n8n-core 2.26.2 → 2.27.0

package/dist/http-proxy.js

@@ -1,109 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createHttpProxyAgent = createHttpProxyAgent;
-exports.createHttpsProxyAgent = createHttpsProxyAgent;
-exports.installGlobalProxyAgent = installGlobalProxyAgent;
-exports.uninstallGlobalProxyAgent = uninstallGlobalProxyAgent;
-const http_1 = __importDefault(require("http"));
-const http_proxy_agent_1 = require("http-proxy-agent");
-const https_1 = __importDefault(require("https"));
-const https_proxy_agent_1 = require("https-proxy-agent");
-const n8n_workflow_1 = require("n8n-workflow");
-const proxy_from_env_1 = __importDefault(require("proxy-from-env"));
-function buildTargetUrl(hostname, port, protocol) {
-    const defaultPort = protocol === 'https' ? 443 : 80;
-    const portSuffix = port === defaultPort ? '' : `:${port}`;
-    return `${protocol}://${hostname}${portSuffix}`;
-}
-function extractHostInfo(options, defaultPort) {
-    const hostname = options.hostname ?? options.host ?? 'localhost';
-    const port = typeof options.port === 'string' ? parseInt(options.port, 10) : (options.port ?? defaultPort);
-    return { hostname: String(hostname), port: Number(port) };
-}
-function getOrCreateProxyAgent(cache, proxyUrl, createAgent) {
-    let proxyAgent = cache.get(proxyUrl);
-    if (!proxyAgent) {
-        proxyAgent = createAgent(proxyUrl);
-        cache.set(proxyUrl, proxyAgent);
-    }
-    return proxyAgent;
-}
-function createFallbackAgent(agentClass) {
-    return new agentClass();
-}
-class HttpProxyManager extends http_1.default.Agent {
-    constructor() {
-        super(...arguments);
-        this.proxyAgentCache = new Map();
-        this.fallbackAgent = createFallbackAgent(http_1.default.Agent);
-    }
-    addRequest(req, options) {
-        const { hostname, port } = extractHostInfo(options, 80);
-        const targetUrl = buildTargetUrl(hostname, port, 'http');
-        const proxyUrl = proxy_from_env_1.default.getProxyForUrl(targetUrl);
-        if (proxyUrl) {
-            const proxyAgent = getOrCreateProxyAgent(this.proxyAgentCache, proxyUrl, (url) => new http_proxy_agent_1.HttpProxyAgent(url));
-            return proxyAgent.addRequest(req, options);
-        }
-        return this.fallbackAgent.addRequest(req, options);
-    }
-}
-class HttpsProxyManager extends https_1.default.Agent {
-    constructor() {
-        super(...arguments);
-        this.proxyAgentCache = new Map();
-        this.fallbackAgent = createFallbackAgent(https_1.default.Agent);
-    }
-    addRequest(req, options) {
-        const { hostname, port } = extractHostInfo(options, 443);
-        const targetUrl = buildTargetUrl(hostname, port, 'https');
-        const proxyUrl = proxy_from_env_1.default.getProxyForUrl(targetUrl);
-        if (proxyUrl) {
-            const proxyAgent = getOrCreateProxyAgent(this.proxyAgentCache, proxyUrl, (url) => new https_proxy_agent_1.HttpsProxyAgent(url));
-            return proxyAgent.addRequest(req, options);
-        }
-        return this.fallbackAgent.addRequest(req, options);
-    }
-}
-function createHttpProxyAgent(customProxyUrl = null, targetUrl, options) {
-    const proxyUrl = customProxyUrl ?? proxy_from_env_1.default.getProxyForUrl(targetUrl);
-    if (proxyUrl) {
-        return new http_proxy_agent_1.HttpProxyAgent(proxyUrl, options);
-    }
-    return new http_1.default.Agent(options);
-}
-function createHttpsProxyAgent(customProxyUrl = null, targetUrl, options) {
-    const proxyUrl = customProxyUrl ?? proxy_from_env_1.default.getProxyForUrl(targetUrl);
-    if (proxyUrl) {
-        return new https_proxy_agent_1.HttpsProxyAgent(proxyUrl, options);
-    }
-    return new https_1.default.Agent(options);
-}
-function hasProxyEnvironmentVariables() {
-    return Boolean(process.env.HTTP_PROXY ??
-        process.env.http_proxy ??
-        process.env.HTTPS_PROXY ??
-        process.env.https_proxy ??
-        process.env.ALL_PROXY ??
-        process.env.all_proxy);
-}
-function installGlobalProxyAgent() {
-    if (hasProxyEnvironmentVariables()) {
-        n8n_workflow_1.LoggerProxy.debug('Installing global HTTP proxy agents', {
-            HTTP_PROXY: process.env.HTTP_PROXY ?? process.env.http_proxy,
-            HTTPS_PROXY: process.env.HTTPS_PROXY ?? process.env.https_proxy,
-            NO_PROXY: process.env.NO_PROXY ?? process.env.no_proxy,
-            ALL_PROXY: process.env.ALL_PROXY ?? process.env.all_proxy,
-        });
-        http_1.default.globalAgent = new HttpProxyManager();
-        https_1.default.globalAgent = new HttpsProxyManager();
-    }
-}
-function uninstallGlobalProxyAgent() {
-    http_1.default.globalAgent = new http_1.default.Agent();
-    https_1.default.globalAgent = new https_1.default.Agent();
-}
-//# sourceMappingURL=http-proxy.js.map

package/dist/http-proxy.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"http-proxy.js","sourceRoot":"","sources":["../src/http-proxy.ts"],"names":[],"mappings":";;;;;AA8FA,oDAYC;AAED,sDAYC;AAaD,0DAYC;AAED,8DAGC;AAtJD,gDAAwB;AACxB,uDAAkD;AAClD,kDAA0B;AAC1B,yDAAoD;AACpD,+CAA2C;AAC3C,oEAA0C;AAM1C,SAAS,cAAc,CAAC,QAAgB,EAAE,IAAY,EAAE,QAA0B;IACjF,MAAM,WAAW,GAAG,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IACpD,MAAM,UAAU,GAAG,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC;IAC1D,OAAO,GAAG,QAAQ,MAAM,QAAQ,GAAG,UAAU,EAAE,CAAC;AACjD,CAAC;AAED,SAAS,eAAe,CACvB,OAA4B,EAC5B,WAAmB;IAEnB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,IAAI,IAAI,WAAW,CAAC;IACjE,MAAM,IAAI,GACT,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,IAAI,WAAW,CAAC,CAAC;IAC/F,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;AAC3D,CAAC;AAED,SAAS,qBAAqB,CAC7B,KAAqB,EACrB,QAAgB,EAChB,WAA+B;IAE/B,IAAI,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACrC,IAAI,CAAC,UAAU,EAAE,CAAC;QACjB,UAAU,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;QACnC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IACjC,CAAC;IACD,OAAO,UAAU,CAAC;AACnB,CAAC;AAED,SAAS,mBAAmB,CAAqC,UAAuB;IACvF,OAAO,IAAI,UAAU,EAAE,CAAC;AACzB,CAAC;AAQD,MAAM,gBAAiB,SAAQ,cAAI,CAAC,KAAK;IAAzC;;QACkB,oBAAe,GAAG,IAAI,GAAG,EAAkC,CAAC;QAC5D,kBAAa,GAAG,mBAAmB,CAAC,cAAI,CAAC,KAAK,CAAC,CAAC;IAkBlE,CAAC;IAhBA,UAAU,CAAC,GAAuB,EAAE,OAA4B;QAC/D,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,eAAe,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACxD,MAAM,SAAS,GAAG,cAAc,CAAC,QAAQ,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QACzD,MAAM,QAAQ,GAAG,wBAAY,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QAExD,IAAI,QAAQ,EAAE,CAAC;YACd,MAAM,UAAU,GAAG,qBAAqB,CACvC,IAAI,CAAC,eAAe,EACpB,QAAQ,EACR,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,iCAAc,CAAC,GAAG,CAAC,CAChC,CAAC;YACF,OAAO,UAAU,CAAC,UAAU,CAAC,GAAyB,EAAE,OAA8B,CAAC,CAAC;QACzF,CAAC;QAED,OAAO,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;IACpD,CAAC;CACD;AAED,MAAM,iBAAkB,SAAQ,eAAK,CAAC,KAAK;IAA3C;;QACkB,oBAAe,GAAG,IAAI,GAAG,EAAmC,CAAC;QAC7D,kBAAa,GAAG,mBAAmB,CAAC,eAAK,CAAC,KAAK,CAAC,CAAC;IAkBnE,CAAC;IAhBA,UAAU,CAAC,GAAuB,EAAE,OAA6B;QAChE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,eAAe,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QACzD,MAAM,SAAS,GAAG,cAAc,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QAC1D,MAAM,QAAQ,GAAG,wBAAY,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QAExD,IAAI,QAAQ,EAAE,CAAC;YACd,MAAM,UAAU,GAAG,qBAAqB,CACvC,IAAI,CAAC,eAAe,EACpB,QAAQ,EACR,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,mCAAe,CAAC,GAAG,CAAC,CACjC,CAAC;YACF,OAAO,UAAU,CAAC,UAAU,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAC5C,CAAC;QAED,OAAO,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;IACpD,CAAC;CACD;AAED,SAAgB,oBAAoB,CACnC,iBAAgC,IAAI,EACpC,SAAiB,EACjB,OAA2B;IAE3B,MAAM,QAAQ,GAAG,cAAc,IAAI,wBAAY,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;IAE1E,IAAI,QAAQ,EAAE,CAAC;QACd,OAAO,IAAI,iCAAc,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC9C,CAAC;IAED,OAAO,IAAI,cAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;AAChC,CAAC;AAED,SAAgB,qBAAqB,CACpC,iBAAgC,IAAI,EACpC,SAAiB,EACjB,OAA4B;IAE5B,MAAM,QAAQ,GAAG,cAAc,IAAI,wBAAY,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;IAE1E,IAAI,QAAQ,EAAE,CAAC;QACd,OAAO,IAAI,mCAAe,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC/C,CAAC;IAED,OAAO,IAAI,eAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;AACjC,CAAC;AAED,SAAS,4BAA4B;IACpC,OAAO,OAAO,CACb,OAAO,CAAC,GAAG,CAAC,UAAU;QACrB,OAAO,CAAC,GAAG,CAAC,UAAU;QACtB,OAAO,CAAC,GAAG,CAAC,WAAW;QACvB,OAAO,CAAC,GAAG,CAAC,WAAW;QACvB,OAAO,CAAC,GAAG,CAAC,SAAS;QACrB,OAAO,CAAC,GAAG,CAAC,SAAS,CACtB,CAAC;AACH,CAAC;AAED,SAAgB,uBAAuB;IACtC,IAAI,4BAA4B,EAAE,EAAE,CAAC;QACpC,0BAAW,CAAC,KAAK,CAAC,qCAAqC,EAAE;YACxD,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU;YAC5D,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW;YAC/D,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ;YACtD,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS;SACzD,CAAC,CAAC;QAEH,cAAI,CAAC,WAAW,GAAG,IAAI,gBAAgB,EAAE,CAAC;QAC1C,eAAK,CAAC,WAAW,GAAG,IAAI,iBAAiB,EAAE,CAAC;IAC7C,CAAC;AACF,CAAC;AAED,SAAgB,yBAAyB;IACxC,cAAI,CAAC,WAAW,GAAG,IAAI,cAAI,CAAC,KAAK,EAAE,CAAC;IACpC,eAAK,CAAC,WAAW,GAAG,IAAI,eAAK,CAAC,KAAK,EAAE,CAAC;AACvC,CAAC"}

package/dist/ssrf/dns-resolver.d.ts

@@ -1,13 +0,0 @@
-import type { LookupAddress, LookupOptions } from 'node:dns';
-import { InMemoryDnsCache } from './in-memory-dns-cache.service';
-export type DnsLookupOptions = Pick<LookupOptions, 'all' | 'family' | 'order' | 'verbatim' | 'hints'>;
-export declare class DnsResolver {
-    private readonly dnsCache;
-    private readonly inFlightByCacheKey;
-    constructor(dnsCache: InMemoryDnsCache);
-    lookup(hostname: string, options?: DnsLookupOptions): Promise<LookupAddress[]>;
-    private doLookup;
-    private buildCacheKey;
-    private normalizeOptions;
-    private normalizeIpFamily;
-}

package/dist/ssrf/dns-resolver.js

@@ -1,93 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DnsResolver = void 0;
-const di_1 = require("@n8n/di");
-const node_dns_1 = require("node:dns");
-const in_memory_dns_cache_service_1 = require("./in-memory-dns-cache.service");
-const LOOKUP_CACHE_TTL_SECONDS = 1;
-let DnsResolver = class DnsResolver {
-    constructor(dnsCache) {
-        this.dnsCache = dnsCache;
-        this.inFlightByCacheKey = new Map();
-    }
-    async lookup(hostname, options = {}) {
-        const normalized = this.normalizeOptions(options);
-        const cacheKey = this.buildCacheKey(hostname, normalized);
-        const cached = await this.dnsCache.get(cacheKey);
-        if (cached)
-            return cached;
-        const existing = this.inFlightByCacheKey.get(cacheKey);
-        if (existing)
-            return await existing;
-        const lookupPromise = (async () => {
-            const addresses = await this.doLookup(hostname, normalized);
-            if (addresses.length > 0) {
-                await this.dnsCache.set(cacheKey, addresses, LOOKUP_CACHE_TTL_SECONDS);
-            }
-            return addresses;
-        })();
-        this.inFlightByCacheKey.set(cacheKey, lookupPromise);
-        return await lookupPromise.finally(() => {
-            this.inFlightByCacheKey.delete(cacheKey);
-        });
-    }
-    async doLookup(hostname, options) {
-        if (options.all) {
-            const records = await node_dns_1.promises.lookup(hostname, {
-                all: true,
-                family: options.family,
-                order: options.order,
-                verbatim: options.verbatim,
-                hints: options.hints,
-            });
-            return records;
-        }
-        const record = await node_dns_1.promises.lookup(hostname, {
-            all: false,
-            family: options.family,
-            order: options.order,
-            verbatim: options.verbatim,
-            hints: options.hints,
-        });
-        return [record];
-    }
-    buildCacheKey(hostname, options) {
-        const order = options.order ?? '-';
-        const verbatim = options.verbatim === undefined ? '-' : options.verbatim ? '1' : '0';
-        return `${hostname}|a:${options.all ? '1' : '0'}|f:${options.family}|o:${order}|v:${verbatim}|h:${options.hints ?? 0}`;
-    }
-    normalizeOptions(options) {
-        const all = options.all === true;
-        const family = this.normalizeIpFamily(options.family);
-        const order = options.order;
-        const verbatim = options.verbatim;
-        return { all, family, order, verbatim, hints: options.hints };
-    }
-    normalizeIpFamily(family) {
-        if (family === 4 || family === 6 || family === 0) {
-            return family;
-        }
-        if (family === 'IPv4') {
-            return 4;
-        }
-        if (family === 'IPv6') {
-            return 6;
-        }
-        return 0;
-    }
-};
-exports.DnsResolver = DnsResolver;
-exports.DnsResolver = DnsResolver = __decorate([
-    (0, di_1.Service)(),
-    __metadata("design:paramtypes", [in_memory_dns_cache_service_1.InMemoryDnsCache])
-], DnsResolver);
-//# sourceMappingURL=dns-resolver.js.map

package/dist/ssrf/dns-resolver.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"dns-resolver.js","sourceRoot":"","sources":["../../src/ssrf/dns-resolver.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,gCAAkC;AAClC,uCAA2C;AAG3C,+EAAiE;AAgBjE,MAAM,wBAAwB,GAAG,CAAC,CAAC;AAY5B,IAAM,WAAW,GAAjB,MAAM,WAAW;IAGvB,YAA6B,QAA0B;QAA1B,aAAQ,GAAR,QAAQ,CAAkB;QAFtC,uBAAkB,GAAG,IAAI,GAAG,EAAoC,CAAC;IAExB,CAAC;IAK3D,KAAK,CAAC,MAAM,CAAC,QAAgB,EAAE,UAA4B,EAAE;QAC5D,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAE1D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACjD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,MAAM,QAAQ,GAAG,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACvD,IAAI,QAAQ;YAAE,OAAO,MAAM,QAAQ,CAAC;QAEpC,MAAM,aAAa,GAAG,CAAC,KAAK,IAAI,EAAE;YACjC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;YAC5D,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,wBAAwB,CAAC,CAAC;YACxE,CAAC;YAED,OAAO,SAAS,CAAC;QAClB,CAAC,CAAC,EAAE,CAAC;QAEL,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;QAErD,OAAO,MAAM,aAAa,CAAC,OAAO,CAAC,GAAG,EAAE;YACvC,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,QAAQ,CACrB,QAAgB,EAChB,OAAgC;QAEhC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,OAAO,GAAG,MAAM,mBAAG,CAAC,MAAM,CAAC,QAAQ,EAAE;gBAC1C,GAAG,EAAE,IAAI;gBACT,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;aACpB,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;QAChB,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,mBAAG,CAAC,MAAM,CAAC,QAAQ,EAAE;YACzC,GAAG,EAAE,KAAK;YACV,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;SACpB,CAAC,CAAC;QAEH,OAAO,CAAC,MAAM,CAAC,CAAC;IACjB,CAAC;IAEO,aAAa,CAAC,QAAgB,EAAE,OAAgC;QACvE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,GAAG,CAAC;QACnC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;QACrF,OAAO,GAAG,QAAQ,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,MAAM,OAAO,CAAC,MAAM,MAAM,KAAK,MAAM,QAAQ,MAAM,OAAO,CAAC,KAAK,IAAI,CAAC,EAAE,CAAC;IACxH,CAAC;IAEO,gBAAgB,CAAC,OAAyB;QACjD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,KAAK,IAAI,CAAC;QACjC,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACtD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;QAC5B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QAClC,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC;IAC/D,CAAC;IAEO,iBAAiB,CAAC,MAAkC;QAC3D,IAAI,MAAM,KAAK,CAAC,IAAI,MAAM,KAAK,CAAC,IAAI,MAAM,KAAK,CAAC,EAAE,CAAC;YAClD,OAAO,MAAM,CAAC;QACf,CAAC;QACD,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACvB,OAAO,CAAC,CAAC;QACV,CAAC;QACD,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACvB,OAAO,CAAC,CAAC;QACV,CAAC;QACD,OAAO,CAAC,CAAC;IACV,CAAC;CACD,CAAA;AAtFY,kCAAW;sBAAX,WAAW;IADvB,IAAA,YAAO,GAAE;qCAI8B,8CAAgB;GAH3C,WAAW,CAsFvB"}

package/dist/ssrf/hostname-matcher.d.ts

@@ -1,6 +0,0 @@
-export declare class HostnameMatcher {
-    private readonly parsed;
-    constructor(patterns: readonly string[]);
-    matches(hostname: string): boolean;
-    private normalizeHostname;
-}

package/dist/ssrf/hostname-matcher.js

@@ -1,38 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.HostnameMatcher = void 0;
-class HostnameMatcher {
-    constructor(patterns) {
-        this.parsed = patterns
-            .map((p) => this.normalizeHostname(p))
-            .filter(Boolean)
-            .map((value) => {
-            if (value.startsWith('*.')) {
-                const suffix = value.slice(1);
-                return { isWildcard: true, suffix };
-            }
-            return { isWildcard: false, value };
-        });
-    }
-    matches(hostname) {
-        const normalizedHostname = this.normalizeHostname(hostname);
-        for (const pattern of this.parsed) {
-            if (pattern.isWildcard) {
-                if (normalizedHostname.endsWith(pattern.suffix) &&
-                    normalizedHostname.length > pattern.suffix.length) {
-                    return true;
-                }
-                continue;
-            }
-            if (normalizedHostname === pattern.value) {
-                return true;
-            }
-        }
-        return false;
-    }
-    normalizeHostname(hostname) {
-        return hostname.trim().toLowerCase();
-    }
-}
-exports.HostnameMatcher = HostnameMatcher;
-//# sourceMappingURL=hostname-matcher.js.map

package/dist/ssrf/hostname-matcher.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"hostname-matcher.js","sourceRoot":"","sources":["../../src/ssrf/hostname-matcher.ts"],"names":[],"mappings":";;;AAiBA,MAAa,eAAe;IAG3B,YAAY,QAA2B;QACtC,IAAI,CAAC,MAAM,GAAG,QAAQ;aACpB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC;aACrC,MAAM,CAAC,OAAO,CAAC;aACf,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;YACd,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC9B,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;YACrC,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;QACrC,CAAC,CAAC,CAAC;IACL,CAAC;IAKD,OAAO,CAAC,QAAgB;QACvB,MAAM,kBAAkB,GAAG,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAE5D,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACnC,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;gBAGxB,IACC,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;oBAC3C,kBAAkB,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAChD,CAAC;oBACF,OAAO,IAAI,CAAC;gBACb,CAAC;gBACD,SAAS;YACV,CAAC;YAGD,IAAI,kBAAkB,KAAK,OAAO,CAAC,KAAK,EAAE,CAAC;gBAC1C,OAAO,IAAI,CAAC;YACb,CAAC;QACF,CAAC;QAED,OAAO,KAAK,CAAC;IACd,CAAC;IAEO,iBAAiB,CAAC,QAAgB;QACzC,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACtC,CAAC;CACD;AA/CD,0CA+CC"}

package/dist/ssrf/in-memory-dns-cache.service.d.ts

@@ -1,11 +0,0 @@
-import { SsrfProtectionConfig } from '@n8n/config';
-import { LookupAddress } from 'node:dns';
-export declare class InMemoryDnsCache {
-    private readonly ssrfConfig;
-    private cache;
-    constructor(ssrfConfig: SsrfProtectionConfig);
-    private ensureCache;
-    get(hostname: string): Promise<LookupAddress[] | undefined>;
-    set(hostname: string, ips: LookupAddress[], ttl: number): Promise<void>;
-    clear(): Promise<void>;
-}

package/dist/ssrf/in-memory-dns-cache.service.js

@@ -1,61 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.InMemoryDnsCache = void 0;
-const config_1 = require("@n8n/config");
-const constants_1 = require("@n8n/constants");
-const di_1 = require("@n8n/di");
-const cache_manager_1 = require("cache-manager");
-const n8n_workflow_1 = require("n8n-workflow");
-const node_assert_1 = __importDefault(require("node:assert"));
-let InMemoryDnsCache = class InMemoryDnsCache {
-    constructor(ssrfConfig) {
-        this.ssrfConfig = ssrfConfig;
-    }
-    async ensureCache() {
-        if (!this.cache) {
-            const sizeCalculation = (item) => {
-                const str = (0, n8n_workflow_1.jsonStringify)(item, { replaceCircularRefs: true });
-                return new TextEncoder().encode(str).length;
-            };
-            this.cache = await (0, cache_manager_1.caching)('memory', {
-                maxSize: this.ssrfConfig.dnsCacheMaxSize,
-                sizeCalculation,
-                ttl: 0,
-                ttlResolution: 0,
-            });
-        }
-        return this.cache;
-    }
-    async get(hostname) {
-        const cache = await this.ensureCache();
-        return await cache.get(hostname);
-    }
-    async set(hostname, ips, ttl) {
-        (0, node_assert_1.default)(ttl > 0, 'DNS cache TTL must be greater than 0');
-        const cache = await this.ensureCache();
-        const ttlMs = ttl * constants_1.Time.seconds.toMilliseconds;
-        await cache.set(hostname, ips, ttlMs);
-    }
-    async clear() {
-        const cache = await this.ensureCache();
-        await cache.reset();
-    }
-};
-exports.InMemoryDnsCache = InMemoryDnsCache;
-exports.InMemoryDnsCache = InMemoryDnsCache = __decorate([
-    (0, di_1.Service)(),
-    __metadata("design:paramtypes", [config_1.SsrfProtectionConfig])
-], InMemoryDnsCache);
-//# sourceMappingURL=in-memory-dns-cache.service.js.map

package/dist/ssrf/in-memory-dns-cache.service.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"in-memory-dns-cache.service.js","sourceRoot":"","sources":["../../src/ssrf/in-memory-dns-cache.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,wCAAmD;AACnD,8CAAsC;AACtC,gCAAkC;AAElC,iDAAwC;AACxC,+CAA6C;AAC7C,8DAAiC;AAO1B,IAAM,gBAAgB,GAAtB,MAAM,gBAAgB;IAG5B,YAA6B,UAAgC;QAAhC,eAAU,GAAV,UAAU,CAAsB;IAAG,CAAC;IAEzD,KAAK,CAAC,WAAW;QACxB,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YACjB,MAAM,eAAe,GAAG,CAAC,IAAa,EAAE,EAAE;gBACzC,MAAM,GAAG,GAAG,IAAA,4BAAa,EAAC,IAAI,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC/D,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;YAC7C,CAAC,CAAC;YAEF,IAAI,CAAC,KAAK,GAAG,MAAM,IAAA,uBAAO,EAAC,QAAQ,EAAE;gBACpC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,eAAe;gBACxC,eAAe;gBACf,GAAG,EAAE,CAAC;gBACN,aAAa,EAAE,CAAC;aAChB,CAAC,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,KAAK,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,QAAgB;QACzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QACvC,OAAO,MAAM,KAAK,CAAC,GAAG,CAAkB,QAAQ,CAAC,CAAC;IACnD,CAAC;IAOD,KAAK,CAAC,GAAG,CAAC,QAAgB,EAAE,GAAoB,EAAE,GAAW;QAC5D,IAAA,qBAAM,EAAC,GAAG,GAAG,CAAC,EAAE,sCAAsC,CAAC,CAAC;QAExD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,GAAG,GAAG,gBAAI,CAAC,OAAO,CAAC,cAAc,CAAC;QAChD,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;IACvC,CAAC;IAED,KAAK,CAAC,KAAK;QACV,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QACvC,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;CACD,CAAA;AA7CY,4CAAgB;2BAAhB,gBAAgB;IAD5B,IAAA,YAAO,GAAE;qCAIgC,6BAAoB;GAHjD,gBAAgB,CA6C5B"}

package/dist/ssrf/index.d.ts

@@ -1,5 +0,0 @@
-export { DnsResolver } from './dns-resolver';
-export type { DnsLookupOptions } from './dns-resolver';
-export { SsrfBlockedIpError } from './ssrf-blocked-ip.error';
-export { SsrfProtectionService } from './ssrf-protection.service';
-export type { SsrfBridge, SsrfCheckResult } from './ssrf-protection.service';

package/dist/ssrf/index.js

@@ -1,10 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SsrfProtectionService = exports.SsrfBlockedIpError = exports.DnsResolver = void 0;
-var dns_resolver_1 = require("./dns-resolver");
-Object.defineProperty(exports, "DnsResolver", { enumerable: true, get: function () { return dns_resolver_1.DnsResolver; } });
-var ssrf_blocked_ip_error_1 = require("./ssrf-blocked-ip.error");
-Object.defineProperty(exports, "SsrfBlockedIpError", { enumerable: true, get: function () { return ssrf_blocked_ip_error_1.SsrfBlockedIpError; } });
-var ssrf_protection_service_1 = require("./ssrf-protection.service");
-Object.defineProperty(exports, "SsrfProtectionService", { enumerable: true, get: function () { return ssrf_protection_service_1.SsrfProtectionService; } });
-//# sourceMappingURL=index.js.map

package/dist/ssrf/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/ssrf/index.ts"],"names":[],"mappings":";;;AAAA,+CAA6C;AAApC,2GAAA,WAAW,OAAA;AAEpB,iEAA6D;AAApD,2HAAA,kBAAkB,OAAA;AAC3B,qEAAkE;AAAzD,gIAAA,qBAAqB,OAAA"}

package/dist/ssrf/ip-range-builder.d.ts

@@ -1,10 +0,0 @@
-import { BlockList } from 'node:net';
-export interface IpRangeIssue {
-    entry: string;
-    error: string;
-}
-export interface IpRangeBuildResult {
-    list: BlockList;
-    issues: IpRangeIssue[];
-}
-export declare function buildIpRangeList(cidrRanges: readonly string[]): IpRangeBuildResult;

package/dist/ssrf/ip-range-builder.js

@@ -1,52 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.buildIpRangeList = buildIpRangeList;
-const n8n_workflow_1 = require("n8n-workflow");
-const node_net_1 = require("node:net");
-const zod_1 = require("zod");
-function buildIpRangeList(cidrRanges) {
-    const list = new node_net_1.BlockList();
-    const issues = [];
-    for (const rawEntry of cidrRanges) {
-        const entry = rawEntry.trim();
-        if (entry.length === 0) {
-            continue;
-        }
-        try {
-            const cidr = parseCidr(entry);
-            if (!cidr) {
-                issues.push({ entry, error: 'Invalid CIDR notation' });
-                continue;
-            }
-            list.addSubnet(cidr.network, cidr.prefix, cidr.family);
-        }
-        catch (e) {
-            const error = (0, n8n_workflow_1.ensureError)(e);
-            issues.push({ entry, error: `Failed to add IP range: ${error.message}` });
-        }
-    }
-    return { list, issues };
-}
-function parseCidr(entry) {
-    const result = cidrSchema.safeParse(entry);
-    if (!result.success) {
-        return null;
-    }
-    const [network, prefixStr] = result.data.split('/');
-    const family = validateIp(network);
-    if (family === null) {
-        return null;
-    }
-    const prefix = Number.parseInt(prefixStr, 10);
-    return { network, prefix, family };
-}
-const cidrSchema = zod_1.z.string().cidr();
-function validateIp(ip) {
-    const version = (0, node_net_1.isIP)(ip);
-    if (version === 4)
-        return 'ipv4';
-    if (version === 6)
-        return 'ipv6';
-    return null;
-}
-//# sourceMappingURL=ip-range-builder.js.map

package/dist/ssrf/ip-range-builder.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"ip-range-builder.js","sourceRoot":"","sources":["../../src/ssrf/ip-range-builder.ts"],"names":[],"mappings":";;AAmBA,4CAyBC;AA5CD,+CAA2C;AAC3C,uCAA2C;AAC3C,6BAAwB;AAiBxB,SAAgB,gBAAgB,CAAC,UAA6B;IAC7D,MAAM,IAAI,GAAG,IAAI,oBAAS,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAmB,EAAE,CAAC;IAElC,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,SAAS;QACV,CAAC;QAED,IAAI,CAAC;YACJ,MAAM,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;YAC9B,IAAI,CAAC,IAAI,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,CAAC;gBACvD,SAAS;YACV,CAAC;YAED,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QACxD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACZ,MAAM,KAAK,GAAG,IAAA,0BAAW,EAAC,CAAC,CAAC,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,2BAA2B,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC3E,CAAC;IACF,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;AACzB,CAAC;AAKD,SAAS,SAAS,CACjB,KAAa;IAEb,MAAM,MAAM,GAAG,UAAU,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IAC3C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC;IACb,CAAC;IAED,MAAM,CAAC,OAAO,EAAE,SAAS,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACpD,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IACnC,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC;IACb,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;IAC9C,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AACpC,CAAC;AAED,MAAM,UAAU,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC;AAErC,SAAS,UAAU,CAAC,EAAU;IAC7B,MAAM,OAAO,GAAG,IAAA,eAAI,EAAC,EAAE,CAAC,CAAC;IACzB,IAAI,OAAO,KAAK,CAAC;QAAE,OAAO,MAAM,CAAC;IACjC,IAAI,OAAO,KAAK,CAAC;QAAE,OAAO,MAAM,CAAC;IACjC,OAAO,IAAI,CAAC;AACb,CAAC"}

package/dist/ssrf/ssrf-blocked-ip.error.d.ts

@@ -1,6 +0,0 @@
-import { UserError } from 'n8n-workflow';
-export declare class SsrfBlockedIpError extends UserError {
-    readonly ip: string;
-    readonly hostname?: string;
-    constructor(ip: string, hostname?: string);
-}

package/dist/ssrf/ssrf-blocked-ip.error.js

@@ -1,21 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SsrfBlockedIpError = void 0;
-const n8n_workflow_1 = require("n8n-workflow");
-class SsrfBlockedIpError extends n8n_workflow_1.UserError {
-    constructor(ip, hostname) {
-        const target = hostname ? `'${hostname}' (${ip})` : ip;
-        super('The request was blocked because it resolves to a restricted IP address', {
-            description: `The target ${target} is not allowed. ` +
-                'This is a security measure to prevent Server-Side Request Forgery (SSRF). ' +
-                'If you need to access internal resources, ask your n8n administrator to allowlist ' +
-                'the hostname or IP range in the environment configuration.',
-            extra: { ip, hostname },
-        });
-        this.name = 'SsrfBlockedIpError';
-        this.ip = ip;
-        this.hostname = hostname;
-    }
-}
-exports.SsrfBlockedIpError = SsrfBlockedIpError;
-//# sourceMappingURL=ssrf-blocked-ip.error.js.map

package/dist/ssrf/ssrf-blocked-ip.error.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"ssrf-blocked-ip.error.js","sourceRoot":"","sources":["../../src/ssrf/ssrf-blocked-ip.error.ts"],"names":[],"mappings":";;;AAAA,+CAAyC;AAKzC,MAAa,kBAAmB,SAAQ,wBAAS;IAIhD,YAAY,EAAU,EAAE,QAAiB;QACxC,MAAM,MAAM,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,QAAQ,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QACvD,KAAK,CAAC,wEAAwE,EAAE;YAC/E,WAAW,EACV,cAAc,MAAM,mBAAmB;gBACvC,4EAA4E;gBAC5E,oFAAoF;gBACpF,4DAA4D;YAC7D,KAAK,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE;SACvB,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;QACjC,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC1B,CAAC;CACD;AAnBD,gDAmBC"}

package/dist/ssrf/ssrf-protection.service.d.ts

@@ -1,30 +0,0 @@
-import { Logger } from '@n8n/backend-common';
-import { SsrfProtectionConfig } from '@n8n/config';
-import { Result } from 'n8n-workflow';
-import type { LookupFunction } from 'node:net';
-import { DnsResolver } from './dns-resolver';
-export type SsrfCheckResult = Result<void, Error>;
-export interface SsrfBridge {
-    validateIp(ip: string): SsrfCheckResult;
-    validateUrl(url: string | URL): Promise<SsrfCheckResult>;
-    validateRedirectSync(url: string): void;
-    createSecureLookup(): LookupFunction;
-}
-export declare class SsrfProtectionService implements SsrfBridge {
-    private readonly ssrfConfig;
-    private readonly dnsResolver;
-    private readonly logger;
-    private readonly blockedIps;
-    private readonly allowedIps;
-    private readonly allowedHostnameMatcher;
-    constructor(ssrfConfig: SsrfProtectionConfig, dnsResolver: DnsResolver, logger: Logger);
-    validateUrl(url: string | URL): Promise<SsrfCheckResult>;
-    validateIp(ip: string): SsrfCheckResult;
-    createSecureLookup(): LookupFunction;
-    validateRedirectSync(url: string): void;
-    private normalizeIpInHostname;
-    private secureLookupAsync;
-    private lookupAndValidate;
-    private tryParseUrl;
-    private getIpFamily;
-}