Exciting news!Announcing our $4.6M Series Seed. Learn more
Socket
LoveBlogFAQ
Install
Log in

ssrf-req-filter

Package Overview
Dependencies
1
Maintainers
1
Versions
5
Issues
File Explorer

Advanced tools

ssrf-req-filter

Module to prevent SSRF when making requests

    1.0.5latest

Version published
Maintainers
1
Yearly downloads
3,824
increased by55.57%

Weekly downloads

Changelog

Source

1.0.5 (2021-07-01)

Bug Fixes

  • upgrade ipaddr.js from 2.0.0 to 2.0.1 (#6) (f231ed7)

Readme

Source

ssrf-req-filter - Prevent SSRF Attacks :shield:

David npm NPM GitHub Workflow Status

Server-Side Request Forgery (SSRF)

SSRF is an attack vector that abuses an application to interact with the internal/external network or the machine itself. One of the enablers for this vector is the mishandling of URLs. Read More

Install

npm install ssrf-req-filter

Usage

  • Axios:
const ssrfFilter = require('ssrf-req-filter'); const url = 'https://127.0.0.1' axios.get(url, {httpAgent: ssrfFilter(url), httpsAgent: ssrfFilter(url)}) .then((response) => { console.log(`Success`); }) .catch((error) => { console.log(`${error.toString().split('\n')[0]}`); }) .then(() => { });
  • Node-fetch:
const ssrfFilter = require('ssrf-req-filter'); const fetch = require("node-fetch"); const url = 'https://127.0.0.1' fetch(url, { agent: ssrfFilter(url) }) .then((response) => { console.log(`Success`); }) .catch(error => { console.log(`${error.toString().split('\n')[0]}`); });

Credits: Implementation inspired By https://github.com/welefen/ssrf-agent

Keywords

FAQs

What is ssrf-req-filter?

Module to prevent SSRF when making requests

Is ssrf-req-filter popular?

The npm package ssrf-req-filter receives a total of 60 weekly downloads. As such, ssrf-req-filter popularity was classified as not popular.

Is ssrf-req-filter well maintained?

We found that ssrf-req-filter demonstrated a healthy version release cadence and project activity. It has 1 open source maintainer collaborating on the project.

Last updated on 01 Jul 2021
Socket

Product

Subscribe to our newsletter

Get open source security insights delivered straight into your inbox. Be the first to learn about new features and product updates.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc