ssrf-agent-guard 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/index.d.ts +14 -0
  2. package/dist/lib/types.d.ts +27 -0
  3. package/dist/lib/utils.d.ts +5 -0
  4. package/package.json +1 -1
  5. package/ssrf-agent-guard-0.1.0.tgz +0 -0
package/dist/index.d.ts ADDED
@@ -0,0 +1,14 @@
1
+ import { Agent as HttpAgent } from 'http';
2
+ import { Agent as HttpsAgent } from 'https';
3
+ import { IsValidDomainOptions } from './lib/types';
4
+ type CustomAgent = HttpAgent | HttpsAgent;
5
+ /**
6
+ * Patches an http.Agent or https.Agent to enforce an HOST/IP check
7
+ * before and after a DNS lookup.
8
+ *
9
+ * @param url The URL or another input to determine the agent type.
10
+ * @param isValidDomainOptions Options for validating domain names.
11
+ * @returns The patched CustomAgent instance.
12
+ */
13
+ declare const ssrfAgentGuard: (url: string, isValidDomainOptions?: IsValidDomainOptions) => CustomAgent;
14
+ export default ssrfAgentGuard;
package/dist/lib/types.d.ts ADDED
@@ -0,0 +1,27 @@
1
+ export interface Options {
2
+ protocal?: string;
3
+ metadataHosts?: string[];
4
+ mode?: 'block' | 'report' | 'allow';
5
+ policy?: PolicyOptions;
6
+ blockCloudMetadata?: boolean;
7
+ detectDnsRebinding?: boolean;
8
+ logger?: (level: 'info' | 'warn' | 'error', msg: string, meta?: any) => void;
9
+ }
10
+ export interface PolicyOptions {
11
+ allowDomains?: string[];
12
+ denyDomains?: string[];
13
+ denyTLD?: string[];
14
+ }
15
+ export interface BlockEvent {
16
+ url: string;
17
+ reason: string;
18
+ ip?: string;
19
+ timestamp: number;
20
+ }
21
+ export interface IsValidDomainOptions {
22
+ subdomain?: boolean;
23
+ wildcard?: boolean;
24
+ allowUnicode?: boolean;
25
+ topLevel?: boolean;
26
+ }
27
+ export declare const CLOUD_METADATA_HOSTS: string[];
package/dist/lib/utils.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ import { IsValidDomainOptions } from './types';
2
+ /**
3
+ * High-level validation for hostnames (domains + public IPs).
4
+ */
5
+ export declare function isSafeHost(hostname: string, isValidDomainOptions?: IsValidDomainOptions): boolean;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "ssrf-agent-guard",
3
- "version": "0.1.5",
3
+ "version": "0.1.6",
4
4
  "description": "A TypeScript SSRF protection library for Node.js (express/axios) with advanced policies, DNS rebinding detection and cloud metadata protection.",
5
5
  "main": "dist/index.cjs.js",
6
6
  "module": "dist/index.esm.js",
package/ssrf-agent-guard-0.1.0.tgz DELETED
Binary file