From a4efb3acbfc97212b747fcff1ffb1c4565d562b5 Mon Sep 17 00:00:00 2001
From: yyh <yuanyouhuilyz@gmail.com>
Date: Sat, 27 Dec 2025 14:00:09 +0800
Subject: [PATCH] fix: correct header assignment in SSRF proxy request handling

---
 api/core/helper/ssrf_proxy.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/api/core/helper/ssrf_proxy.py b/api/core/helper/ssrf_proxy.py
index e390873bf4..27e118f3b2 100644
--- a/api/core/helper/ssrf_proxy.py
+++ b/api/core/helper/ssrf_proxy.py
@@ -123,8 +123,9 @@ def make_request(method, url, max_retries=SSRF_DEFAULT_MAX_RETRIES, **kwargs):
             # the request API to explicitly set headers before sending
             headers = {k: v for k, v in headers.items() if k.lower() != "host"}
             if user_provided_host is not None:
-                request.headers["Host"] = user_provided_host
+                headers["Host"] = user_provided_host
 
+            request = client.build_request(method, url, headers=headers, **kwargs)
             response = client.send(request, follow_redirects=follow_redirects)
 
             # Check for SSRF protection by Squid proxy