Fine-grained HTTP filtering for Claude Code
5 hours ago
- #security-tooling
- #agentic-development
- #HTTP-filtering
- Coding agents are becoming more powerful without adequate security and governance tools.
- httpjail is a tool designed to mitigate risks associated with agentic development, such as destructive actions, information leaks, and excessive authority.
- httpjail implements HTTP(S) interception and process-level network isolation, blocking non-HTTP(S) traffic by default.
- Rules in httpjail can be JavaScript expressions or custom programs, offering flexibility without a steep learning curve.
- Examples of httpjail usage include restricting to specific hosts, allowing only GET requests, or whitelisting hosts from a file.
- httpjail operates in both strong (namespace creation and nftables redirect) and weak (environment variable-based) modes, with macOS defaulting to weak mode.
- TLS interception is a key feature, allowing inspection of HTTPS traffic through dynamic certificate generation and CA trust injection.
- Potential jail escapes exist, such as bypassing HTTP_PROXY in weak mode or using Docker sockets in strong mode, but the tool still provides significant value.
- For maximum isolation, httpjail can be run in server mode, with network firewalls configured to enforce traffic routing through the proxy.
- The tool is available for installation via cargo and detailed in its GitHub repository.