🛡️ Sentinel: [HIGH] Fix SSRF vulnerability in bulk lookup API

[aicoder2009]

🚨 Severity: HIGH
💡 Vulnerability: The /api/lookup/bulk endpoint invoked internal API routes (url, doi, isbn) by dynamically constructing loopback URLs using request.nextUrl.origin and calling fetch(). Because request.nextUrl.origin is derived from the client-supplied Host header, an attacker could manipulate the Host header (e.g., Host: internal.server.local:8080) to trick the backend server into making POST requests to arbitrary internal network hosts, causing a Host-header Server-Side Request Forgery (SSRF) vulnerability.
🎯 Impact: An attacker could bypass external firewalls and send POST requests to internal applications and services.
🔧 Fix: Replaced network-based fetch() requests with direct imports and invocations of the underlying route handler functions. Created a synthetic NextRequest object for each invocation to completely remove the network layer.
✅ Verification: Ran pnpm test:run with fully refactored mocked vitest suite. Tests pass and SSRF pathway is eliminated.

---

PR created automatically by Jules for task 4643558143494860932 started by @aicoder2009

Summary by CodeRabbit

• Bug Fixes
  • Fixed a Server-Side Request Forgery (SSRF) vulnerability in the bulk lookup endpoint.

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
opencitation	Ready	Preview, Comment	Jun 10, 2026 6:27am

[Copilot]

Copilot was unable to review this pull request because the user who requested the review has reached their quota limit.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR fixes an SSRF vulnerability in the /api/lookup/bulk endpoint by refactoring it to invoke lookup handlers directly instead of making network-based fetch calls to client-influenced origins. Tests are updated to mock handlers instead of fetch, and a security finding is documented.

Changes

SSRF Mitigation in Bulk Lookup

Layer / File(s)	Summary
Direct Handler Invocation Implementation src/app/api/lookup/bulk/route.ts	Imports three lookup handlers (lookup/url, lookup/doi, lookup/isbn), detects item type via regex, constructs handler-specific payloads, and invokes handlers directly with synthetic NextRequest objects instead of calling fetch to request.nextUrl.origin.
Test Updates for Handler Mocking src/app/api/lookup/bulk/route.test.ts	Test imports and mock setup refactored to use vi.mock definitions for sub-route handlers; routing tests and mixed-type tests updated to assert handler calls and verify result propagation instead of inspecting fetch URLs.
Security Finding Documentation .jules/sentinel.md	New sentinel entry documents the SSRF vulnerability dated 2024-06-10 and records the mitigation approach.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A loopback lurked in fetches past,
Where origins could lead astray so fast,
Now handlers talk direct, no network flight,
The SSRF vanquished—security's bright! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically identifies the main security fix: addressing an SSRF vulnerability in the bulk lookup API endpoint.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch sentinel/fix-bulk-lookup-ssrf-4643558143494860932

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

src/app/api/lookup/bulk/route.ts (1)

30-33: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Guard non-string batch items before trim() to avoid whole-request 500s.

Line 31 can throw when an item is not a string, which bypasses per-item failure handling and collapses the full batch into a 500 response. Validate/coerce item type before trimming.

Proposed fix

-    const lookupPromises = items.map(async (item) => {
-      const trimmedItem = item.trim();
+    const lookupPromises = items.map(async (item) => {
+      if (typeof item !== "string") {
+        return { input: String(item), success: false, error: "Input must be a string" };
+      }
+      const trimmedItem = item.trim();
       if (!trimmedItem) {
         return { input: item, success: false, error: "Empty input" };
       }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/app/api/lookup/bulk/route.ts` around lines 30 - 33, The items.map
callback (lookupPromises) calls item.trim() without ensuring item is a string
which can throw for non-string entries and escalate to a 500; inside the map
callback validate/coerce item to a string before trimming (e.g., check typeof
item === "string" or coerce via String(item)), and for non-coercible values
return the per-item error object ({ input: item, success: false, error: "Invalid
input type" }) so the per-item failure handling remains intact — update the
lookupPromises mapping logic (the async callback that creates trimmedItem)
accordingly.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@src/app/api/lookup/bulk/route.ts`:
- Around line 30-33: The items.map callback (lookupPromises) calls item.trim()
without ensuring item is a string which can throw for non-string entries and
escalate to a 500; inside the map callback validate/coerce item to a string
before trimming (e.g., check typeof item === "string" or coerce via
String(item)), and for non-coercible values return the per-item error object ({
input: item, success: false, error: "Invalid input type" }) so the per-item
failure handling remains intact — update the lookupPromises mapping logic (the
async callback that creates trimmedItem) accordingly.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 2cb495d8-be45-4931-95c5-34d99d9d428b

📥 Commits

Reviewing files that changed from the base of the PR and between b69285b and 4149915.

📒 Files selected for processing (3)

• .jules/sentinel.md
• src/app/api/lookup/bulk/route.test.ts
• src/app/api/lookup/bulk/route.ts