Secure Fetch

Secure fetch to prevent access to local resources

GitHub

Secure Fetch

This project implements a secure URL fetching tool using FastMCP.

Prerequisites

Python 3.7+
uv (Python package installer and environment manager)

Installation

Install uv if you haven't already:

pip install uv

Create a new virtual environment and install dependencies:

uv venv source .venv/bin/activate uv pip install fastmcp requests

Usage

Set the allowlist environment variable (optional):

export SECURE_FETCH_ALLOWLIST="example.com,trusted-domain.org"

Run the script:

uv run main.py

Features

Fetches URLs securely
Resolves domains to IPs
Checks for private/internal IPs
Handles redirects (up to 3)
Supports custom HTTP methods and headers
Uses an allowlist for trusted domains/IPs

Security Considerations

The tool prevents access to private/internal IPs unless explicitly allowed
Only HTTP and HTTPS schemes are permitted
SNI is set to match the hostname for HTTPS connections

Example Usage

Once the script is running, you can use the fetch_url function to securely fetch URLs. The function will return a dictionary containing the status code, response body, and content length.

Note

This tool is designed for secure URL fetching. Always review and understand the code before using it in your environment.

Verwandte Server

Bright Data

Sponsor

Discover, extract, and interact with the web - one interface powering automated access across the public internet.

Scrapfly

Scrapfly MCP Server gives AI agents a simple, unified way to scrape live web data with built-in anti-bot handling.

MeteoSwiss Data

Provides weather reports, search, and content from the MeteoSwiss website with multi-language support.

youtube-summarize

MCP server that fetches YouTube video transcripts and summarizes them using your LLM client

Opengraph.io

Opengraph data, web scraping, screenshot features in a handy MCP tool

Oxylabs

Scrape websites with Oxylabs Web API, supporting dynamic rendering and parsing for structured data extraction.

ScrapeBadger

Access Twitter/X data including user profiles, tweets, followers, trends, lists, and communities via the ScrapeBadger API.

YouTube Transcript MCP

Download transcripts directly from YouTube videos.

Dumpling AI MCP Server

Data scraping, conversion, and extraction tools from Dumpling AI.

NBA Player Stats

Provides comprehensive NBA player statistics from basketball-reference.com, including career stats, season comparisons, and advanced metrics.

Markdown Downloader

Download webpages as markdown files using the r.jina.ai service, with configurable directories and persistent settings.