MCPcopy Index your code
hub / github.com/docker/docker-agent / checkDomainAllowed

Method checkDomainAllowed

pkg/tools/builtin/fetch/fetch.go:345–362  ·  view source on GitHub ↗

checkDomainAllowed returns nil if u's host is permitted by the configured allow- and block-lists, or a descriptive error otherwise. When neither list is configured, every URL is allowed.

(u *url.URL)

Source from the content-addressed store, hash-verified

343// allow- and block-lists, or a descriptive error otherwise. When neither list
344// is configured, every URL is allowed.
345func (h *fetchHandler) checkDomainAllowed(u *url.URL) error {
346 host := u.Hostname()
347 if host == "" {
348 return errors.New("URL has no host")
349 }
350 matchesAny := func(patterns []string) bool {
351 return slices.ContainsFunc(patterns, func(p string) bool {
352 return matchesDomain(host, p)
353 })
354 }
355 switch {
356 case len(h.blockedDomains) > 0 && matchesAny(h.blockedDomains):
357 return fmt.Errorf("URL host %q is blocked by blocked_domains", host)
358 case len(h.allowedDomains) > 0 && !matchesAny(h.allowedDomains):
359 return fmt.Errorf("URL host %q is not in allowed_domains", host)
360 }
361 return nil
362}
363
364// matchesDomain reports whether host matches pattern (case-insensitive).
365//

Callers 2

CallToolMethod · 0.95
fetchURLMethod · 0.95

Calls 2

matchesDomainFunction · 0.85
NewMethod · 0.45

Tested by

no test coverage detected