MCPcopy Index your code
hub / github.com/docker/docker-agent / sanitizeFetchURLs

Function sanitizeFetchURLs

pkg/tools/builtin/fetch/fetch.go:63–77  ·  view source on GitHub ↗

sanitizeFetchURLs strips query strings and userinfo from each URL so the resulting span attribute can ship by default without leaking signed-URL tokens, OAuth codes, or inline credentials. URLs that fail to parse are emitted as a sentinel rather than the raw string, since an unparseable URL could al

(urls []string)

Source from the content-addressed store, hash-verified

61// to parse are emitted as a sentinel rather than the raw string, since
62// an unparseable URL could also carry sensitive material.
63func sanitizeFetchURLs(urls []string) []string {
64 out := make([]string, len(urls))
65 for i, raw := range urls {
66 u, err := url.Parse(raw)
67 if err != nil {
68 out[i] = "<unparseable>"
69 continue
70 }
71 u.RawQuery = ""
72 u.Fragment = ""
73 u.User = nil
74 out[i] = u.String()
75 }
76 return out
77}
78
79func (h *fetchHandler) CallTool(ctx context.Context, params ToolArgs) (*tools.ToolCallResult, error) {
80 if len(params.URLs) == 0 {

Callers 1

CallToolMethod · 0.85

Calls 2

ParseMethod · 0.80
StringMethod · 0.45

Tested by

no test coverage detected