[Feat]: Integrated SSRF and DNS Rebinding Protection across all Transports

[alisa-alisa]

Is your feature request related to a problem? Please describe.

The Gemini CLI team is integrating the A2A SDK to support remote agents. To meet production security standards, it is critical that the CLI is protected against Server-Side Request Forgery (SSRF) and DNS Rebinding attacks.

We believe these security guardrails should be a native part of the SDK to ensure all consumers are "secure by default."

Describe the solution you'd like

Requested Features:

1. Transport-Agnostic Connection Filtering: A unified mechanism (e.g., a connectionInterceptor or lookup hook) in the ClientFactory that applies to all transports (REST, JSONRpc, and gRPC) to block access to private/internal IP ranges.
2. DNS Rebinding Protection (IP Pinning): Support for "pinning" a connection to the specific IP address resolved during the initial Agent Card discovery phase. This is necessary to prevent Time-of-Check/Time-of-Use (TOCTOU) attacks where an attacker swaps a hostname's DNS record between discovery and tool execution.
3. Secure Card Validation: Built-in validation in the DefaultAgentCardResolver to automatically reject agent cards if the card URL or any nested interface URLs point to restricted IP ranges.

Describe alternatives you've considered

We attempted to implement these protections at the application layer, but found it impossible to achieve full coverage without "hacking" SDK internals—especially for gRPC, which does not respect the same connection-level hooks as HTTP-based transports.

Additional context

No response

Code of Conduct

• I agree to follow this project's Code of Conduct