SSRF refusal codes that indicate runtime/network conditions rather than
policy refusal. Callers that want to fall back to a "host unreachable" or
"treat as unknown" path on these codes — rather than surfacing the
SsrfRefusedError to their own caller — can intersect against this set:
if (errinstanceofSsrfRefusedError && SSRF_TRANSIENT_CODES.has(err.code)) { // network condition, not a policy attack — treat as unreachable } elseif (errinstanceofSsrfRefusedError) { // policy refusal — must propagate; silently downgrading to "unreachable" // reintroduces the catch-swallow class flagged in adcp-client#1618 review throwerr; }
dns_lookup_failed, dns_empty: name does not resolve. CLI fixtures
use *.example.invalid to provoke these — preserving the runtime-error
path matches pre-ssrfSafeFetch native-fetch behavior.
body_exceeds_limit: response started OK (validated address, scheme,
etc.) but exceeded the caller's defensive cap. The host is real and
knows the URL; classifying as "policy attack" would be a misread.
NOT in this set: always_blocked_address, private_address,
scheme_not_allowed, non_https_without_opt_in, invalid_url. Those
are policy refusals — silently downgrading them to "unreachable" or
"suspect" reintroduces the SSRF gap the gate was added to close.
SSRF refusal codes that indicate runtime/network conditions rather than policy refusal. Callers that want to fall back to a "host unreachable" or "treat as unknown" path on these codes — rather than surfacing the SsrfRefusedError to their own caller — can intersect against this set:
dns_lookup_failed,dns_empty: name does not resolve. CLI fixtures use*.example.invalidto provoke these — preserving the runtime-error path matches pre-ssrfSafeFetchnative-fetch behavior.body_exceeds_limit: response started OK (validated address, scheme, etc.) but exceeded the caller's defensive cap. The host is real and knows the URL; classifying as "policy attack" would be a misread.NOT in this set:
always_blocked_address,private_address,scheme_not_allowed,non_https_without_opt_in,invalid_url. Those are policy refusals — silently downgrading them to "unreachable" or "suspect" reintroduces the SSRF gap the gate was added to close.Added in adcp-client#1633.