Paranoidhttp provides a pre-configured http.Client that protects you from harm.
Paranoidhttp is a factory of http.Client that is paranoid againt attackers. This is useful when you create an HTTP request using inputs from possibly malicious users.
The created http.Client protects you from connecting to internal IP ranges even though redirects or DNS tricks are used.
// use the default client for ease
res, err := paranoidhttp.DefaultClient.Get("http://www.hatena.ne.jp")
// or customize the client for yourself
client, transport, dialer := paranoidhttp.NewClient()
client.Timeout = 10 * time.Second
transport.DisableCompression = true
dialer.KeepAlive = 60 * time.Second
// Add an permitted ipnets with functional option
ipNet, _ := net.ParseCIDR("127.0.0.1/32")
client, _, _ := paranoidhttp.New(
paranoidhttp.PermittedIPNets(ipNet))
I want to thank LWPx::ParanoidAgent.