Secure Mcp Fetch
What is Secure Mcp Fetch
secure-mcp-fetch is a secure URL fetching tool implemented using FastMCP, designed to safely retrieve web resources while preventing unauthorized access to private/internal IPs.
Use cases
Use cases include securely fetching data from trusted APIs, ensuring that only allowed domains are accessed, and preventing exposure to internal network addresses.
How to use
To use secure-mcp-fetch, first install the required dependencies using ‘pip install uv’ and ‘uv pip install fastmcp requests’. Then, set the optional allowlist environment variable for trusted domains, and run the script with ‘uv run main.py’.
Key features
Key features include secure URL fetching, domain resolution to IPs, private/internal IP checks, redirect handling (up to 3), support for custom HTTP methods and headers, and an allowlist for trusted domains/IPs.
Where to use
secure-mcp-fetch can be used in environments where secure web resource fetching is required, such as in web applications, API integrations, and network security tools.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Overview
What is Secure Mcp Fetch
secure-mcp-fetch is a secure URL fetching tool implemented using FastMCP, designed to safely retrieve web resources while preventing unauthorized access to private/internal IPs.
Use cases
Use cases include securely fetching data from trusted APIs, ensuring that only allowed domains are accessed, and preventing exposure to internal network addresses.
How to use
To use secure-mcp-fetch, first install the required dependencies using ‘pip install uv’ and ‘uv pip install fastmcp requests’. Then, set the optional allowlist environment variable for trusted domains, and run the script with ‘uv run main.py’.
Key features
Key features include secure URL fetching, domain resolution to IPs, private/internal IP checks, redirect handling (up to 3), support for custom HTTP methods and headers, and an allowlist for trusted domains/IPs.
Where to use
secure-mcp-fetch can be used in environments where secure web resource fetching is required, such as in web applications, API integrations, and network security tools.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Content
Secure Fetch
This project implements a secure URL fetching tool using FastMCP.
Prerequisites
- Python 3.7+
- uv (Python package installer and environment manager)
Installation
- Install uv if you haven’t already:
pip install uv
- Create a new virtual environment and install dependencies:
uv venv
source .venv/bin/activate
uv pip install fastmcp requests
Usage
- Set the allowlist environment variable (optional):
export SECURE_FETCH_ALLOWLIST="example.com,trusted-domain.org"
- Run the script:
uv run main.py
Features
- Fetches URLs securely
- Resolves domains to IPs
- Checks for private/internal IPs
- Handles redirects (up to 3)
- Supports custom HTTP methods and headers
- Uses an allowlist for trusted domains/IPs
Security Considerations
- The tool prevents access to private/internal IPs unless explicitly allowed
- Only HTTP and HTTPS schemes are permitted
- SNI is set to match the hostname for HTTPS connections
Example Usage
Once the script is running, you can use the fetch_url function to securely fetch URLs. The function will return a dictionary containing the status code, response body, and content length.
Note
This tool is designed for secure URL fetching. Always review and understand the code before using it in your environment.
Dev Tools Supporting MCP
The following are the main code editors that support the Model Context Protocol. Click the link to visit the official website for more information.
