Skip to content

CSIS/secure-mcp-fetch

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.github/workflows
.github/workflows
 
 
.vscode
.vscode
 
 
.dockerignore
.dockerignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
main.py
main.py
 
 
readme.md
readme.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Secure Fetch

This project implements a secure URL fetching tool using FastMCP.

Prerequisites

  • Python 3.7+
  • uv (Python package installer and environment manager)

Installation

  1. Install uv if you haven't already:
pip install uv
  1. Create a new virtual environment and install dependencies:
uv venv
source .venv/bin/activate
uv pip install fastmcp requests

Usage

  1. Set the allowlist environment variable (optional):
export SECURE_FETCH_ALLOWLIST="example.com,trusted-domain.org"
  1. Run the script:
uv run main.py

Features

  • Fetches URLs securely
  • Resolves domains to IPs
  • Checks for private/internal IPs
  • Handles redirects (up to 3)
  • Supports custom HTTP methods and headers
  • Uses an allowlist for trusted domains/IPs

Security Considerations

  • The tool prevents access to private/internal IPs unless explicitly allowed
  • Only HTTP and HTTPS schemes are permitted
  • SNI is set to match the hostname for HTTPS connections

Example Usage

Once the script is running, you can use the fetch_url function to securely fetch URLs. The function will return a dictionary containing the status code, response body, and content length.

Note

This tool is designed for secure URL fetching. Always review and understand the code before using it in your environment.

About

Simple secured fetch

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 92.0%
  • Dockerfile 8.0%