packages/core/src/utils/fetch.ts

/**
 * @license
 * Copyright 2025 Google LLC
 * SPDX-License-Identifier: Apache-2.0
 */

import { getErrorMessage, isNodeError } from './errors.js';
import { URL } from 'node:url';
import { lookup } from 'node:dns/promises';
import { Agent, ProxyAgent, setGlobalDispatcher } from 'undici';

const DEFAULT_HEADERS_TIMEOUT = 300000; // 5 minutes
const DEFAULT_BODY_TIMEOUT = 300000; // 5 minutes

// Configure default global dispatcher with higher timeouts
setGlobalDispatcher(
  new Agent({
    headersTimeout: DEFAULT_HEADERS_TIMEOUT,
    bodyTimeout: DEFAULT_BODY_TIMEOUT,
  }),
);

const PRIVATE_IP_RANGES = [
  /^10\./,
  /^127\./,
  /^169\.254\./,
  /^172\.(1[6-9]|2[0-9]|3[0-1])\./,
  /^192\.168\./,
  /^::1$/,
  /^fc00:/,
  /^fe80:/,
];

export class FetchError extends Error {
  constructor(
    message: string,
    public code?: string,
    options?: ErrorOptions,
  ) {
    super(message, options);
    this.name = 'FetchError';
  }
}

export function isPrivateIp(url: string): boolean {
  try {
    const hostname = new URL(url).hostname;
    return isAddressPrivate(hostname);
  } catch (_e) {
    return false;
  }
}

/**
 * Checks if a URL resolves to a private IP address.
 * Performs DNS resolution to prevent DNS rebinding/SSRF bypasses.
 */
export async function isPrivateIpAsync(url: string): Promise<boolean> {
  try {
    const parsed = new URL(url);
    const hostname = parsed.hostname;

    // Fast check for literal IPs or localhost
    if (isAddressPrivate(hostname)) {
      return true;
    }

    // Resolve DNS to check the actual target IP
    const addresses = await lookup(hostname, { all: true });
    return addresses.some((addr) => isAddressPrivate(addr.address));
  } catch (_e) {
    return false;
  }
}

/**
 * Internal helper to check if an IP address string is in a private range.
 */
function isAddressPrivate(address: string): boolean {
  return (
    address === 'localhost' ||
    PRIVATE_IP_RANGES.some((range) => range.test(address))
  );
}

export async function fetchWithTimeout(
  url: string,
  timeout: number,
  options?: RequestInit,
): Promise<Response> {
  const controller = new AbortController();
  const timeoutId = setTimeout(() => controller.abort(), timeout);

  if (options?.signal) {
    if (options.signal.aborted) {
      controller.abort();
    } else {
      options.signal.addEventListener('abort', () => controller.abort(), {
        once: true,
      });
    }
  }

  try {
    const response = await fetch(url, {
      ...options,
      signal: controller.signal,
    });
    return response;
  } catch (error) {
    if (isNodeError(error) && error.code === 'ABORT_ERR') {
      throw new FetchError(`Request timed out after ${timeout}ms`, 'ETIMEDOUT');
    }
    throw new FetchError(getErrorMessage(error), undefined, { cause: error });
  } finally {
    clearTimeout(timeoutId);
  }
}

export function setGlobalProxy(proxy: string) {
  setGlobalDispatcher(
    new ProxyAgent({
      uri: proxy,
      headersTimeout: DEFAULT_HEADERS_TIMEOUT,
      bodyTimeout: DEFAULT_BODY_TIMEOUT,
    }),
  );
}
Improvements to web-fetch tool (#1030) 2025-06-13 17:44:14 -07:00			`/**`
			`* @license`
			`* Copyright 2025 Google LLC`
			`* SPDX-License-Identifier: Apache-2.0`
			`*/`

			`import { getErrorMessage, isNodeError } from './errors.js';`
chore: consistently import node modules with prefix (#3013) Co-authored-by: N. Taylor Mullen <ntaylormullen@google.com> 2025-08-25 22:11:27 +02:00			`import { URL } from 'node:url';`
feat(a2a): strengthen SSRF protection with DNS resolution 2026-03-05 17:11:58 -08:00			`import { lookup } from 'node:dns/promises';`
feat(core): increase fetch timeout and fix [object Object] error stringification (#20441) Co-authored-by: Gal Zahavi <38544478+galz10@users.noreply.github.com> 2026-02-26 18:41:09 -05:00			`import { Agent, ProxyAgent, setGlobalDispatcher } from 'undici';`

fix(core): increase default headers timeout to 5 minutes (#20890) 2026-03-02 22:36:58 +00:00			`const DEFAULT_HEADERS_TIMEOUT = 300000; // 5 minutes`
feat(core): increase fetch timeout and fix [object Object] error stringification (#20441) Co-authored-by: Gal Zahavi <38544478+galz10@users.noreply.github.com> 2026-02-26 18:41:09 -05:00			`const DEFAULT_BODY_TIMEOUT = 300000; // 5 minutes`

			`// Configure default global dispatcher with higher timeouts`
			`setGlobalDispatcher(`
			`new Agent({`
			`headersTimeout: DEFAULT_HEADERS_TIMEOUT,`
			`bodyTimeout: DEFAULT_BODY_TIMEOUT,`
			`}),`
			`);`
Improvements to web-fetch tool (#1030) 2025-06-13 17:44:14 -07:00
			`const PRIVATE_IP_RANGES = [`
			`/^10\./,`
			`/^127\./,`
feat(a2a): implement robust URL parsing and SSRF protection for agent cards 2026-03-05 16:51:19 -08:00			`/^169\.254\./,`
Improvements to web-fetch tool (#1030) 2025-06-13 17:44:14 -07:00			`/^172\.(1[6-9]\|2[0-9]\|3[0-1])\./,`
			`/^192\.168\./,`
			`/^::1$/,`
			`/^fc00:/,`
			`/^fe80:/,`
			`];`

			`export class FetchError extends Error {`
			`constructor(`
			`message: string,`
			`public code?: string,`
fix(core): improve API response error handling and retry logic (#14563) 2025-12-05 09:49:08 -08:00			`options?: ErrorOptions,`
Improvements to web-fetch tool (#1030) 2025-06-13 17:44:14 -07:00			`) {`
fix(core): improve API response error handling and retry logic (#14563) 2025-12-05 09:49:08 -08:00			`super(message, options);`
Improvements to web-fetch tool (#1030) 2025-06-13 17:44:14 -07:00			`this.name = 'FetchError';`
			`}`
			`}`

			`export function isPrivateIp(url: string): boolean {`
			`try {`
			`const hostname = new URL(url).hostname;`
feat(a2a): strengthen SSRF protection with DNS resolution 2026-03-05 17:11:58 -08:00			`return isAddressPrivate(hostname);`
Improvements to web-fetch tool (#1030) 2025-06-13 17:44:14 -07:00			`} catch (_e) {`
			`return false;`
			`}`
			`}`

feat(a2a): strengthen SSRF protection with DNS resolution 2026-03-05 17:11:58 -08:00			`/**`
			`* Checks if a URL resolves to a private IP address.`
			`* Performs DNS resolution to prevent DNS rebinding/SSRF bypasses.`
			`*/`
			`export async function isPrivateIpAsync(url: string): Promise<boolean> {`
			`try {`
			`const parsed = new URL(url);`
			`const hostname = parsed.hostname;`

			`// Fast check for literal IPs or localhost`
			`if (isAddressPrivate(hostname)) {`
			`return true;`
			`}`

			`// Resolve DNS to check the actual target IP`
			`const addresses = await lookup(hostname, { all: true });`
			`return addresses.some((addr) => isAddressPrivate(addr.address));`
			`} catch (_e) {`
			`return false;`
			`}`
			`}`

			`/**`
			`* Internal helper to check if an IP address string is in a private range.`
			`*/`
			`function isAddressPrivate(address: string): boolean {`
			`return (`
			`address === 'localhost' \|\|`
			`PRIVATE_IP_RANGES.some((range) => range.test(address))`
			`);`
			`}`

Improvements to web-fetch tool (#1030) 2025-06-13 17:44:14 -07:00			`export async function fetchWithTimeout(`
			`url: string,`
			`timeout: number,`
feat(core): implement experimental direct web fetch (#19557) 2026-02-23 11:50:14 -08:00			`options?: RequestInit,`
Improvements to web-fetch tool (#1030) 2025-06-13 17:44:14 -07:00			`): Promise<Response> {`
			`const controller = new AbortController();`
			`const timeoutId = setTimeout(() => controller.abort(), timeout);`

feat(core): implement experimental direct web fetch (#19557) 2026-02-23 11:50:14 -08:00			`if (options?.signal) {`
			`if (options.signal.aborted) {`
			`controller.abort();`
			`} else {`
			`options.signal.addEventListener('abort', () => controller.abort(), {`
			`once: true,`
			`});`
			`}`
			`}`

Improvements to web-fetch tool (#1030) 2025-06-13 17:44:14 -07:00			`try {`
feat(core): implement experimental direct web fetch (#19557) 2026-02-23 11:50:14 -08:00			`const response = await fetch(url, {`
			`...options,`
			`signal: controller.signal,`
			`});`
Improvements to web-fetch tool (#1030) 2025-06-13 17:44:14 -07:00			`return response;`
			`} catch (error) {`
			`if (isNodeError(error) && error.code === 'ABORT_ERR') {`
			throw new FetchError(`Request timed out after ${timeout}ms`, 'ETIMEDOUT');
			`}`
fix(core): improve API response error handling and retry logic (#14563) 2025-12-05 09:49:08 -08:00			`throw new FetchError(getErrorMessage(error), undefined, { cause: error });`
Improvements to web-fetch tool (#1030) 2025-06-13 17:44:14 -07:00			`} finally {`
			`clearTimeout(timeoutId);`
			`}`
			`}`
fix(proxy): Add error handling to proxy agent creation (#11538) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 2025-10-21 12:43:37 -07:00
			`export function setGlobalProxy(proxy: string) {`
feat(core): increase fetch timeout and fix [object Object] error stringification (#20441) Co-authored-by: Gal Zahavi <38544478+galz10@users.noreply.github.com> 2026-02-26 18:41:09 -05:00			`setGlobalDispatcher(`
			`new ProxyAgent({`
			`uri: proxy,`
			`headersTimeout: DEFAULT_HEADERS_TIMEOUT,`
			`bodyTimeout: DEFAULT_BODY_TIMEOUT,`
			`}),`
			`);`
fix(proxy): Add error handling to proxy agent creation (#11538) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 2025-10-21 12:43:37 -07:00			`}`