idZddlZddlZddlZddlmZejeZe ddhZ ej dZ dej ejzdefd Zd edefd ZdS) uURL safety checks — blocks requests to private/internal network addresses. Prevents SSRF (Server-Side Request Forgery) where a malicious prompt or skill could trick the agent into fetching internal resources like cloud metadata endpoints (169.254.169.254), localhost services, or private network hosts. Limitations (documented, not fixable at pre-flight level): - DNS rebinding (TOCTOU): an attacker-controlled DNS server with TTL=0 can return a public IP for the check, then a private IP for the actual connection. Fixing this requires connection-level validation (e.g. Python's Champion library or an egress proxy like Stripe's Smokescreen). - Redirect-based bypass is mitigated by httpx event hooks that re-validate each redirect target in vision_tools, gateway platform adapters, and media cache helpers. Web tools use third-party SDKs (Firecrawl/Tavily) where redirect handling is on their servers. N)urlparsezmetadata.google.internalz metadata.googz 100.64.0.0/10ipreturncx|js|js|js|jrdS|js|jrdS|t vrdSdS)z %sTu5Blocked request — URL safety check error for %s: %s)rhostnamestriplower_BLOCKED_HOSTNAMESloggerwarningsocket getaddrinfo AF_UNSPEC SOCK_STREAMgaierror ipaddress ip_address ValueErrorr Exception) rparsedr addr_infofamily_sockaddrip_strrexcs r is_safe_urlr*3s (#O)r002288:: 5 ) ) ) NNEx P P P5 *8T6;KVM_``II    NNNPX Y Y Y55   *3   %FAq!Xa[F )&11    b!! Kfuu  t  NPSUXYYYuuuuu sk>D/$D/)+BD/*C?D/CD/C.-D/. C;8D/:C;;/D/,D// E 9EE )__doc__rloggingr urllib.parser getLogger__name__r frozensetr ip_networkr IPv4Address IPv6Addressboolrstrr*rrr7s$ !!!!!!  8 $ $Y &%o66 y,y/DD     .S.T......r