Code Room
Code reviewHard
Question
Review this Python webhook/avatar fetcher that already blocks internal IPs.
What a strong answer looks like
Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.
Learn the concepts
import ipaddress, socket, requestsfrom urllib.parse import urlparse def fetch_avatar(url): host = urlparse(url).hostname ip = ipaddress.ip_address(socket.gethostbyname(host)) if ip.is_private or ip.is_loopback or ip.is_link_local: raise ValueError('blocked internal address') resp = requests.get(url, timeout=5) return resp.contentRun or narrate your approach, then ask the coach.