Secure Fetch
Secure fetch to prevent access to local resources
Secure Fetch
This project implements a secure URL fetching tool using FastMCP.
Prerequisites
- Python 3.7+
- uv (Python package installer and environment manager)
Installation
- Install uv if you haven't already:
pip install uv
- Create a new virtual environment and install dependencies:
uv venv source .venv/bin/activate uv pip install fastmcp requests
Usage
- Set the allowlist environment variable (optional):
export SECURE_FETCH_ALLOWLIST="example.com,trusted-domain.org"
- Run the script:
uv run main.py
Features
- Fetches URLs securely
- Resolves domains to IPs
- Checks for private/internal IPs
- Handles redirects (up to 3)
- Supports custom HTTP methods and headers
- Uses an allowlist for trusted domains/IPs
Security Considerations
- The tool prevents access to private/internal IPs unless explicitly allowed
- Only HTTP and HTTPS schemes are permitted
- SNI is set to match the hostname for HTTPS connections
Example Usage
Once the script is running, you can use the fetch_url function to securely fetch URLs. The function will return a dictionary containing the status code, response body, and content length.
Note
This tool is designed for secure URL fetching. Always review and understand the code before using it in your environment.
Похожие серверы
Bright Data
спонсорDiscover, extract, and interact with the web - one interface powering automated access across the public internet.
MCP URL2SNAP
A lightweight MCP server that captures screenshots of any URL and returns the image URL. Requires an AbstractAPI key.
BrowserCat
Automate remote browsers using the BrowserCat API.
Read URL MCP
Extracts web content from a URL and converts it to clean Markdown format.
YouTube Transcript MCP Server
A high-performance MCP server for fetching YouTube video transcripts, with support for caching, rate limiting, and proxy rotation.
Web Fetch
Fetches and converts web content, ideal for data extraction and web scraping.
Selenium MCP Server
Control web browsers using the Selenium WebDriver for automation and testing.
Urlbox Full Page Screenshots
An MCP server for the Urlbox Screenshot API. It enables your client to take screenshots, generate PDFs, extract HTML/markdown, and more from websites.
YouTube Data
Access YouTube video data and transcripts using the YouTube Data API.
BrowserLoop
Take screenshots and read console logs from web pages using Playwright.
MCP LLMS.txt Explorer
Explore and analyze websites that have implemented the llms.txt standard.