Contains reusable logic to apply Oomnitza ssrf protection.
Project description
Oomnitza SSRF Protection
Package contains reusable logic to apply Oomnitza SSRF protection.
Overview
The SSRF Protector library is a Python library designed to protect against Server-Side Request Forgery (SSRF) attacks. SecuritySSRFProtection class provides a check_url method that allows you to validate URLs and ensure they do not point to sensitive or internal resources.
Installation
You can install the SSRF Protector library using pip:
pip install oomnitza-ssrf-protection
Usage
To use the SSRF Protector library, follow the steps below:
Import the AsyncSecuritySSRFProtection class from the library and call the check_url method with the URL you want to validate:
url = "https://example.com"
result = await AsyncSecuritySSRFProtection().check_url(url)
It's also possible to use SyncSecuritySSRFProtection as synchronous version
url = "https://example.com"
result = SyncSecuritySSRFProtection().check_url(url)
It's also possible to pass whitelist of URLs
url_to_check = "https://example.com"
allowed_urls=["http://127.0.0.1", "http://169.254.1.194"]
result = await AsyncSecuritySSRFProtection(
allowed_urls=allowed_urls
).check_url(url_to_check)
The check_url method will raise SSRFProtectionError if the URL is potentially dangerous (e.g., pointing to internal resources).
Development
Install package with or without test dependencies.
python3 -m venv .venv
source .venv/bin/activate
pip install oomnitza-ssrf-protection
pip install -e '.[tests]'
Feel free to write additional tests to cover the new changes and run test suite.
Distribution
Build and upload the package to the PyPi repository.
Upload package to testpypi
python3 -m build
python3 -m twine upload --repository testpypi dist/*
Upload package to pypi
python3 -m build
python3 -m twine upload dist/*
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for oomnitza_ssrf_protection-0.1.5.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | bf1e0e8d698e132f6093f3603db9b82a12b2bb300c4980a9e9d5e9b25b12b66e |
|
MD5 | 31ef39682afc3640f33d5d73e526b199 |
|
BLAKE2b-256 | 87014b73828b35103b9723a397aa92f7f826aa00f29fbcd084a18c748c3cc2fe |
Hashes for oomnitza_ssrf_protection-0.1.5-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2744fb148c0cb90a6baf4c054ae05501d52775beef7fa0a44490d5abe2b08637 |
|
MD5 | e193dafa2d0637fa195321e0f53224e7 |
|
BLAKE2b-256 | 873dcf46a2bd4ecaecb79c12c2161587867fd3d02c6db0d130fec8442e1c2176 |