Skip to content

agent.configure_webfetch

agent.configure_webfetch(settings)

Set the webfetch policy (SSRF allowances, size cap, timeout). The last call wins.

Parameters

  • settings: {allow_loopback: boolean?, allow_private: boolean?, allow_cloud_metadata: boolean?, max_bytes: number?, timeout_secs: number?}
    • allow_loopback — Allow fetching loopback addresses (127.0.0.0/8, ::1). Defaults to false. Kept independent of allow_private so a config can expose a local dev server without also opening up the whole private network.
    • allow_private — Allow fetching private and link-local addresses (RFC1918, fc00::/7, 169.254.0.0/16, fe80::/10). Defaults to false.
    • allow_cloud_metadata — Allow fetching cloud metadata addresses (169.254.169.254, fd00:ec2::254). Defaults to false, and deliberately independent of allow_private so opening up private ranges never implicitly exposes the metadata endpoint.
    • max_bytes — Maximum response size in bytes before a fetch is refused. Defaults to [WEBFETCH_DEFAULT_MAX_BYTES].
    • timeout_secs — Default per-request timeout in seconds, used when a tool call omits its own timeout. Defaults to [WEBFETCH_DEFAULT_TIMEOUT_SECS].