Expand description
SSRF (Server-Side Request Forgery) protection for RDAP clients.
Every outbound URL is validated before the HTTP request is issued. The guard blocks:
- Non-HTTPS schemes
- IPv4 loopback (127/8), private (RFC 1918), link-local (169.254/16)
- IPv6 loopback (::1), link-local (fe80::/10), unique-local (fc00::/7)
- Explicitly blocked domain patterns
Allowed domains (allowlist) take priority over all other checks.
Structs§
- Ssrf
Config - Configuration for the SSRF guard.
- Ssrf
Guard - SSRF guard — validates a URL before any network call.