Documentation
¶
Overview ¶
Package netutil provides HTTP security utilities for safe network operations. This package is designed to be reusable across the codebase without dependencies on domain, application, or infrastructure layers.
Index ¶
- func ExtractHost(rawURL string) string
- func FormatSize(bytes int64) string
- func HasCredentials(rawURL string) bool
- func InsecureTLSConfig() *tls.Config
- func IsHTTPS(rawURL string) bool
- func IsOCI(rawURL string) bool
- func IsPrivateHost(host string) (bool, net.IP)
- func IsPrivateIP(ip net.IP) bool
- func IsPrivateIPError(err error) bool
- func IsPrivateIPString(ipStr string) bool
- func IsRetryableStatus(statusCode int) bool
- func IsSizeLimitExceededError(err error) bool
- func MinTLSVersion() uint16
- func MinTLSVersionString() string
- func NormalizeURL(rawURL string) string
- func PrivateIPRanges() []string
- func StripCredentials(rawURL string) string
- func TLSConfig() *tls.Config
- func TLSVersionString(version uint16) string
- type LimitedReader
- type PrivateIPError
- type RetryTransport
- type SecureDialer
- type SizeLimitExceededError
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExtractHost ¶
ExtractHost returns just the host:port from a URL.
func FormatSize ¶
FormatSize returns a human-readable size string.
func HasCredentials ¶
HasCredentials returns true if the URL contains credentials.
func InsecureTLSConfig ¶
InsecureTLSConfig returns a TLS configuration that skips certificate verification. This should only be used with explicit user consent (--insecure flag). WARNING: Using this config disables security protections.
func IsPrivateHost ¶
IsPrivateHost resolves a hostname and checks if any of its IPs are private. Returns true if the host resolves to any private IP. Returns false if the host cannot be resolved or has no private IPs.
func IsPrivateIP ¶
IsPrivateIP returns true if the given IP address is in a private/reserved range. This includes:
- 10.0.0.0/8 (Class A private)
- 172.16.0.0/12 (Class B private)
- 192.168.0.0/16 (Class C private)
- 169.254.0.0/16 (link-local)
- 127.0.0.0/8 (loopback)
- ::1/128 (IPv6 loopback)
- fc00::/7 (IPv6 unique local)
- fe80::/10 (IPv6 link-local)
func IsPrivateIPError ¶
IsPrivateIPError returns true if the error is a PrivateIPError.
func IsPrivateIPString ¶
IsPrivateIPString parses an IP string and checks if it's private. Returns false if the string is not a valid IP address.
func IsRetryableStatus ¶
IsRetryableStatus is exported for testing and external use.
func IsSizeLimitExceededError ¶
IsSizeLimitExceededError returns true if the error is a SizeLimitExceededError.
func MinTLSVersion ¶
func MinTLSVersion() uint16
MinTLSVersion returns the minimum required TLS version.
func MinTLSVersionString ¶
func MinTLSVersionString() string
MinTLSVersionString returns the minimum required TLS version as a string.
func NormalizeURL ¶
NormalizeURL returns a normalized form of the URL suitable for cache keys. It lowercases the scheme and host, removes default ports, and strips credentials.
func PrivateIPRanges ¶
func PrivateIPRanges() []string
PrivateIPRanges returns a human-readable list of blocked IP ranges. Useful for error messages and documentation.
func StripCredentials ¶
StripCredentials removes user:password@ from a URL for safe logging. Returns the original string if the URL cannot be parsed.
func TLSConfig ¶
TLSConfig returns a secure TLS configuration with TLS 1.2+ minimum. This enforces Constitution II: TLS Enforcement requirements.
func TLSVersionString ¶
TLSVersionString returns a human-readable TLS version string.
Types ¶
type LimitedReader ¶
type LimitedReader struct {
R io.Reader // underlying reader
N int64 // max bytes remaining
Limit int64 // original limit (for error messages)
// contains filtered or unexported fields
}
LimitedReader wraps an io.Reader with a maximum size limit. It returns an error when the limit is exceeded.
func NewLimitedReader ¶
func NewLimitedReader(r io.Reader, limit int64) *LimitedReader
NewLimitedReader creates a new LimitedReader that will read at most limit bytes.
func (*LimitedReader) BytesRead ¶
func (l *LimitedReader) BytesRead() int64
BytesRead returns the number of bytes read so far.
type PrivateIPError ¶
PrivateIPError is returned when a connection to a private IP is blocked.
func (*PrivateIPError) Error ¶
func (e *PrivateIPError) Error() string
type RetryTransport ¶
type RetryTransport struct {
// Base is the underlying transport.
// Default: http.DefaultTransport if nil.
Base http.RoundTripper
// OnRetry is called before each retry attempt.
// The callback receives the attempt number (1-based) and wait duration.
OnRetry func(attempt int, waitDuration time.Duration, statusCode int)
// MaxRetries is the maximum number of retry attempts.
// Default: 3 if zero.
MaxRetries int
// InitialBackoff is the initial backoff duration.
// Default: 1s if zero.
InitialBackoff time.Duration
// MaxBackoff is the maximum backoff duration.
// Default: 30s if zero.
MaxBackoff time.Duration
}
RetryTransport wraps an http.RoundTripper with retry logic. It implements exponential backoff and respects Retry-After headers.
type SecureDialer ¶
type SecureDialer struct {
OnPrivateIPBlocked func(ip net.IP)
OnDNSPinning func(host string, ip net.IP)
Resolver *net.Resolver
Timeout time.Duration
AllowPrivateNetwork bool
}
SecureDialer provides DNS pinning and SSRF protection for network connections. It resolves DNS once and pins the IP for the duration of the connection, preventing DNS rebinding attacks.
func (*SecureDialer) DialContext ¶
DialContext connects to the address with DNS pinning and SSRF protection. It resolves DNS once, validates against private IP ranges, and connects using the pinned IP to prevent DNS rebinding attacks.
type SizeLimitExceededError ¶
SizeLimitExceededError is returned when the size limit is exceeded.
func (*SizeLimitExceededError) Error ¶
func (e *SizeLimitExceededError) Error() string
Source Files