Skip to content

fix: add async_is_safe_url() to prevent blocking event loop on DNS lo…#3611

Open
memosr wants to merge 1 commit intoNousResearch:mainfrom
memosr:patch-38
Open

fix: add async_is_safe_url() to prevent blocking event loop on DNS lo…#3611
memosr wants to merge 1 commit intoNousResearch:mainfrom
memosr:patch-38

Conversation

@memosr
Copy link
Copy Markdown
Contributor

@memosr memosr commented Mar 28, 2026

…okup

is_safe_url() calls socket.getaddrinfo() which is synchronous and blocks the calling thread. It is used inside web_extract_tool() and web_crawl_tool() which are both async functions running in the asyncio event loop. On a slow or unresponsive DNS server this freezes the entire event loop — blocking all gateway message handling for all users until DNS responds.

Fix extracts the DNS + IP check into _check_hostname() and adds async_is_safe_url() which offloads the blocking call to a thread pool via loop.run_in_executor(). The original synchronous is_safe_url() is preserved for callers that are not in async context (e.g. the vision_tools.py redirect hook).

What does this PR do?

Related Issue

Fixes #

Type of Change

  • 🐛 Bug fix (non-breaking change that fixes an issue)
  • ✨ New feature (non-breaking change that adds functionality)
  • 🔒 Security fix
  • 📝 Documentation update
  • ✅ Tests (adding or improving test coverage)
  • ♻️ Refactor (no behavior change)
  • 🎯 New skill (bundled or hub)

Changes Made

How to Test

Checklist

Code

  • I've read the Contributing Guide
  • My commit messages follow Conventional Commits (fix(scope):, feat(scope):, etc.)
  • I searched for existing PRs to make sure this isn't a duplicate
  • My PR contains only changes related to this fix/feature (no unrelated commits)
  • I've run pytest tests/ -q and all tests pass
  • I've added tests for my changes (required for bug fixes, strongly encouraged for features)
  • I've tested on my platform:

Documentation & Housekeeping

  • I've updated relevant documentation (README, docs/, docstrings) — or N/A
  • I've updated cli-config.yaml.example if I added/changed config keys — or N/A
  • I've updated CONTRIBUTING.md or AGENTS.md if I changed architecture or workflows — or N/A
  • I've considered cross-platform impact (Windows, macOS) per the compatibility guide — or N/A
  • I've updated tool descriptions/schemas if I changed tool behavior — or N/A

For New Skills

  • This skill is broadly useful to most users (if bundled) — see Contributing Guide
  • SKILL.md follows the standard format (frontmatter, trigger conditions, steps, pitfalls)
  • No external dependencies that aren't already available (prefer stdlib, curl, existing Hermes tools)
  • I've tested the skill end-to-end: hermes --toolsets skills -q "Use the X skill to do Y"

Screenshots / Logs

@memosr
fix: add async_is_safe_url() to prevent blocking event loop on DNS lo…
9799c91 
…okup

is_safe_url() calls socket.getaddrinfo() which is synchronous and
blocks the calling thread. It is used inside web_extract_tool() and
web_crawl_tool() which are both async functions running in the asyncio
event loop. On a slow or unresponsive DNS server this freezes the
entire event loop — blocking all gateway message handling for all
users until DNS responds.

Fix extracts the DNS + IP check into _check_hostname() and adds
async_is_safe_url() which offloads the blocking call to a thread pool
via loop.run_in_executor(). The original synchronous is_safe_url() is
preserved for callers that are not in async context (e.g. the
vision_tools.py redirect hook).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@memosr