Description
in the http_request.zig it looks like SSRF is enforced before going to any of the allowed domains. When running nullclaw in a container and try to connect to local Seaxng instance it fails cause it is an internal IP with the error that it blocks private IPs.
Motivation
In self-hosting environments disabling SSRF is nice given we don't want to expose things to the internet
Description
in the http_request.zig it looks like SSRF is enforced before going to any of the allowed domains. When running nullclaw in a container and try to connect to local Seaxng instance it fails cause it is an internal IP with the error that it blocks private IPs.
Motivation
In self-hosting environments disabling SSRF is nice given we don't want to expose things to the internet