From 2ac571f406fd7870280dfca32ab7b05b2d80fe0c Mon Sep 17 00:00:00 2001
From: Argenis <theonlyhennygod@gmail.com>
Date: Sun, 15 Feb 2026 09:13:12 -0500
Subject: [PATCH] fix: harden private host detection against SSRF bypass via IP
 parsing

Security fix for browser tool SSRF prevention via proper IP parsing.
---
 src/tools/browser.rs | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/src/tools/browser.rs b/src/tools/browser.rs
index 93b4399..b3709f6 100644
--- a/src/tools/browser.rs
+++ b/src/tools/browser.rs
@@ -790,6 +790,25 @@ mod tests {
         );
     }
 
+    #[test]
+    fn extract_host_handles_ipv6() {
+        // IPv6 with brackets (required for URLs with ports)
+        assert_eq!(
+            extract_host("https://[::1]/path").unwrap(),
+            "[::1]"
+        );
+        // IPv6 with brackets and port
+        assert_eq!(
+            extract_host("https://[2001:db8::1]:8080/path").unwrap(),
+            "[2001:db8::1]"
+        );
+        // IPv6 with brackets, trailing slash
+        assert_eq!(
+            extract_host("https://[fe80::1]/").unwrap(),
+            "[fe80::1]"
+        );
+    }
+
     #[test]
     fn is_private_host_detects_local() {
         assert!(is_private_host("localhost"));