl}`)
+          const baseUrl = getOllamaBaseUrl(cfg.ollamaBaseUrl)
+          if (!isAllowedOllamaUrl(baseUrl)) {
+            logger.warn(`[${requestId}] Blocked disallowed Ollama URL for KB ${kbId}: ${baseUrl}`)
             continue
           }
-          const baseUrl = getOllamaBaseUrl(cfg.ollamaBaseUrl)
           uniquePairs.set(`${modelName}:${baseUrl}`, { modelName, ollamaBaseUrl: baseUrl })
         }
         await Promise.all(

apps/sim/lib/knowledge/chunks/service.ts

@@ -23,7 +23,7 @@ import {
   setKBChunksEnabled,
   updateKBChunkFields,
 } from '@/lib/knowledge/dynamic-tables'
-import { generateEmbeddings, isAllowedOllamaUrl } from '@/lib/knowledge/embeddings'
+import { generateEmbeddings, getOllamaBaseUrl, isAllowedOllamaUrl } from '@/lib/knowledge/embeddings'
 import { estimateTokenCount } from '@/lib/tokenization/estimators'
 
 const logger = createLogger('ChunksService')
@@ -167,8 +167,9 @@ export async function createChunk(
   const rawKbCfg = kbRows[0].chunkingConfig as { ollamaBaseUrl?: string } | null
   const kbOllamaBaseUrl = rawKbCfg?.ollamaBaseUrl
 
-  if (kbOllamaBaseUrl && !isAllowedOllamaUrl(kbOllamaBaseUrl)) {
-    throw new Error(`Knowledge base has a disallowed Ollama URL: ${kbOllamaBaseUrl}`)
+  const resolvedCreateUrl = getOllamaBaseUrl(kbOllamaBaseUrl)
+  if (!isAllowedOllamaUrl(resolvedCreateUrl)) {
+    throw new Error(`Knowledge base has a disallowed Ollama URL: ${resolvedCreateUrl}`)
   }
 
   const { provider } = parseEmbeddingModel(kbEmbeddingModel)
@@ -477,8 +478,9 @@ export async function updateChunk(
   const rawCfg = kbRows[0].chunkingConfig as { ollamaBaseUrl?: string } | null
   const kbOllamaBaseUrl = rawCfg?.ollamaBaseUrl
 
-  if (kbOllamaBaseUrl && !isAllowedOllamaUrl(kbOllamaBaseUrl)) {
-    throw new Error(`Knowledge base has a disallowed Ollama URL: ${kbOllamaBaseUrl}`)
+  const resolvedUpdateUrl = getOllamaBaseUrl(kbOllamaBaseUrl)
+  if (!isAllowedOllamaUrl(resolvedUpdateUrl)) {
+    throw new Error(`Knowledge base has a disallowed Ollama URL: ${resolvedUpdateUrl}`)
   }
 
   const { provider } = parseEmbeddingModel(kbEmbeddingModel)

apps/sim/lib/knowledge/documents/service.ts

@@ -41,6 +41,7 @@ import {
 } from '@/lib/knowledge/dynamic-tables'
 import {
   generateEmbeddings,
+  getOllamaBaseUrl,
   getOllamaModelContextLength,
   isAllowedOllamaUrl,
 } from '@/lib/knowledge/embeddings'
@@ -489,9 +490,10 @@ export async function processDocumentAsync(
     let effectiveOverlap = processingOptions.chunkOverlap ?? kbConfig.overlap
     let ollamaContextLength: number | undefined
     if (embeddingProvider === 'ollama') {
-      if (kbConfig.ollamaBaseUrl && !isAllowedOllamaUrl(kbConfig.ollamaBaseUrl)) {
+      const resolvedOllamaUrl = getOllamaBaseUrl(kbConfig.ollamaBaseUrl)
+      if (!isAllowedOllamaUrl(resolvedOllamaUrl)) {
         throw new Error(
-          `Knowledge base has a disallowed Ollama URL: ${kbConfig.ollamaBaseUrl}. ` +
+          `Knowledge base has a disallowed Ollama URL: ${resolvedOllamaUrl}. ` +
             'The URL must point to localhost, a private IP address, or host.docker.internal.'
         )
       }