From 1f8d08eaa2ef2998b05890f5a13522e9a3602b5b Mon Sep 17 00:00:00 2001
From: root <root@kali>
Date: Wed, 7 Aug 2024 03:30:21 -0400
Subject: [PATCH 1/2] SSRF Fix

---
 backend/apps/images/main.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/backend/apps/images/main.py b/backend/apps/images/main.py
index 4239f3f45..b8bd38285 100644
--- a/backend/apps/images/main.py
+++ b/backend/apps/images/main.py
@@ -151,9 +151,10 @@ async def update_engine_url(
         url = form_data.AUTOMATIC1111_BASE_URL.strip("/")
         try:
             r = requests.head(url)
+	    r.raise_for_status() 
             app.state.config.AUTOMATIC1111_BASE_URL = url
         except Exception as e:
-            raise HTTPException(status_code=400, detail=ERROR_MESSAGES.DEFAULT(e))
+            raise HTTPException(status_code=400, detail="Invalid URL provided.")
 
     if form_data.COMFYUI_BASE_URL == None:
         app.state.config.COMFYUI_BASE_URL = COMFYUI_BASE_URL

From 590fd129c87b72b3a35a556d2006654dda863d84 Mon Sep 17 00:00:00 2001
From: root <root@kali>
Date: Wed, 7 Aug 2024 10:59:22 -0400
Subject: [PATCH 2/2] SSRF Fix Updated

---
 backend/apps/images/main.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/backend/apps/images/main.py b/backend/apps/images/main.py
index b8bd38285..0b123088d 100644
--- a/backend/apps/images/main.py
+++ b/backend/apps/images/main.py
@@ -150,8 +150,7 @@ async def update_engine_url(
     else:
         url = form_data.AUTOMATIC1111_BASE_URL.strip("/")
         try:
-            r = requests.head(url)
-	    r.raise_for_status() 
+            r = requests.head(url) 
             app.state.config.AUTOMATIC1111_BASE_URL = url
         except Exception as e:
             raise HTTPException(status_code=400, detail="Invalid URL provided.")