Expand description
Shared security helpers for AI client implementations. Shared security helpers for AI provider clients.
These helpers centralize precautionary checks that every AI client should perform before sending credentials over the wire.
Functions§
- local_
provider_ hint - Canonical advisory string surfaced when a hosted-provider failure pattern (HTTPS validation rejection, connection refused / DNS failure to a private host, or HTTP 200 with a non-OpenAI-canonical body) suggests the user intended to call an OpenAI-compatible local or LAN endpoint.
- warn_
on_ insecure_ http - Emit a warning if the parsed
urluses plaintext HTTP against a non-local host while an API key is configured, because the API key would be sent unencrypted. - warn_
on_ insecure_ http_ str - Convenience wrapper that parses
url_strand forwards towarn_on_insecure_http. Parse errors are silently ignored because the caller’s existing URL validation will have already rejected malformed URLs.