From 087d122e38fed3c9cada06e64cc8fa36c4a30adc Mon Sep 17 00:00:00 2001
From: sunkinux <sunkinux@users.noreply.github.com>
Date: Mon, 2 Mar 2026 10:21:33 +0800
Subject: [PATCH] fix: allow RFC 2544 benchmark range in trusted SSRF policy

Add allowRfc2544BenchmarkRange: true to WEB_TOOLS_TRUSTED_NETWORK_SSRF_POLICY
to fix web_fetch being blocked when using Clash fake-ip mode (198.18.0.0/15).

This only affects withTrustedWebToolsEndpoint, keeping strict SSRF
behavior for withStrictWebToolsEndpoint (citation redirect resolution).
---
 src/agents/tools/web-guarded-fetch.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/agents/tools/web-guarded-fetch.ts b/src/agents/tools/web-guarded-fetch.ts
index 2f905a215c0..f427eabcab3 100644
--- a/src/agents/tools/web-guarded-fetch.ts
+++ b/src/agents/tools/web-guarded-fetch.ts
@@ -7,6 +7,7 @@ import type { SsrFPolicy } from "../../infra/net/ssrf.js";
 
 const WEB_TOOLS_TRUSTED_NETWORK_SSRF_POLICY: SsrFPolicy = {
   dangerouslyAllowPrivateNetwork: true,
+  allowRfc2544BenchmarkRange: true,
 };
 
 type WebToolGuardedFetchOptions = Omit<GuardedFetchOptions, "proxy"> & {