v1.7.14: LLM/SIEM domain allowlists, SRI hashes, auth misconfig warning, Azure Key Vault integration

backend/routes/ask.py

@@ -7,6 +7,7 @@ import httpx
 import structlog
 from auth import require_auth, user_can_access_privacy_services
 from config import (
+    LLM_ALLOWED_DOMAINS,
     LLM_API_KEY,
     LLM_API_VERSION,
     LLM_BASE_URL,
@@ -398,7 +399,7 @@ def _format_events_for_llm(
 
 
 def _validate_llm_url(url: str):
-    """Prevent SSRF by rejecting internal/reserved addresses."""
+    """Prevent SSRF by rejecting internal/reserved addresses and enforcing domain allowlist."""
     from urllib.parse import urlparse
 
     parsed = urlparse(url)
@@ -420,6 +421,12 @@ def _validate_llm_url(url: str):
     except ValueError:
         pass  # hostname is not an IP, which is fine
 
+    # Enforce domain allowlist if configured
+    if LLM_ALLOWED_DOMAINS:
+        allowed = any(hostname == d or (d.startswith("*.") and hostname.endswith(d[1:])) for d in LLM_ALLOWED_DOMAINS)
+        if not allowed:
+            raise RuntimeError(f"LLM_BASE_URL domain '{hostname}' is not in LLM_ALLOWED_DOMAINS")
+
 
 def _build_chat_url(base_url: str, api_version: str) -> str:
     base = base_url.rstrip("/")