This is an automated email from the ASF dual-hosted git repository.
ashishtiwari pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new c25aff996 fix(ai-proxy): catch malformed override endpoint in schema
validation (#12563)
c25aff996 is described below
commit c25aff996313ff20e9188d042962af930c054369
Author: Ashish Tiwari <ashishjaitiwari15112...@gmail.com>
AuthorDate: Sat Aug 30 21:22:18 2025 +0530
fix(ai-proxy): catch malformed override endpoint in schema validation
(#12563)
---
apisix/plugins/ai-proxy-multi.lua | 10 +++++++-
t/plugin/ai-proxy-multi.t | 48 +++++++++++++++++++++++++++++++++++++++
2 files changed, 57 insertions(+), 1 deletion(-)
diff --git a/apisix/plugins/ai-proxy-multi.lua
b/apisix/plugins/ai-proxy-multi.lua
index b162eee96..2a48bd4dc 100644
--- a/apisix/plugins/ai-proxy-multi.lua
+++ b/apisix/plugins/ai-proxy-multi.lua
@@ -30,6 +30,7 @@ local ipairs = ipairs
local type = type
local priority_balancer = require("apisix.balancer.priority")
+local endpoint_regex = "^(https?)://([^:/]+):?(%d*)/?.*$"
local pickers = {}
local lrucache_server_picker = core.lrucache.new({
@@ -73,6 +74,13 @@ function _M.check_schema(conf)
end
for _, instance in ipairs(conf.instances) do
+ local endpoint = instance and instance.override and
instance.override.endpoint
+ if endpoint then
+ local scheme, host, _ = endpoint:match(endpoint_regex)
+ if not scheme or not host then
+ return false, "invalid endpoint"
+ end
+ end
local ai_driver, err = pcall(require, "apisix.plugins.ai-drivers." ..
instance.provider)
if not ai_driver then
core.log.warn("fail to require ai provider: ", instance.provider,
", err", err)
@@ -143,7 +151,7 @@ end
local function resolve_endpoint(instance_conf)
local endpoint = core.table.try_read_attr(instance_conf, "override",
"endpoint")
- local scheme, host, port, _ =
endpoint:match("^(https?)://([^:/]+):?(%d*)(/?.*)$")
+ local scheme, host, port, _ = endpoint:match(endpoint_regex)
if port == "" then
port = (scheme == "https") and "443" or "80"
end
diff --git a/t/plugin/ai-proxy-multi.t b/t/plugin/ai-proxy-multi.t
index 5434f7699..ed833fa16 100644
--- a/t/plugin/ai-proxy-multi.t
+++ b/t/plugin/ai-proxy-multi.t
@@ -605,3 +605,51 @@ passed
}
--- response_body_eval
qr/6data: \[DONE\]\n\n/
+
+
+
+=== TEST 15: set route with wrong override endpoint
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/routes/1',
+ ngx.HTTP_PUT,
+ [[{
+ "uri": "/anything",
+ "plugins": {
+ "ai-proxy-multi": {
+ "instances": [
+ {
+ "name": "openai-official",
+ "provider": "openai",
+ "weight": 1,
+ "auth": {
+ "header": {
+ "Authorization": "Bearer token"
+ }
+ },
+ "options": {
+ "model": "gpt-4",
+ "max_tokens": 512,
+ "temperature": 1.0
+ },
+ "override": {
+ "endpoint": "http//localhost:6724"
+ }
+ }
+ ],
+ "ssl_verify": false
+ }
+ }
+ }]]
+ )
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- error_code: 400
+--- response_body eval
+qr/.invalid endpoint.*/
