WithAllowPrivateIPs disables SSRF dial-time protection on both the spec fetch and the generated tools' HTTP calls. Operators opt in via `allow_private_ips: true` when the spec or its servers legitimately target internal services. Tests use this to talk to httptest.NewServer.
(allow bool)
| 75 | // `allow_private_ips: true` when the spec or its servers legitimately |
| 76 | // target internal services. Tests use this to talk to httptest.NewServer. |
| 77 | func WithAllowPrivateIPs(allow bool) Option { |
| 78 | return func(t *ToolSet) { t.allowPrivateIPs = allow } |
| 79 | } |
| 80 | |
| 81 | func WithExpander(expander *js.Expander) Option { |
| 82 | return func(t *ToolSet) { t.expander = expander } |
no outgoing calls