| import { z } from 'zod/v4' |
| import { buildTool, type ToolDef } from '../../Tool.js' |
| import type { PermissionUpdate } from '../../types/permissions.js' |
| import { formatFileSize } from '../../utils/format.js' |
| import { lazySchema } from '../../utils/lazySchema.js' |
| import type { PermissionDecision } from '../../utils/permissions/PermissionResult.js' |
| import { getRuleByContentsForTool } from '../../utils/permissions/permissions.js' |
| import { isPreapprovedHost } from './preapproved.js' |
| import { DESCRIPTION, WEB_FETCH_TOOL_NAME } from './prompt.js' |
| import { |
| getToolUseSummary, |
| renderToolResultMessage, |
| renderToolUseMessage, |
| renderToolUseProgressMessage, |
| } from './UI.js' |
| import { |
| applyPromptToMarkdown, |
| type FetchedContent, |
| getURLMarkdownContent, |
| isPreapprovedUrl, |
| MAX_MARKDOWN_LENGTH, |
| } from './utils.js' |
|
|
| const inputSchema = lazySchema(() => |
| z.strictObject({ |
| url: z.string().url().describe('The URL to fetch content from'), |
| prompt: z.string().describe('The prompt to run on the fetched content'), |
| }), |
| ) |
| type InputSchema = ReturnType<typeof inputSchema> |
|
|
| const outputSchema = lazySchema(() => |
| z.object({ |
| bytes: z.number().describe('Size of the fetched content in bytes'), |
| code: z.number().describe('HTTP response code'), |
| codeText: z.string().describe('HTTP response code text'), |
| result: z |
| .string() |
| .describe('Processed result from applying the prompt to the content'), |
| durationMs: z |
| .number() |
| .describe('Time taken to fetch and process the content'), |
| url: z.string().describe('The URL that was fetched'), |
| }), |
| ) |
| type OutputSchema = ReturnType<typeof outputSchema> |
|
|
| export type Output = z.infer<OutputSchema> |
|
|
| function webFetchToolInputToPermissionRuleContent(input: { |
| [k: string]: unknown |
| }): string { |
| try { |
| const parsedInput = WebFetchTool.inputSchema.safeParse(input) |
| if (!parsedInput.success) { |
| return `input:${input.toString()}` |
| } |
| const { url } = parsedInput.data |
| const hostname = new URL(url).hostname |
| return `domain:${hostname}` |
| } catch { |
| return `input:${input.toString()}` |
| } |
| } |
|
|
| export const WebFetchTool = buildTool({ |
| name: WEB_FETCH_TOOL_NAME, |
| searchHint: 'fetch and extract content from a URL', |
| |
| maxResultSizeChars: 100_000, |
| shouldDefer: true, |
| async description(input) { |
| const { url } = input as { url: string } |
| try { |
| const hostname = new URL(url).hostname |
| return `Claude wants to fetch content from ${hostname}` |
| } catch { |
| return `Claude wants to fetch content from this URL` |
| } |
| }, |
| userFacingName() { |
| return 'Fetch' |
| }, |
| getToolUseSummary, |
| getActivityDescription(input) { |
| const summary = getToolUseSummary(input) |
| return summary ? `Fetching ${summary}` : 'Fetching web page' |
| }, |
| get inputSchema(): InputSchema { |
| return inputSchema() |
| }, |
| get outputSchema(): OutputSchema { |
| return outputSchema() |
| }, |
| isConcurrencySafe() { |
| return true |
| }, |
| isReadOnly() { |
| return true |
| }, |
| toAutoClassifierInput(input) { |
| return input.prompt ? `${input.url}: ${input.prompt}` : input.url |
| }, |
| async checkPermissions(input, context): Promise<PermissionDecision> { |
| const appState = context.getAppState() |
| const permissionContext = appState.toolPermissionContext |
|
|
| |
| try { |
| const { url } = input as { url: string } |
| const parsedUrl = new URL(url) |
| if (isPreapprovedHost(parsedUrl.hostname, parsedUrl.pathname)) { |
| return { |
| behavior: 'allow', |
| updatedInput: input, |
| decisionReason: { type: 'other', reason: 'Preapproved host' }, |
| } |
| } |
| } catch { |
| |
| } |
|
|
| |
| const ruleContent = webFetchToolInputToPermissionRuleContent(input) |
|
|
| const denyRule = getRuleByContentsForTool( |
| permissionContext, |
| WebFetchTool, |
| 'deny', |
| ).get(ruleContent) |
| if (denyRule) { |
| return { |
| behavior: 'deny', |
| message: `${WebFetchTool.name} denied access to ${ruleContent}.`, |
| decisionReason: { |
| type: 'rule', |
| rule: denyRule, |
| }, |
| } |
| } |
|
|
| const askRule = getRuleByContentsForTool( |
| permissionContext, |
| WebFetchTool, |
| 'ask', |
| ).get(ruleContent) |
| if (askRule) { |
| return { |
| behavior: 'ask', |
| message: `Claude requested permissions to use ${WebFetchTool.name}, but you haven't granted it yet.`, |
| decisionReason: { |
| type: 'rule', |
| rule: askRule, |
| }, |
| suggestions: buildSuggestions(ruleContent), |
| } |
| } |
|
|
| const allowRule = getRuleByContentsForTool( |
| permissionContext, |
| WebFetchTool, |
| 'allow', |
| ).get(ruleContent) |
| if (allowRule) { |
| return { |
| behavior: 'allow', |
| updatedInput: input, |
| decisionReason: { |
| type: 'rule', |
| rule: allowRule, |
| }, |
| } |
| } |
|
|
| return { |
| behavior: 'ask', |
| message: `Claude requested permissions to use ${WebFetchTool.name}, but you haven't granted it yet.`, |
| suggestions: buildSuggestions(ruleContent), |
| } |
| }, |
| async prompt(_options) { |
| |
| |
| |
| |
| |
| |
| return `IMPORTANT: WebFetch WILL FAIL for authenticated or private URLs. Before using this tool, check if the URL points to an authenticated service (e.g. Google Docs, Confluence, Jira, GitHub). If so, look for a specialized MCP tool that provides authenticated access. |
| ${DESCRIPTION}` |
| }, |
| async validateInput(input) { |
| const { url } = input |
| try { |
| new URL(url) |
| } catch { |
| return { |
| result: false, |
| message: `Error: Invalid URL "${url}". The URL provided could not be parsed.`, |
| meta: { reason: 'invalid_url' }, |
| errorCode: 1, |
| } |
| } |
| return { result: true } |
| }, |
| renderToolUseMessage, |
| renderToolUseProgressMessage, |
| renderToolResultMessage, |
| async call( |
| { url, prompt }, |
| { abortController, options: { isNonInteractiveSession } }, |
| ) { |
| const start = Date.now() |
|
|
| const response = await getURLMarkdownContent(url, abortController) |
|
|
| |
| if ('type' in response && response.type === 'redirect') { |
| const statusText = |
| response.statusCode === 301 |
| ? 'Moved Permanently' |
| : response.statusCode === 308 |
| ? 'Permanent Redirect' |
| : response.statusCode === 307 |
| ? 'Temporary Redirect' |
| : 'Found' |
|
|
| const message = `REDIRECT DETECTED: The URL redirects to a different host. |
| |
| Original URL: ${response.originalUrl} |
| Redirect URL: ${response.redirectUrl} |
| Status: ${response.statusCode} ${statusText} |
| |
| To complete your request, I need to fetch content from the redirected URL. Please use WebFetch again with these parameters: |
| - url: "${response.redirectUrl}" |
| - prompt: "${prompt}"` |
|
|
| const output: Output = { |
| bytes: Buffer.byteLength(message), |
| code: response.statusCode, |
| codeText: statusText, |
| result: message, |
| durationMs: Date.now() - start, |
| url, |
| } |
|
|
| return { |
| data: output, |
| } |
| } |
|
|
| const { |
| content, |
| bytes, |
| code, |
| codeText, |
| contentType, |
| persistedPath, |
| persistedSize, |
| } = response as FetchedContent |
|
|
| const isPreapproved = isPreapprovedUrl(url) |
|
|
| let result: string |
| if ( |
| isPreapproved && |
| contentType.includes('text/markdown') && |
| content.length < MAX_MARKDOWN_LENGTH |
| ) { |
| result = content |
| } else { |
| result = await applyPromptToMarkdown( |
| prompt, |
| content, |
| abortController.signal, |
| isNonInteractiveSession, |
| isPreapproved, |
| ) |
| } |
|
|
| |
| |
| |
| if (persistedPath) { |
| result += `\n\n[Binary content (${contentType}, ${formatFileSize(persistedSize ?? bytes)}) also saved to ${persistedPath}]` |
| } |
|
|
| const output: Output = { |
| bytes, |
| code, |
| codeText, |
| result, |
| durationMs: Date.now() - start, |
| url, |
| } |
|
|
| return { |
| data: output, |
| } |
| }, |
| mapToolResultToToolResultBlockParam({ result }, toolUseID) { |
| return { |
| tool_use_id: toolUseID, |
| type: 'tool_result', |
| content: result, |
| } |
| }, |
| } satisfies ToolDef<InputSchema, Output>) |
|
|
| function buildSuggestions(ruleContent: string): PermissionUpdate[] { |
| return [ |
| { |
| type: 'addRules', |
| destination: 'localSettings', |
| rules: [{ toolName: WEB_FETCH_TOOL_NAME, ruleContent }], |
| behavior: 'allow', |
| }, |
| ] |
| } |
|
|