WebFetchTool.ts
tools/WebFetchTool/WebFetchTool.ts
319
Lines
9324
Bytes
2
Exports
11
Imports
10
Keywords
What this is
This page documents one file from the repository and includes its full source so you can read it without leaving the docs site.
Beginner explanation
This file is part of the tool layer, which means it describes actions the system can perform for the user or model.
How it is used
Start from the exports list and related files. Those are the easiest clues for where this file fits into the system.
Expert explanation
Architecturally, this file intersects with tool-system. It contains 319 lines, 11 detected imports, and 2 detected exports.
Important relationships
Detected exports
OutputWebFetchTool
Keywords
inputcontentresponseresultprompthostnamerulecontentinputschemadescribeoutput
Detected imports
zod/v4../../Tool.js../../types/permissions.js../../utils/format.js../../utils/lazySchema.js../../utils/permissions/PermissionResult.js../../utils/permissions/permissions.js./preapproved.js./prompt.js./UI.js./utils.js
Source notes
This page embeds the full file contents. Small or leaf files are still indexed honestly instead of being over-explained.
Full source
import { z } from 'zod/v4'
import { buildTool, type ToolDef } from '../../Tool.js'
import type { PermissionUpdate } from '../../types/permissions.js'
import { formatFileSize } from '../../utils/format.js'
import { lazySchema } from '../../utils/lazySchema.js'
import type { PermissionDecision } from '../../utils/permissions/PermissionResult.js'
import { getRuleByContentsForTool } from '../../utils/permissions/permissions.js'
import { isPreapprovedHost } from './preapproved.js'
import { DESCRIPTION, WEB_FETCH_TOOL_NAME } from './prompt.js'
import {
getToolUseSummary,
renderToolResultMessage,
renderToolUseMessage,
renderToolUseProgressMessage,
} from './UI.js'
import {
applyPromptToMarkdown,
type FetchedContent,
getURLMarkdownContent,
isPreapprovedUrl,
MAX_MARKDOWN_LENGTH,
} from './utils.js'
const inputSchema = lazySchema(() =>
z.strictObject({
url: z.string().url().describe('The URL to fetch content from'),
prompt: z.string().describe('The prompt to run on the fetched content'),
}),
)
type InputSchema = ReturnType<typeof inputSchema>
const outputSchema = lazySchema(() =>
z.object({
bytes: z.number().describe('Size of the fetched content in bytes'),
code: z.number().describe('HTTP response code'),
codeText: z.string().describe('HTTP response code text'),
result: z
.string()
.describe('Processed result from applying the prompt to the content'),
durationMs: z
.number()
.describe('Time taken to fetch and process the content'),
url: z.string().describe('The URL that was fetched'),
}),
)
type OutputSchema = ReturnType<typeof outputSchema>
export type Output = z.infer<OutputSchema>
function webFetchToolInputToPermissionRuleContent(input: {
[k: string]: unknown
}): string {
try {
const parsedInput = WebFetchTool.inputSchema.safeParse(input)
if (!parsedInput.success) {
return `input:${input.toString()}`
}
const { url } = parsedInput.data
const hostname = new URL(url).hostname
return `domain:${hostname}`
} catch {
return `input:${input.toString()}`
}
}
export const WebFetchTool = buildTool({
name: WEB_FETCH_TOOL_NAME,
searchHint: 'fetch and extract content from a URL',
// 100K chars - tool result persistence threshold
maxResultSizeChars: 100_000,
shouldDefer: true,
async description(input) {
const { url } = input as { url: string }
try {
const hostname = new URL(url).hostname
return `Claude wants to fetch content from ${hostname}`
} catch {
return `Claude wants to fetch content from this URL`
}
},
userFacingName() {
return 'Fetch'
},
getToolUseSummary,
getActivityDescription(input) {
const summary = getToolUseSummary(input)
return summary ? `Fetching ${summary}` : 'Fetching web page'
},
get inputSchema(): InputSchema {
return inputSchema()
},
get outputSchema(): OutputSchema {
return outputSchema()
},
isConcurrencySafe() {
return true
},
isReadOnly() {
return true
},
toAutoClassifierInput(input) {
return input.prompt ? `${input.url}: ${input.prompt}` : input.url
},
async checkPermissions(input, context): Promise<PermissionDecision> {
const appState = context.getAppState()
const permissionContext = appState.toolPermissionContext
// Check if the hostname is in the preapproved list
try {
const { url } = input as { url: string }
const parsedUrl = new URL(url)
if (isPreapprovedHost(parsedUrl.hostname, parsedUrl.pathname)) {
return {
behavior: 'allow',
updatedInput: input,
decisionReason: { type: 'other', reason: 'Preapproved host' },
}
}
} catch {
// If URL parsing fails, continue with normal permission checks
}
// Check for a rule specific to the tool input (matching hostname)
const ruleContent = webFetchToolInputToPermissionRuleContent(input)
const denyRule = getRuleByContentsForTool(
permissionContext,
WebFetchTool,
'deny',
).get(ruleContent)
if (denyRule) {
return {
behavior: 'deny',
message: `${WebFetchTool.name} denied access to ${ruleContent}.`,
decisionReason: {
type: 'rule',
rule: denyRule,
},
}
}
const askRule = getRuleByContentsForTool(
permissionContext,
WebFetchTool,
'ask',
).get(ruleContent)
if (askRule) {
return {
behavior: 'ask',
message: `Claude requested permissions to use ${WebFetchTool.name}, but you haven't granted it yet.`,
decisionReason: {
type: 'rule',
rule: askRule,
},
suggestions: buildSuggestions(ruleContent),
}
}
const allowRule = getRuleByContentsForTool(
permissionContext,
WebFetchTool,
'allow',
).get(ruleContent)
if (allowRule) {
return {
behavior: 'allow',
updatedInput: input,
decisionReason: {
type: 'rule',
rule: allowRule,
},
}
}
return {
behavior: 'ask',
message: `Claude requested permissions to use ${WebFetchTool.name}, but you haven't granted it yet.`,
suggestions: buildSuggestions(ruleContent),
}
},
async prompt(_options) {
// Always include the auth warning regardless of whether ToolSearch is
// currently in the tools list. Conditionally toggling this prefix based
// on ToolSearch availability caused the tool description to flicker
// between SDK query() calls (when ToolSearch enablement varies due to
// MCP tool count thresholds), invalidating the Anthropic API prompt
// cache on each toggle — two consecutive cache misses per flicker event.
return `IMPORTANT: WebFetch WILL FAIL for authenticated or private URLs. Before using this tool, check if the URL points to an authenticated service (e.g. Google Docs, Confluence, Jira, GitHub). If so, look for a specialized MCP tool that provides authenticated access.
${DESCRIPTION}`
},
async validateInput(input) {
const { url } = input
try {
new URL(url)
} catch {
return {
result: false,
message: `Error: Invalid URL "${url}". The URL provided could not be parsed.`,
meta: { reason: 'invalid_url' },
errorCode: 1,
}
}
return { result: true }
},
renderToolUseMessage,
renderToolUseProgressMessage,
renderToolResultMessage,
async call(
{ url, prompt },
{ abortController, options: { isNonInteractiveSession } },
) {
const start = Date.now()
const response = await getURLMarkdownContent(url, abortController)
// Check if we got a redirect to a different host
if ('type' in response && response.type === 'redirect') {
const statusText =
response.statusCode === 301
? 'Moved Permanently'
: response.statusCode === 308
? 'Permanent Redirect'
: response.statusCode === 307
? 'Temporary Redirect'
: 'Found'
const message = `REDIRECT DETECTED: The URL redirects to a different host.
Original URL: ${response.originalUrl}
Redirect URL: ${response.redirectUrl}
Status: ${response.statusCode} ${statusText}
To complete your request, I need to fetch content from the redirected URL. Please use WebFetch again with these parameters:
- url: "${response.redirectUrl}"
- prompt: "${prompt}"`
const output: Output = {
bytes: Buffer.byteLength(message),
code: response.statusCode,
codeText: statusText,
result: message,
durationMs: Date.now() - start,
url,
}
return {
data: output,
}
}
const {
content,
bytes,
code,
codeText,
contentType,
persistedPath,
persistedSize,
} = response as FetchedContent
const isPreapproved = isPreapprovedUrl(url)
let result: string
if (
isPreapproved &&
contentType.includes('text/markdown') &&
content.length < MAX_MARKDOWN_LENGTH
) {
result = content
} else {
result = await applyPromptToMarkdown(
prompt,
content,
abortController.signal,
isNonInteractiveSession,
isPreapproved,
)
}
// Binary content (PDFs, etc.) was additionally saved to disk with a
// mime-derived extension. Note it so Claude can inspect the raw file
// if the Haiku summary above isn't enough.
if (persistedPath) {
result += `\n\n[Binary content (${contentType}, ${formatFileSize(persistedSize ?? bytes)}) also saved to ${persistedPath}]`
}
const output: Output = {
bytes,
code,
codeText,
result,
durationMs: Date.now() - start,
url,
}
return {
data: output,
}
},
mapToolResultToToolResultBlockParam({ result }, toolUseID) {
return {
tool_use_id: toolUseID,
type: 'tool_result',
content: result,
}
},
} satisfies ToolDef<InputSchema, Output>)
function buildSuggestions(ruleContent: string): PermissionUpdate[] {
return [
{
type: 'addRules',
destination: 'localSettings',
rules: [{ toolName: WEB_FETCH_TOOL_NAME, ruleContent }],
behavior: 'allow',
},
]
}