A library that overrides the default behaviors of the requests library, and adds new security features.
Project description
requests-hardened is a library that overrides the default behaviors of the requests library, and adds new security features.
Installation
The project is available on PyPI:
pip install requests-hardened
Features
Overrides of Defaults
This library allows to override some default values from the requests library that can have a security impact:
Config.never_redirect = False always reject HTTP redirects
Config.default_timeout = (2, 10) sets the default timeout value when no value or None is passed
SSRF Filters
A SSRF IP filter can be used to reject HTTP(S) requests targeting private and loopback IP addresses.
Settings:
Config.ip_filter_enable whether or not to filter the IP addresses
ip_filter_allow_localhost whether or not to allow loopback IP addresses
Example Usage
from requests_hardened import Config, Manager
# Creates a global "manager" that can be used to create ``requests.Session``
# objects with hardening in place.
DefaultManager = Manager(
Config(
default_timeout=(2, 10),
never_redirect=False,
ip_filter_enable=True,
ip_filter_allow_localhost=False,
)
)
# Sends an HTTP request without re-using ``requests.Session``:
resp = DefaultManager.send_request("GET", "https://example.com")
print(resp)
# Sends HTTP requests with reusable ``requests.Session``:
with DefaultManager.get_session() as sess:
sess.request("GET", "https://example.com")
sess.request("POST", "https://example.com", json={"foo": "bar"})
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Hashes for requests-hardened-1.0.0b1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | a8a02e1e7817017f2693f7416eef2957b6586d0dedec9bd96da3e25f92010987 |
|
MD5 | 7327bbb03f4ecb371bd718fee02c336b |
|
BLAKE2b-256 | b0bd476207449cf0974a4877598b55762fb3558fdef92ead7fcd96e7d84ca3a6 |