security

package
v0.3.9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 8, 2026 License: MIT Imports: 7 Imported by: 0

Documentation

Overview

Package security provides shared security validation functions.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func SetTestBypassSSRF

func SetTestBypassSSRF(enabled bool)

SetTestBypassSSRF enables or disables the SSRF validation bypass for testing. It is safe for concurrent use.

func ValidateHTTPURL

func ValidateHTTPURL(rawURL string) error

ValidateHTTPURL checks for SSRF vulnerabilities by blocking requests to internal networks. It rejects localhost, private IP ranges, link-local addresses, and cloud metadata endpoints. Hostnames are resolved to detect DNS rebinding attacks targeting internal addresses.

Blocked results are cached for up to 30 seconds. If a hostname transiently resolves to an internal address (e.g. during DNS propagation), it will remain blocked until the cache entry expires, even if the DNS record is corrected sooner.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL