Consolidated SSRF-safe HTTP fetch used by every outbound OAuth/discovery
request. Delegates to the connector's secureRequestHTTP with the
block-internal policy: parse once with vibe's URL, classify the host once,
resolve + pin to a vetted numeric address (preserving Host header + TLS SNI),
and fail CLOSED on any internal/unresolvable target. Throws invalidRequest
when the URL is unsafe.
Consolidated SSRF-safe HTTP fetch used by every outbound OAuth/discovery request. Delegates to the connector's secureRequestHTTP with the block-internal policy: parse once with vibe's URL, classify the host once, resolve + pin to a vetted numeric address (preserving Host header + TLS SNI), and fail CLOSED on any internal/unresolvable target. Throws invalidRequest when the URL is unsafe.