From 44d36f246087fcebc239690c9f99f29584fc76af Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=B1=88=E5=AE=9A?= <niudear@foxmail.com>
Date: Mon, 13 Oct 2025 11:19:00 +0800
Subject: [PATCH] fix:  external knowledge url check ssrf (#26789)

Co-authored-by: Asuka Minato <i@asukaminato.eu.org>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
---
 api/services/external_knowledge_service.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/api/services/external_knowledge_service.py b/api/services/external_knowledge_service.py
index b6ba3bafea..5cd3b471f9 100644
--- a/api/services/external_knowledge_service.py
+++ b/api/services/external_knowledge_service.py
@@ -88,9 +88,9 @@ class ExternalDatasetService:
             else:
                 raise ValueError(f"invalid endpoint: {endpoint}")
         try:
-            response = httpx.post(endpoint, headers={"Authorization": f"Bearer {api_key}"})
-        except Exception:
-            raise ValueError(f"failed to connect to the endpoint: {endpoint}")
+            response = ssrf_proxy.post(endpoint, headers={"Authorization": f"Bearer {api_key}"})
+        except Exception as e:
+            raise ValueError(f"failed to connect to the endpoint: {endpoint}") from e
         if response.status_code == 502:
             raise ValueError(f"Bad Gateway: failed to connect to the endpoint: {endpoint}")
         if response.status_code == 404: