dont allow private ips

jimaek · jimaek · commit 127eae226045 · 2025-11-29T14:55:49.000+01:00
diff --git a/src/lib/index.ts b/src/lib/index.ts
@@ -1,3 +1,4 @@
 export * from "./crypto";
 export * from "./url-validation";
+export * from "./target-validation";
 export * from "./security";
diff --git a/src/lib/target-validation.ts b/src/lib/target-validation.ts
@@ -0,0 +1,226 @@
+/**
+ * Target validation utilities for Globalping measurements
+ * Ensures only public endpoints are tested (Globalping API requirement)
+ */
+
+/**
+ * Check if an IPv4 address is in a private range (RFC1918)
+ * Private ranges:
+ * - 10.0.0.0/8 (10.0.0.0 - 10.255.255.255)
+ * - 172.16.0.0/12 (172.16.0.0 - 172.31.255.255)
+ * - 192.168.0.0/16 (192.168.0.0 - 192.168.255.255)
+ *
+ * @param ip The IPv4 address to check
+ * @returns True if the IP is in a private range
+ */
+export function isPrivateIPv4(ip: string): boolean {
+	// Remove any IPv6 brackets if present
+	const cleanIp = ip.replace(/^\[|\]$/g, "");
+
+	// Parse IPv4 address into octets
+	const parts = cleanIp.split(".");
+	if (parts.length !== 4) {
+		return false;
+	}
+
+	const octets = parts.map((part) => Number.parseInt(part, 10));
+
+	// Validate all octets are numbers 0-255
+	if (octets.some((octet) => Number.isNaN(octet) || octet < 0 || octet > 255)) {
+		return false;
+	}
+
+	const [first, second] = octets;
+
+	// 10.0.0.0/8
+	if (first === 10) {
+		return true;
+	}
+
+	// 172.16.0.0/12
+	if (first === 172 && second >= 16 && second <= 31) {
+		return true;
+	}
+
+	// 192.168.0.0/16
+	if (first === 192 && second === 168) {
+		return true;
+	}
+
+	return false;
+}
+
+/**
+ * Check if an IPv6 address is in a private range
+ * Private ranges:
+ * - fc00::/7 (Unique Local Addresses)
+ * - fe80::/10 (Link-local addresses)
+ *
+ * @param ip The IPv6 address to check
+ * @returns True if the IP is in a private range
+ */
+export function isPrivateIPv6(ip: string): boolean {
+	// Remove brackets if present
+	const cleanIp = ip.replace(/^\[|\]$/g, "").toLowerCase();
+
+	// fc00::/7 - Unique Local Addresses (fc00:: to fdff::)
+	if (cleanIp.startsWith("fc") || cleanIp.startsWith("fd")) {
+		return true;
+	}
+
+	// fe80::/10 - Link-local addresses
+	if (cleanIp.startsWith("fe8") || cleanIp.startsWith("fe9") || cleanIp.startsWith("fea") || cleanIp.startsWith("feb")) {
+		return true;
+	}
+
+	return false;
+}
+
+/**
+ * Check if an IPv4 address is a loopback address
+ * Loopback range: 127.0.0.0/8
+ *
+ * @param ip The IPv4 address to check
+ * @returns True if the IP is a loopback address
+ */
+export function isLoopbackIPv4(ip: string): boolean {
+	const cleanIp = ip.replace(/^\[|\]$/g, "");
+	const parts = cleanIp.split(".");
+
+	if (parts.length !== 4) {
+		return false;
+	}
+
+	const first = Number.parseInt(parts[0], 10);
+	return first === 127;
+}
+
+/**
+ * Check if an IPv6 address is a loopback address
+ * Loopback: ::1
+ *
+ * @param ip The IPv6 address to check
+ * @returns True if the IP is a loopback address
+ */
+export function isLoopbackIPv6(ip: string): boolean {
+	const cleanIp = ip.replace(/^\[|\]$/g, "").toLowerCase();
+
+	// ::1 is the only IPv6 loopback
+	return cleanIp === "::1" || cleanIp === "0:0:0:0:0:0:0:1" || cleanIp === "0000:0000:0000:0000:0000:0000:0000:0001";
+}
+
+/**
+ * Check if an IPv4 address is a link-local address (APIPA)
+ * Link-local range: 169.254.0.0/16
+ *
+ * @param ip The IPv4 address to check
+ * @returns True if the IP is a link-local address
+ */
+export function isLinkLocalIPv4(ip: string): boolean {
+	const cleanIp = ip.replace(/^\[|\]$/g, "");
+	const parts = cleanIp.split(".");
+
+	if (parts.length !== 4) {
+		return false;
+	}
+
+	const octets = parts.map((part) => Number.parseInt(part, 10));
+
+	// Validate octets
+	if (octets.some((octet) => Number.isNaN(octet) || octet < 0 || octet > 255)) {
+		return false;
+	}
+
+	// 169.254.0.0/16
+	return octets[0] === 169 && octets[1] === 254;
+}
+
+/**
+ * Check if a target is a localhost domain
+ * Matches: localhost, *.localhost
+ *
+ * @param target The target to check
+ * @returns True if the target is a localhost domain
+ */
+export function isLocalhostDomain(target: string): boolean {
+	const lower = target.toLowerCase();
+	return lower === "localhost" || lower.endsWith(".localhost");
+}
+
+/**
+ * Validate if a target is a public endpoint
+ * Globalping only supports public endpoints - no private IPs, localhost, or link-local addresses
+ *
+ * @param target The target domain or IP address to validate
+ * @returns Validation result with reason if invalid
+ */
+export function isPublicTarget(target: string): { valid: boolean; reason?: string } {
+	if (!target || target.trim() === "") {
+		return { valid: false, reason: "Target cannot be empty" };
+	}
+
+	const cleanTarget = target.trim();
+
+	// Check for localhost domain patterns
+	if (isLocalhostDomain(cleanTarget)) {
+		return {
+			valid: false,
+			reason: `'${cleanTarget}' is a localhost domain`,
+		};
+	}
+
+	// Try to determine if it's an IP address
+	// IPv6 addresses may be in brackets
+	const ipToCheck = cleanTarget.replace(/^\[|\]$/g, "");
+
+	// Check if it looks like an IPv4 address (contains only digits and dots)
+	const ipv4Pattern = /^[\d.]+$/;
+	if (ipv4Pattern.test(ipToCheck)) {
+		// Check IPv4 loopback
+		if (isLoopbackIPv4(ipToCheck)) {
+			return {
+				valid: false,
+				reason: `${ipToCheck} is a loopback address (127.0.0.0/8)`,
+			};
+		}
+
+		// Check IPv4 private ranges
+		if (isPrivateIPv4(ipToCheck)) {
+			return {
+				valid: false,
+				reason: `${ipToCheck} is a private IPv4 address (RFC1918)`,
+			};
+		}
+
+		// Check IPv4 link-local
+		if (isLinkLocalIPv4(ipToCheck)) {
+			return {
+				valid: false,
+				reason: `${ipToCheck} is a link-local address (169.254.0.0/16)`,
+			};
+		}
+	}
+
+	// Check if it looks like an IPv6 address (contains colons)
+	if (ipToCheck.includes(":")) {
+		// Check IPv6 loopback
+		if (isLoopbackIPv6(ipToCheck)) {
+			return {
+				valid: false,
+				reason: `${ipToCheck} is the IPv6 loopback address`,
+			};
+		}
+
+		// Check IPv6 private ranges
+		if (isPrivateIPv6(ipToCheck)) {
+			return {
+				valid: false,
+				reason: `${ipToCheck} is a private IPv6 address`,
+			};
+		}
+	}
+
+	// If it doesn't match any private/local patterns, assume it's public
+	// (could be a domain name or a public IP)
+	return { valid: true };
+}
diff --git a/src/mcp/tools.ts b/src/mcp/tools.ts
@@ -6,6 +6,7 @@ import { runMeasurement, getLocations, getRateLimits } from "../api";
 import { parseLocations, formatMeasurementSummary } from "./helpers";
 import type { GlobalpingMCP } from "../index";
 import { maskToken } from "../auth";
+import { isPublicTarget } from "../lib";
 
 /**
  * Helper to wrap tool execution with error handling
@@ -41,14 +42,14 @@ export function registerGlobalpingTools(agent: GlobalpingMCP, getToken: () => st
 		{
 			title: "Ping Test",
 			description:
-				"Measure network latency, packet loss, and reachability to a target (domain or IP) from globally distributed probes. Use this tool to check if a server is online, debug connection issues, or assess global performance.",
+				"Measure network latency, packet loss, and reachability to a target (domain or IP) from globally distributed probes. Use this tool to check if a server is online, debug connection issues, or assess global performance. Note: Only public endpoints are supported. Private networks cannot be tested.",
 			annotations: {
 				readOnlyHint: true,
 			},
 			inputSchema: {
 				target: z
 					.string()
-					.describe("Domain name or IP to test (e.g., 'google.com', '1.1.1.1')"),
+					.describe("Public domain name or IP address to test (e.g., 'google.com', '1.1.1.1'). Private IPs (RFC1918), localhost, and link-local addresses are not supported."),
 				locations: z
 					.union([z.array(z.string()), z.string()])
 					.optional()
@@ -74,6 +75,14 @@ export function registerGlobalpingTools(agent: GlobalpingMCP, getToken: () => st
 		},
 		async ({ target, locations, limit, packets }) => {
 			return handleToolExecution(async () => {
+				// Validate target is public
+				const validation = isPublicTarget(target);
+				if (!validation.valid) {
+					throw new Error(
+						`Invalid target: ${validation.reason}. Globalping only supports public endpoints. Private IP addresses (RFC1918), localhost, and link-local addresses are not allowed.`,
+					);
+				}
+
 				const token = getToken();
 				const parsedLocations = parseLocations(locations);
 
@@ -129,14 +138,14 @@ export function registerGlobalpingTools(agent: GlobalpingMCP, getToken: () => st
 		{
 			title: "Traceroute Test",
 			description:
-				"Trace the network path to a target (domain or IP) from global locations. Use this tool to identify where packets are being dropped, analyze routing paths, or pinpoint latency sources in the network.",
+				"Trace the network path to a target (domain or IP) from global locations. Use this tool to identify where packets are being dropped, analyze routing paths, or pinpoint latency sources in the network. Note: Only public endpoints are supported. Private networks cannot be tested.",
 			annotations: {
 				readOnlyHint: true,
 			},
 			inputSchema: {
 				target: z
 					.string()
-					.describe("Domain name or IP to test (e.g., 'cloudflare.com', '1.1.1.1')"),
+					.describe("Public domain name or IP address to test (e.g., 'cloudflare.com', '1.1.1.1'). Private IPs (RFC1918), localhost, and link-local addresses are not supported."),
 				locations: z
 					.union([z.array(z.string()), z.string()])
 					.optional()
@@ -169,6 +178,14 @@ export function registerGlobalpingTools(agent: GlobalpingMCP, getToken: () => st
 		},
 		async ({ target, locations, limit, protocol, port }) => {
 			return handleToolExecution(async () => {
+				// Validate target is public
+				const validation = isPublicTarget(target);
+				if (!validation.valid) {
+					throw new Error(
+						`Invalid target: ${validation.reason}. Globalping only supports public endpoints. Private IP addresses (RFC1918), localhost, and link-local addresses are not allowed.`,
+					);
+				}
+
 				const token = getToken();
 				const parsedLocations = parseLocations(locations);
 
@@ -224,12 +241,12 @@ export function registerGlobalpingTools(agent: GlobalpingMCP, getToken: () => st
 		{
 			title: "DNS Lookup",
 			description:
-				"Resolve DNS records (A, AAAA, MX, etc.) for a domain from global locations. Use this tool to verify DNS propagation, troubleshoot resolution failures, or check if users in different regions are seeing the correct records.",
+				"Resolve DNS records (A, AAAA, MX, etc.) for a domain from global locations. Use this tool to verify DNS propagation, troubleshoot resolution failures, or check if users in different regions are seeing the correct records. Note: Only public endpoints are supported. Private networks cannot be tested.",
 			annotations: {
 				readOnlyHint: true,
 			},
 			inputSchema: {
-				target: z.string().describe("Domain name to resolve (e.g., 'google.com')"),
+				target: z.string().describe("Public domain name to resolve (e.g., 'google.com'). Private domains, localhost, and link-local addresses are not supported."),
 				locations: z
 					.union([z.array(z.string()), z.string()])
 					.optional()
@@ -285,6 +302,14 @@ export function registerGlobalpingTools(agent: GlobalpingMCP, getToken: () => st
 		},
 		async ({ target, locations, limit, queryType, resolver, trace }) => {
 			return handleToolExecution(async () => {
+				// Validate target is public
+				const validation = isPublicTarget(target);
+				if (!validation.valid) {
+					throw new Error(
+						`Invalid target: ${validation.reason}. Globalping only supports public endpoints. Private IP addresses (RFC1918), localhost, and link-local addresses are not allowed.`,
+					);
+				}
+
 				const token = getToken();
 				const parsedLocations = parseLocations(locations);
 
@@ -343,15 +368,15 @@ export function registerGlobalpingTools(agent: GlobalpingMCP, getToken: () => st
 		{
 			title: "MTR Test",
 			description:
-				"Run an MTR (My Traceroute) diagnostic, which combines Ping and Traceroute. Use this tool to analyze packet loss and latency trends at every hop in the network path over time, helpful for spotting intermittent issues.",
+				"Run an MTR (My Traceroute) diagnostic, which combines Ping and Traceroute. Use this tool to analyze packet loss and latency trends at every hop in the network path over time, helpful for spotting intermittent issues. Note: Only public endpoints are supported. Private networks cannot be tested.",
 			annotations: {
 				readOnlyHint: true,
 			},
 			inputSchema: {
 				target: z
 					.string()
 					.min(1)
-					.describe("Destination hostname or IP to run the MTR against"),
+					.describe("Public destination hostname or IP address to run the MTR against. Private IPs (RFC1918), localhost, and link-local addresses are not supported."),
 				locations: z
 					.union([z.array(z.string()), z.string()])
 					.optional()
@@ -387,6 +412,14 @@ export function registerGlobalpingTools(agent: GlobalpingMCP, getToken: () => st
 		},
 		async ({ target, locations, limit, protocol, port, packets }) => {
 			return handleToolExecution(async () => {
+				// Validate target is public
+				const validation = isPublicTarget(target);
+				if (!validation.valid) {
+					throw new Error(
+						`Invalid target: ${validation.reason}. Globalping only supports public endpoints. Private IP addresses (RFC1918), localhost, and link-local addresses are not allowed.`,
+					);
+				}
+
 				const token = getToken();
 				const parsedLocations = parseLocations(locations);
 
@@ -443,12 +476,12 @@ export function registerGlobalpingTools(agent: GlobalpingMCP, getToken: () => st
 		{
 			title: "HTTP Request",
 			description:
-				"Send HTTP/HTTPS requests (GET, HEAD or OPTIONS) to a URL from global locations. Use this tool to check website uptime, verify response status codes, analyze timing (TTFB, download), and debug CDN or caching issues.",
+				"Send HTTP/HTTPS requests (GET, HEAD or OPTIONS) to a URL from global locations. Use this tool to check website uptime, verify response status codes, analyze timing (TTFB, download), and debug CDN or caching issues. Note: Only public endpoints are supported. Private networks cannot be tested.",
 			annotations: {
 				readOnlyHint: true,
 			},
 			inputSchema: {
-				target: z.string().describe("Domain name or IP to test (e.g., 'example.com')"),
+				target: z.string().describe("Public domain name or IP address to test (e.g., 'example.com'). Private IPs (RFC1918), localhost, and link-local addresses are not supported."),
 				locations: z
 					.union([z.array(z.string()), z.string()])
 					.optional()
@@ -495,6 +528,14 @@ export function registerGlobalpingTools(agent: GlobalpingMCP, getToken: () => st
 		},
 		async ({ target, locations, limit, method, protocol, path, query, port }) => {
 			return handleToolExecution(async () => {
+				// Validate target is public
+				const validation = isPublicTarget(target);
+				if (!validation.valid) {
+					throw new Error(
+						`Invalid target: ${validation.reason}. Globalping only supports public endpoints. Private IP addresses (RFC1918), localhost, and link-local addresses are not allowed.`,
+					);
+				}
+
 				const token = getToken();
 				const parsedLocations = parseLocations(locations);
 
diff --git a/test/unit/lib/target-validation.test.ts b/test/unit/lib/target-validation.test.ts
