From 3324e7199b341f3bbbb5f20fea0a4a31efd3c781 Mon Sep 17 00:00:00 2001
From: Zamil Majdy <zamil.majdy@gmail.com>
Date: Wed, 15 Apr 2026 23:08:15 +0700
Subject: [PATCH] fix(backend): return 503 when checkout redirect URLs are
 unconfigured

When neither frontend_base_url nor platform_base_url is set, subscription
upgrade attempts were failing with a misleading 422 'success_url and
cancel_url must match the platform frontend origin' error. The real problem
is a server misconfiguration, not a bad URL from the client.

Add an explicit pre-flight check in update_subscription_tier: if the allowed
origin is not configured, log an error and raise 503 with a clear message so
operators can diagnose the missing config instead of chasing a false URL
mismatch error.
---
 .../backend/backend/api/features/v1.py         | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/autogpt_platform/backend/backend/api/features/v1.py b/autogpt_platform/backend/backend/api/features/v1.py
index af9cc97e58..97ca44862f 100644
--- a/autogpt_platform/backend/backend/api/features/v1.py
+++ b/autogpt_platform/backend/backend/api/features/v1.py
@@ -925,6 +925,24 @@ async def update_subscription_tier(
     # Open-redirect protection: both URLs must point to the configured frontend
     # origin, otherwise an attacker could use our Stripe integration as a
     # redirector to arbitrary phishing sites.
+    #
+    # Fail early with a clear 503 if the server is misconfigured (neither
+    # frontend_base_url nor platform_base_url set), so operators get an
+    # actionable error instead of the misleading "must match the platform
+    # frontend origin" 422 that _validate_checkout_redirect_url would otherwise
+    # produce when `allowed` is empty.
+    if not (settings.config.frontend_base_url or settings.config.platform_base_url):
+        logger.error(
+            "update_subscription_tier: neither frontend_base_url nor "
+            "platform_base_url is configured; cannot validate checkout redirect URLs"
+        )
+        raise HTTPException(
+            status_code=503,
+            detail=(
+                "Payment redirect URLs cannot be validated: "
+                "frontend_base_url or platform_base_url must be set on the server."
+            ),
+        )
     if not _validate_checkout_redirect_url(
         request.success_url
     ) or not _validate_checkout_redirect_url(request.cancel_url):