Secure Fetch

Secure fetch to prevent access to local resources

GitHub

Secure Fetch

This project implements a secure URL fetching tool using FastMCP.

Prerequisites

Python 3.7+
uv (Python package installer and environment manager)

Installation

Install uv if you haven't already:

pip install uv

Create a new virtual environment and install dependencies:

uv venv source .venv/bin/activate uv pip install fastmcp requests

Usage

Set the allowlist environment variable (optional):

export SECURE_FETCH_ALLOWLIST="example.com,trusted-domain.org"

Run the script:

uv run main.py

Features

Fetches URLs securely
Resolves domains to IPs
Checks for private/internal IPs
Handles redirects (up to 3)
Supports custom HTTP methods and headers
Uses an allowlist for trusted domains/IPs

Security Considerations

The tool prevents access to private/internal IPs unless explicitly allowed
Only HTTP and HTTPS schemes are permitted
SNI is set to match the hostname for HTTPS connections

Example Usage

Once the script is running, you can use the fetch_url function to securely fetch URLs. The function will return a dictionary containing the status code, response body, and content length.

Note

This tool is designed for secure URL fetching. Always review and understand the code before using it in your environment.

関連サーバー

Bright Data

スポンサー

Discover, extract, and interact with the web - one interface powering automated access across the public internet.

LinkedIn Profile Scraper

Fetches LinkedIn profile information using the Fresh LinkedIn Profile Data API.

Scrapezy

Extract structured data from websites using the Scrapezy API.

SearchMCP

Connect any LLM to the internet with the cheapest, most reliable, and developer-friendly search API.

Patchright Lite MCP Server

A server that wraps the Patchright SDK to provide stealth browser automation for AI models.

Oxylabs AI Studio

AI-powered tools for web scraping, crawling, and browser automation.

MCP Image Downloader

A server for downloading and optimizing images from the web.

Browser MCP

A fast, lightweight MCP server that empowers LLMs with browser automation via Puppeteer’s structured accessibility data, featuring optional vision mode for complex visual understanding and flexible, cross-platform configuration.

WebScraping.AI

Interact with WebScraping.AI for web data extraction and scraping.

APIMesh

18 x402-payable web analysis APIs for AI agents — pay per call with USDC on Base, no API keys needed

Urlbox Full Page Screenshots

An MCP server for the Urlbox Screenshot API. It enables your client to take screenshots, generate PDFs, extract HTML/markdown, and more from websites.