You migrated to Spring Boot 4.0, tested everything carefully, handled the breaking changes, deployed to production. Everything is running. But there is a category of vulnerability that integration tests rarely catch: Server-Side Request Forgery (SSRF). While your API processes requests normally, an attacker could be using your HTTP clients to make the application query internal resources that should never be accessible.
Spring Boot 4.1 RC1, released on April 23, 2026, introduced native SSRF mitigation via InetAddressFilter — and if you are still on 4.0, you need to understand what changed and what to do until the GA release arrives.
What is SSRF and why it affects Spring Boot applications
Server-Side Request Forgery (SSRF) is a vulnerability where an attacker can cause the server to make HTTP requests to attacker-controlled destinations — including internal services, cloud metadata endpoints (AWS IMDSv1, Azure IMDS), or internal network resources that the client would never have direct access to.
Imagine your API has an endpoint that accepts a URL and fetches content for the client — like an image proxy or webhook validator. Without protection, this endpoint can be used to:
- Access
http://169.254.169.254/latest/meta-data/and steal IAM credentials on AWS instances - Scan internal ports (
http://192.168.1.x:8080/actuator) - Access internal services that assume only legitimate requests arrive from within the VPC
As a Tech Lead, I learned that the problem is even greater in microservices architectures: every service that makes HTTP calls to configurable URLs (via database, queue messages, or webhook payloads) is a potential attack vector. And Spring Boot, up to 4.0, offered no automatic protection for this in its native HTTP clients.
What Spring Boot 4.1 brings: InetAddressFilter
Spring Boot 4.1 introduces the InetAddressFilter, an automatic protection that validates destination IP addresses before any HTTP request is made by Spring-managed clients. By default, it blocks:
- Loopback addresses (
127.0.0.0/8,::1) - Link-local ranges (
169.254.0.0/16— the AWS metadata endpoint) - Site-local/RFC-1918 ranges (
10.0.0.0/8,172.16.0.0/12,192.168.0.0/16)
# application.yaml
spring:
http:
client:
inet-address-filter:
enabled: true
allow-loopback: false
allow-link-local: false
allow-site-local: falseSpring Boot 4.0: what to do right now
If you are on Spring Boot 4.0 and cannot wait for the 4.1 GA, you can implement similar protection manually using a ClientHttpRequestInterceptor:
public class SsrfProtectionInterceptor implements ClientHttpRequestInterceptor {
private static final List<String> BLOCKED_PREFIXES = List.of(
"127.", "10.", "169.254.", "192.168."
);
@Override
public ClientHttpResponse intercept(
HttpRequest request,
byte[] body,
ClientHttpRequestExecution execution
) throws IOException {
String host = request.getURI().getHost();
InetAddress address = InetAddress.getByName(host);
String ip = address.getHostAddress();
boolean isBlocked = address.isLoopbackAddress()
|| address.isLinkLocalAddress()
|| address.isSiteLocalAddress()
|| BLOCKED_PREFIXES.stream().anyMatch(ip::startsWith);
if (isBlocked) {
throw new SecurityException(
"SSRF Protection: request to " + ip + " blocked."
);
}
return execution.execute(request, body);
}
}Other Spring Boot 4.1 RC1 highlights
1. Context propagation in @Async methods
In Boot 4.1, OpenTelemetry context (trace ID, span ID) is automatically propagated to @Async threads when the OpenTelemetry starter is on the classpath — no additional configuration required.
@Service
public class NotificationService {
@Async
public CompletableFuture<Void> sendEmail(String recipient) {
// Boot 4.1: trace context from calling thread is propagated here
log.info("Sending email to {}", recipient); // correct traceId!
return CompletableFuture.completedFuture(null);
}
}2. OpenTelemetry SDK environment variables support
Boot 4.1 natively reads standard OpenTelemetry SDK environment variables without manual mapping, simplifying observability configuration in containerized environments.
3. Spock Framework support with Groovy 5
Support for Spock testing framework with Groovy 5 is restored after being suspended during the Boot 4.0 toolchain migration.
Testing SSRF protection before going to production
@SpringBootTest
class SsrfProtectionTest {
@Autowired
private RestClient restClient;
@Test
void shouldBlockLoopbackRequests() {
assertThrows(SecurityException.class, () ->
restClient.get()
.uri("http://127.0.0.1:8080/actuator/health")
.retrieve()
.toBodilessEntity()
);
}
@Test
void shouldBlockAWSMetadataRequests() {
assertThrows(SecurityException.class, () ->
restClient.get()
.uri("http://169.254.169.254/latest/meta-data/")
.retrieve()
.toBodilessEntity()
);
}
}FAQ
Does InetAddressFilter protect all HTTP clients or only RestClient?
In RC1, automatic protection covers RestClient and WebClient configured via auto-configuration. Manually created clients require the interceptor approach until GA coverage is complete.
I have a legitimate service at 192.168.x.x. Will the filter break it?
Yes — by default the filter blocks RFC-1918 ranges. Use the whitelist: spring.http.client.inet-address-filter.allowed-hosts=192.168.1.100. Never disable the entire filter for a single use case.
Is SSRF relevant for internal APIs that don't receive user input?
Yes. As a Tech Lead I discovered an SSRF vector in a thumbnail service accepting URLs from a Kafka topic that had gone undetected for years. Any configurable URL is a potential vector.
When does Spring Boot 4.1 GA release?
RC1 shipped April 23, 2026. Expected GA: May 2026. Follow spring.io/blog for the official announcement.
Next steps
Spring Boot 4.1 is arriving and SSRF mitigation is just one of the improvements. If you have not yet migrated to Boot 4.0, the breaking changes checklist is the starting point.
Drop a comment below: have you encountered an SSRF vector in production? That real experience exchange is worth more than any tutorial.
Keep evolving — see you in the next article!