Allow disabling the host validation via env var (#1637)

Resolves OPS-3078.

Author: maor-rozenfeld

packages/server/shared/src/lib/host-validation/index.ts

@@ -1,6 +1,7 @@
 import { promises as dns } from 'dns';
 import ipRangeCheck from 'ip-range-check';
 import { isIPv4, isIPv6 } from 'net';
+import { SharedSystemProp, system } from '../system';
 
 const internalV4Cidrs = [
   '127.0.0.0/8', // Loopback addresses
@@ -55,7 +56,10 @@ async function isInternalHost(host: string): Promise<boolean> {
 }
 
 export async function validateHost(host: string | undefined): Promise<void> {
-  if (!host) return;
+  const isHostValidationEnabled = system.getBoolean(
+    SharedSystemProp.ENABLE_HOST_VALIDATION,
+  );
+  if (!isHostValidationEnabled || !host) return;
   const isPrivate = await isInternalHost(host);
   if (isPrivate) throw new Error('Host must not be an internal address');
 }

packages/server/shared/src/lib/system/system-prop.ts

@@ -148,6 +148,8 @@ export enum SharedSystemProp {
   LANGFUSE_SECRET_KEY = 'LANGFUSE_SECRET_KEY',
   LANGFUSE_PUBLIC_KEY = 'LANGFUSE_PUBLIC_KEY',
   LANGFUSE_HOST = 'LANGFUSE_HOST',
+
+  ENABLE_HOST_VALIDATION = 'ENABLE_HOST_VALIDATION',
 }
 
 export enum WorkerSystemProps {

packages/server/shared/src/lib/system/system.ts

@@ -98,6 +98,7 @@ const systemPropDefaultValues: Partial<Record<SystemProp, string>> = {
   [AppSystemProp.LLM_CHAT_EXPIRE_TIME_SECONDS]: '86400', // 24 hours
   [AppSystemProp.TELEMETRY_MODE]: 'COLLECTOR',
   [AppSystemProp.TELEMETRY_COLLECTOR_URL]: 'https://telemetry.openops.com/save',
+  [SharedSystemProp.ENABLE_HOST_VALIDATION]: 'true',
 };
 
 export const system = {

packages/server/shared/test/host-validation/index.test.ts

@@ -1,15 +1,35 @@
 const resolve4 = jest.fn();
 const resolve6 = jest.fn();
+const getBoolean = jest.fn().mockReturnValue(true);
 
 jest.mock('dns', () => ({ promises: { resolve4, resolve6 } }));
+jest.mock('../../src/lib/system', () => ({
+  system: { getBoolean },
+  SharedSystemProp: { ENABLE_HOST_VALIDATION: 'ENABLE_HOST_VALIDATION' },
+}));
 
 import { validateHost } from '../../src/lib/host-validation';
 
 describe('Host Validation', () => {
+  beforeEach(() => {
+    getBoolean.mockReturnValue(true);
+  });
+
   afterEach(() => {
     jest.clearAllMocks();
   });
 
+  test('should skip if host validation is disabled', async () => {
+    getBoolean.mockReturnValue(false);
+    const host = '127.0.0.1';
+    await expect(validateHost(host)).resolves.toBeUndefined();
+  });
+
+  test('should skip for empty host', async () => {
+    const host = '';
+    await expect(validateHost(host)).resolves.toBeUndefined();
+  });
+
   test('should throw for private IPv4 address', async () => {
     const host = '192.168.1.1';
     await expect(validateHost(host)).rejects.toThrow(