Provides an adapter for requests that won't allow connections to "unsafe" networks.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jjdelc from gravatar.com jjdelc Avatar for jtate from gravatar.com jtate Avatar for percious from gravatar.com percious Avatar for xistence from gravatar.com xistence

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Project description

requests-safe

This project provides an HTTPAdapter for the Requests library that will disallow connections to networks that are considered unsafe to connect to.

The primary use case is to safely be able to retrieve items from a user provided URL without potentially requesting internal or secret resources within ones own network.

Usage

It’s very simple to use this library, install it as part of your project and then the following code will protect all requests against accidentally retrieving something from an IP address in the ranges listed below!

import requests_safe
from requests import Session

with Session() as s:
    requests_safe.apply(s)

    s.get("https://google.com/")

There is unfortunately no global way to apply this, so using requests.get() and friends directly will not be protected by default.

IPv4 unsafe networks

These are the IPv4 networks that are blocked from being conneted to:

Name

Network (CIDR)

RFC1918 (private network)

10.0.0.0/8

RFC1918

172.16.0.0/12

RFC1918

192.168.0.0/16

Link-Local

169.254.0.0/16

CG-NAT address space

100.64.0.0/10

Localhost/loopback

127.0.0.0/8

Wildcard IP

0.0.0.0/32

IETF Protocol Assignments

192.0.0.0/24

TEST-NET-1

192.0.2.0/24

RESERVED

192.88.99.0/24

Benchmark testing

198.18.0.0/15

TEST-NET-2

198.51.100.0/24

TEST-NET-3

203.0.113.0/24

IP Multicast

224.0.0.0/4

RESERVED

240.0.0.0/4

Limited broadcast

255.255.255.255/32

IPv6 unsafe networks

These are the IPv6 networks that are blocked from being connected to:

Name

Network (CIDR)

Localhost/unspecified address

::/128

Loopback

::1/128

IPv4 mapped address

::ffff:0:0/96

IPv4 translated addresses

::ffff:0:0:0/96

IPv4/IPv6 translation

64:ff9b::/96

Discard prefix

100::/64

Teredo tunneling

2001::/32

Orchid v2 (abondoned)

2001:20::/28

Documentation

2001:db8::/32

6to4 addressing scheme

2002::/16

ULA address space

fc00::/7

Link-local address space

fe80::/10

Global multicast

ff00::/8

0.2 (2019-04-24)

Project is open sourced!

  • No further changes from 0.1

0.1 (2019-04-23)

Internal Crunch.io only version.

  • New HTTP Adapter for the Requests library.

Copyright (c) 2019 Crunch

Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jjdelc from gravatar.com jjdelc Avatar for jtate from gravatar.com jtate Avatar for percious from gravatar.com percious Avatar for xistence from gravatar.com xistence

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

This version

0.2

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

requests-safe-0.2.tar.gz (9.3 kB view details)

Uploaded Source

Built Distribution

requests_safe-0.2-py2.py3-none-any.whl (6.4 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file requests-safe-0.2.tar.gz.

File metadata

  • Download URL: requests-safe-0.2.tar.gz
  • Upload date:
  • Size: 9.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/41.0.1 requests-toolbelt/0.9.1 tqdm/4.31.1 CPython/3.7.0

File hashes

Hashes for requests-safe-0.2.tar.gz
Algorithm Hash digest
SHA256 e01d9ab79fbaab88427979a03242fac1e3235bac66926933b1004d0dacf82873
MD5 78ba94d39c91e8737c068bb5b1bcf45c
BLAKE2b-256 353bd1abc4483b331616b18464fa9c8fd37d2da9852eb4baa5d43dfec5681e7e

See more details on using hashes here.

File details

Details for the file requests_safe-0.2-py2.py3-none-any.whl.

File metadata

  • Download URL: requests_safe-0.2-py2.py3-none-any.whl
  • Upload date:
  • Size: 6.4 kB
  • Tags: Python 2, Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/41.0.1 requests-toolbelt/0.9.1 tqdm/4.31.1 CPython/3.7.0

File hashes

Hashes for requests_safe-0.2-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 4c7deeaaf6731653fa5bd046f7cd3bf5f2fc66b5d55921a64c8b94584a58f4d6
MD5 8b2b488e823dcf08b92c97f430dc8483
BLAKE2b-256 3911bf8df578b7cc5f3639e242123492578ee7083c34e2b64e80e43e2b9b9eee

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page