ssrf

package
v1.1.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 13, 2026 License: AGPL-3.0 Imports: 5 Imported by: 0

Documentation

Overview

Package ssrf provides SSRF protection utilities.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrInvalidScheme indicates a URL used a non-http(s) scheme.
	ErrInvalidScheme = errors.New("invalid URL scheme")
	// ErrEmptyHostname indicates a URL is missing a hostname.
	ErrEmptyHostname = errors.New("empty hostname")
	// ErrBlockedHostname indicates a URL hostname is blocked by SSRF policy.
	ErrBlockedHostname = errors.New("hostname is blocked")
)

Functions

func IsBlockedHostname 

func IsBlockedHostname(hostname string) bool

IsBlockedHostname reports whether a hostname should be blocked for SSRF protection.

It blocks:

  • IP literals that are blocked by IsBlockedIP
  • known internal/metadata hostnames and their subdomains (e.g. *.metadata.azure.com)

func IsBlockedIP 

func IsBlockedIP(ip net.IP) bool

IsBlockedIP reports whether the IP should be blocked for SSRF protection.

func ValidateURL 

func ValidateURL(u *url.URL) error

ValidateURL validates that a URL is safe to resolve and dial from an SSRF perspective.

It enforces: - http/https schemes only - non-empty hostname - hostname is not blocked by IsBlockedHostname (including IP literals)

func ValidateURLString 

func ValidateURLString(raw string) (*url.URL, error)

ValidateURLString parses and validates a URL string using ValidateURL.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.