rdap-security 0.1.0

SSRF protection and URL validation for RDAP clients
Documentation
  • Coverage
  • 100%
    9 out of 9 items documented0 out of 5 items with examples
  • Size
  • Source code size: 52.32 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 772.1 kB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 1m 9s Average build duration of successful builds.
  • all releases: 1m 9s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • Homepage
  • Repository
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • vahmo

SSRF (Server-Side Request Forgery) protection for RDAP clients.

Every outbound URL is validated before the HTTP request is issued. The guard blocks:

  • Non-HTTPS schemes
  • IPv4 loopback (127/8), private (RFC 1918), link-local (169.254/16)
  • IPv6 loopback (::1), link-local (fe80::/10), unique-local (fc00::/7)
  • Explicitly blocked domain patterns

Allowed domains (allowlist) take priority over all other checks.