Metadata-Version: 2.2
Name: requests-safe
Version: 0.2
Summary: Provides an adapter for requests that won't allow connections to "unsafe" networks.
Home-page: https://github.com/crunch-io/requests-safe
Author: Bert JW Regeer
Author-email: bertjw@regeer.org
License: ISC License
Keywords: requests,urllib3
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Description-Content-Type: text/x-rst
License-File: LICENSE
Requires-Dist: requests
Requires-Dist: urllib3
Requires-Dist: ipaddress; python_version == "2.7"
Provides-Extra: testing
Requires-Dist: pytest; extra == "testing"
Requires-Dist: pytest-cov; extra == "testing"
Requires-Dist: coverage; extra == "testing"
Requires-Dist: mocket; extra == "testing"

requests-safe
-------------

This project provides an ``HTTPAdapter`` for the Requests_ library that will
disallow connections to networks that are considered unsafe to connect to.

The primary use case is to safely be able to retrieve items from a user
provided URL without potentially requesting internal or secret resources within
ones own network.

Usage
~~~~~

It's very simple to use this library, install it as part of your project and
then the following code will protect all requests against accidentally
retrieving something from an IP address in the ranges listed below!

.. code:: python

    import requests_safe
    from requests import Session

    with Session() as s:
        requests_safe.apply(s)

        s.get("https://google.com/")

There is unfortunately no global way to apply this, so using ``requests.get()``
and friends directly will not be protected by default.

IPv4 unsafe networks
~~~~~~~~~~~~~~~~~~~~

These are the IPv4 networks that are blocked from being conneted to:

=========================      ==================
         Name                  Network (CIDR)
-------------------------      ------------------
RFC1918 (private network)      10.0.0.0/8
RFC1918                        172.16.0.0/12
RFC1918                        192.168.0.0/16
Link-Local                     169.254.0.0/16
CG-NAT address space           100.64.0.0/10
Localhost/loopback             127.0.0.0/8
Wildcard IP                    0.0.0.0/32
IETF Protocol Assignments      192.0.0.0/24
TEST-NET-1                     192.0.2.0/24
RESERVED                       192.88.99.0/24
Benchmark testing              198.18.0.0/15
TEST-NET-2                     198.51.100.0/24
TEST-NET-3                     203.0.113.0/24
IP Multicast                   224.0.0.0/4
RESERVED                       240.0.0.0/4
Limited broadcast              255.255.255.255/32
=========================      ==================

IPv6 unsafe networks
~~~~~~~~~~~~~~~~~~~~

These are the IPv6 networks that are blocked from being connected to:

=============================        ==================
         Name                        Network (CIDR)
-----------------------------        ------------------
Localhost/unspecified address        ::/128
Loopback                             ::1/128
IPv4 mapped address                  ::ffff:0:0/96
IPv4 translated addresses            ::ffff:0:0:0/96
IPv4/IPv6 translation                64:ff9b::/96
Discard prefix                       100::/64
Teredo tunneling                     2001::/32
Orchid v2 (abondoned)                2001:20::/28
Documentation                        2001:db8::/32
6to4 addressing scheme               2002::/16
ULA address space                    fc00::/7
Link-local address space             fe80::/10
Global multicast                     ff00::/8
=============================        ==================

.. _Requests: http://docs.python-requests.org/en/master/

0.2 (2019-04-24)
----------------

Project is open sourced!

- No further changes from 0.1

0.1 (2019-04-23)
----------------

Internal Crunch.io only version.

- New HTTP Adapter for the Requests library.


Copyright (c) 2019 Crunch

Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

