Secure Fetch
Secure fetch to prevent access to local resources
Secure Fetch
This project implements a secure URL fetching tool using FastMCP.
Prerequisites
- Python 3.7+
- uv (Python package installer and environment manager)
Installation
- Install uv if you haven't already:
pip install uv
- Create a new virtual environment and install dependencies:
uv venv source .venv/bin/activate uv pip install fastmcp requests
Usage
- Set the allowlist environment variable (optional):
export SECURE_FETCH_ALLOWLIST="example.com,trusted-domain.org"
- Run the script:
uv run main.py
Features
- Fetches URLs securely
- Resolves domains to IPs
- Checks for private/internal IPs
- Handles redirects (up to 3)
- Supports custom HTTP methods and headers
- Uses an allowlist for trusted domains/IPs
Security Considerations
- The tool prevents access to private/internal IPs unless explicitly allowed
- Only HTTP and HTTPS schemes are permitted
- SNI is set to match the hostname for HTTPS connections
Example Usage
Once the script is running, you can use the fetch_url function to securely fetch URLs. The function will return a dictionary containing the status code, response body, and content length.
Note
This tool is designed for secure URL fetching. Always review and understand the code before using it in your environment.
関連サーバー
Bright Data
スポンサーDiscover, extract, and interact with the web - one interface powering automated access across the public internet.
MCP YouTube Extract
Extracts information from YouTube videos and channels using the YouTube Data API.
DataLayer
Give your AI agent access to 60M+ companies and 300M+ verified contacts. Enrich leads, find work emails, discover tech stacks, and identify buying intent — directly from Claude, Cursor, Windsurf, or any MCP-compatible AI agent.
youtube-summarize
MCP server that fetches YouTube video transcripts and summarizes them using your LLM client
Stepstone
Fetches job listings from Stepstone.de based on keywords and location parameters.
Feed
A server for fetching and parsing RSS, Atom, and JSON feeds.
nicheiqs-mcp
Market intelligence MCP server. Returns Winnability Score, Reddit pain signals, and Google Trendsdata in one tool call.
Outscraper
Access Outscraper's data extraction services for business intelligence, location data, reviews, and contact information from various online platforms.
MCP NPX Fetch
Fetch and transform web content into various formats like HTML, JSON, Markdown, or Plain Text.
Decodo
Easy web data access. Simplified retrieval of information from websites and online sources.
Bilibili Comments
Fetch Bilibili video comments in bulk, including nested replies. Requires a Bilibili cookie for authentication.