Secure Fetch
Secure fetch to prevent access to local resources
Secure Fetch
This project implements a secure URL fetching tool using FastMCP.
Prerequisites
- Python 3.7+
- uv (Python package installer and environment manager)
Installation
- Install uv if you haven't already:
pip install uv
- Create a new virtual environment and install dependencies:
uv venv source .venv/bin/activate uv pip install fastmcp requests
Usage
- Set the allowlist environment variable (optional):
export SECURE_FETCH_ALLOWLIST="example.com,trusted-domain.org"
- Run the script:
uv run main.py
Features
- Fetches URLs securely
- Resolves domains to IPs
- Checks for private/internal IPs
- Handles redirects (up to 3)
- Supports custom HTTP methods and headers
- Uses an allowlist for trusted domains/IPs
Security Considerations
- The tool prevents access to private/internal IPs unless explicitly allowed
- Only HTTP and HTTPS schemes are permitted
- SNI is set to match the hostname for HTTPS connections
Example Usage
Once the script is running, you can use the fetch_url function to securely fetch URLs. The function will return a dictionary containing the status code, response body, and content length.
Note
This tool is designed for secure URL fetching. Always review and understand the code before using it in your environment.
Verwandte Server
Bright Data
SponsorDiscover, extract, and interact with the web - one interface powering automated access across the public internet.
HDW MCP Server
Access and manage LinkedIn data and user accounts using the HorizonDataWave API.
PlayMCP Browser Automation Server
A server for browser automation using Playwright, providing powerful tools for web scraping, testing, and automation.
Website Snapshot
A MCP server that provides comprehensive website snapshot capabilities using Playwright. This server enables LLMs to capture and analyze web pages through structured accessibility snapshots, network monitoring, and console message collection.
Any Browser MCP
Attaches to existing browser sessions using the Chrome DevTools Protocol for automation and interaction.
NBA Player Stats
Provides comprehensive NBA player statistics from basketball-reference.com, including career stats, season comparisons, and advanced metrics.
Booli MCP Server
Access Swedish real estate data from Booli.se through a GraphQL API.
Primp MCP Server
An MCP server for the Primp HTTP client, enabling browser impersonation for requests and file uploads.
Document Extractor MCP Server
Extracts document content from Microsoft Learn and GitHub URLs and stores it in PocketBase for retrieval and search.
Configurable Puppeteer MCP Server
A configurable MCP server for browser automation using Puppeteer.
ScrAPI MCP Server
A server for scraping web pages using the ScrAPI API.