Skip to content

hakobe/paranoidhttp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

client.go

client.go

 
 

client_test.go

client_test.go

 
 

go.mod

go.mod

 
 

version.go

version.go

 
 

Repository files navigation

Paranoidhttp

Build Status Coverage Status MIT License GoDoc

Paranoidhttp provides a pre-configured http.Client that protects you from harm.

Description

Paranoidhttp is a factory of http.Client that is paranoid againt attackers. This is useful when you create an HTTP request using inputs from possibly malicious users.

The created http.Client protects you from connecting to internal IP ranges even though redirects or DNS tricks are used.

Synopsis

// use the default client for ease
res, err := paranoidhttp.DefaultClient.Get("http://www.hatena.ne.jp")

// or customize the client for yourself
client, transport, dialer := paranoidhttp.NewClient()
client.Timeout = 10 * time.Second
transport.DisableCompression = true
dialer.KeepAlive = 60 * time.Second

// Add an permitted ipnets with functional option
ipNet, _ := net.ParseCIDR("127.0.0.1/32")
client, _, _ := paranoidhttp.New(
    paranoidhttp.PermittedIPNets(ipNet))

Acknowledgement

I want to thank LWPx::ParanoidAgent.

License

MIT

Author

hakobe

About

Paranoidhttp provides a pre-configured http.Client that protects you from harm.

Topics

go http

Resources

Readme

License

MIT license
Activity

Stars

37 stars

Watchers

6 watching

Forks

8 forks
Report repository

Releases

3 tags

Packages

No packages published

Contributors 7

Languages