support ALLOWED_HOSTS (#1905)

Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
2025-03-09 16:13:33 -07:00
parent 21cedc43d1
commit 8537a29b1c
2 changed files with 3 additions and 0 deletions
--- a/skyvern/config.py
+++ b/skyvern/config.py
@@ -40,6 +40,7 @@ class Settings(BaseSettings):
    PORT: int = 8000
    ALLOWED_ORIGINS: list[str] = ["*"]
    BLOCKED_HOSTS: list[str] = ["localhost"]
+    ALLOWED_HOSTS: list[str] = []

    # Secret key for JWT. Please generate your own secret key in production
    SECRET_KEY: str = "PLACEHOLDER"
--- a/skyvern/forge/sdk/core/validators.py
+++ b/skyvern/forge/sdk/core/validators.py
@@ -29,6 +29,8 @@ def prepend_scheme_and_validate_url(url: str) -> str:


 def is_blocked_host(host: str) -> bool:
+    if host.lower() in (h.lower() for h in settings.ALLOWED_HOSTS):
+        return False
    try:
        ip = ipaddress.ip_address(host)
        # Check if the IP is private, link-local, loopback, or reserved