{"id":26540499,"url":"https://github.com/mccutchen/safedialer","last_synced_at":"2025-07-14T10:36:04.316Z","repository":{"id":221089139,"uuid":"356051567","full_name":"mccutchen/safedialer","owner":"mccutchen","description":"A golang net.Dialer control function that allows only safe network connections","archived":false,"fork":false,"pushed_at":"2024-02-06T04:24:08.000Z","size":9,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-06-21T15:33:49.466Z","etag":null,"topics":["golang","http","networking","security","ssrf"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mccutchen.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2021-04-08T21:23:35.000Z","updated_at":"2024-06-21T15:33:49.467Z","dependencies_parsed_at":"2024-02-06T05:29:27.297Z","dependency_job_id":"e6d41514-0d92-4532-a716-707e27d35f57","html_url":"https://github.com/mccutchen/safedialer","commit_stats":null,"previous_names":["mccutchen/safedialer"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mccutchen%2Fsafedialer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mccutchen%2Fsafedialer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mccutchen%2Fsafedialer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mccutchen%2Fsafedialer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mccutchen","download_url":"https://codeload.github.com/mccutchen/safedialer/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244890102,"owners_count":20527030,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golang","http","networking","security","ssrf"],"created_at":"2025-03-22T00:33:44.489Z","updated_at":"2025-03-22T00:33:52.263Z","avatar_url":"https://github.com/mccutchen.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# safedialer\n\nPackage safedialer provides a [net.Dialer][dialer] `Control` function that\npermits only TCP connections to port 80 and 443 on public IP addresses, so that\nan application may safely connect to possibly-malicious URLs controlled by\nexternal clients.\n\nThis code is _very_ lightly adapted from [Andrew Ayer][]'s excellent 2019 blog\npost [\"Preventing Server Side Request Forgery in Golang\"][blog], which explains\nthe dangers of connecting to arbitrary URLs from your own application code.\n\n\n## Example usage\n\n```go\nimport (\n    \"fmt\"\n    \"net\"\n    \"net/http\"\n\n    \"github.com/mccutchen/safedialer\"\n)\n\nsafeClient := \u0026http.Client{\n    Transport: \u0026http.Transport{\n        DialContext: (\u0026net.Dialer{\n            Control: safedialer.Control,\n        }).DialContext,\n    },\n}\n\n// Our safeClient will reject this request for a URL that resolves to a\n// private IP address.\nresp, err := safeClient.Get(\"http://www.10.0.0.1.nip.io\")\nif err != nil {\n    fmt.Println(\"Prevented possibly malicious request\")\n}\n```\n\n\n## Authors\n\nWritten by [Andrew Ayer][].\n\nGitHub repo and test suite added by [Will McCutchen][].\n\n\n## Copying\n\nAll the content within this repository is dedicated to the public domain under\nthe [CC0 1.0 Universal (CC0 1.0) Public Domain Dedication][cc-zero].\n\n[Andrew Ayer]: https://agwa.name\n[blog]: https://www.agwa.name/blog/post/preventing_server_side_request_forgery_in_golang\n[cc-zero]: https://creativecommons.org/publicdomain/zero/1.0/\n[dialer]: https://golang.org/pkg/net/#Dialer\n[Will McCutchen]: https://github.com/mccutchen\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmccutchen%2Fsafedialer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmccutchen%2Fsafedialer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmccutchen%2Fsafedialer/lists"}