I wish Mojo::UserAgent could be made to not visit private IPs
Someone wanting to make a social media site (such as a Mastodon server & web client for example) will want to allow its users to post URLs, for which previews will be shown in their posts.
These posts will be visited by a UserAgent, but there is the risk that a private IP (disguised as a FQDN hostname that resolves to it) will be in the URL's host, and that might cause security issues.
I could use LWP::ParanoidAgent, but then I'd have to fork a process to make the whole thing async, like a good Mojolicious site will be, and too many processes running can be a problem. Also I'd be missing on the many Roles that exist for Mojo::Useragent.
So I opened this issue on Mojolicious's github wishing for a solution.
As stated in the github ticket, I managed to achieve what I wanted by passing my server's Mojo::UA requests through a SOCKS5 proxy running on the same server that didn't have access to private IP addresses.