teknium1
30c417fe70
feat: add website blocklist enforcement for web/browser tools (#1064)
Adds security.website_blocklist config for user-managed domain blocking
across URL-capable tools. Enforced at the tool level (not monkey-patching)
so it's safe and predictable.
- tools/website_policy.py: shared policy loader with domain normalization,
wildcard support (*.tracking.example), shared file imports, and
structured block metadata
- web_extract: pre-fetch URL check + post-redirect recheck
- web_crawl: pre-crawl URL check + per-page URL recheck
- browser_navigate: pre-navigation URL check
- Blocked responses include blocked_by_policy metadata so the agent
can explain exactly what was denied
Config:
security:
website_blocklist:
enabled: true
domains: ["evil.com", "*.tracking.example"]
shared_files: ["team-blocklist.txt"]
Salvaged from PR #1086 by @kshitijk4poor. Browser post-redirect checks
deferred (browser_tool was fully rewritten since the PR branched).
Co-authored-by: kshitijk4poor <kshitijk4poor@users.noreply.github.com>
2026-03-17 02:59:39 -07:00
..
2026-03-17 00:38:48 -07:00
2026-03-17 02:51:49 -07:00
2026-03-14 21:45:50 -07:00
2026-03-13 23:59:18 -07:00
2026-03-12 01:23:28 -07:00
2026-03-17 02:10:36 -07:00
2026-03-11 02:56:19 -07:00
2026-03-13 21:34:01 -07:00
2026-03-17 02:51:40 -07:00
2026-03-17 02:05:26 -07:00
2026-03-17 02:59:39 -07:00
2026-03-14 21:17:41 -07:00
2026-03-11 03:06:15 -07:00
2026-03-14 08:05:30 -07:00
2026-03-17 02:40:34 -07:00
2026-03-15 06:46:28 -07:00
2026-03-17 02:53:30 -07:00
2026-03-17 02:40:34 -07:00
2026-03-17 02:49:22 -07:00
2026-02-20 23:23:32 -08:00
2026-03-16 07:17:36 -07:00
2026-03-17 02:51:49 -07:00
2026-03-17 02:40:34 -07:00
2026-03-11 06:34:32 -07:00
2026-03-17 01:59:07 -07:00
2026-03-17 02:51:40 -07:00
2026-03-17 02:53:30 -07:00
2026-03-17 02:05:26 -07:00
2026-03-16 04:42:46 -07:00