diff --git a/src/applications/config/option/PhabricatorSecurityConfigOptions.php b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
index dde1d0d7be..4d4da4bd02 100644
--- a/src/applications/config/option/PhabricatorSecurityConfigOptions.php
+++ b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
@@ -23,8 +23,8 @@ final class PhabricatorSecurityConfigOptions
     $doc_href = PhabricatorEnv::getDoclink('Configuring a File Domain');
     $doc_name = pht('Configuration Guide: Configuring a File Domain');
 
-    // This is all of the IANA special/reserved blocks in IPv4 space.
     $default_address_blacklist = array(
+      // This is all of the IANA special/reserved blocks in IPv4 space.
       '0.0.0.0/8',
       '10.0.0.0/8',
       '100.64.0.0/10',
@@ -41,6 +41,21 @@ final class PhabricatorSecurityConfigOptions
       '224.0.0.0/4',
       '240.0.0.0/4',
       '255.255.255.255/32',
+
+      // And these are the IANA special/reserved blocks in IPv6 space.
+      '::/128',
+      '::1/128',
+      '::ffff:0:0/96',
+      '100::/64',
+      '64:ff9b::/96',
+      '2001::/32',
+      '2001:10::/28',
+      '2001:20::/28',
+      '2001:db8::/32',
+      '2002::/16',
+      'fc00::/7',
+      'fe80::/10',
+      'ff00::/8',
     );
 
     $keyring_type = 'custom:PhabricatorKeyringConfigOptionType';
diff --git a/src/infrastructure/env/PhabricatorEnv.php b/src/infrastructure/env/PhabricatorEnv.php
index ae7256a490..15873a7f9c 100644
--- a/src/infrastructure/env/PhabricatorEnv.php
+++ b/src/infrastructure/env/PhabricatorEnv.php
@@ -737,10 +737,10 @@ final class PhabricatorEnv extends Phobject {
    * @task uri
    */
   public static function requireValidRemoteURIForFetch(
-    $uri,
+    $raw_uri,
     array $protocols) {
 
-    $uri = new PhutilURI($uri);
+    $uri = new PhutilURI($raw_uri);
 
     $proto = $uri->getProtocol();
     if (!strlen($proto)) {
@@ -748,7 +748,7 @@ final class PhabricatorEnv extends Phobject {
         pht(
           'URI "%s" is not a valid fetchable resource. A valid fetchable '.
           'resource URI must specify a protocol.',
-          $uri));
+          $raw_uri));
     }
 
     $protocols = array_fuse($protocols);
@@ -757,7 +757,7 @@ final class PhabricatorEnv extends Phobject {
         pht(
           'URI "%s" is not a valid fetchable resource. A valid fetchable '.
           'resource URI must use one of these protocols: %s.',
-          $uri,
+          $raw_uri,
           implode(', ', array_keys($protocols))));
     }
 
@@ -767,7 +767,7 @@ final class PhabricatorEnv extends Phobject {
         pht(
           'URI "%s" is not a valid fetchable resource. A valid fetchable '.
           'resource URI must specify a domain.',
-          $uri));
+          $raw_uri));
     }
 
     $addresses = gethostbynamel($domain);
@@ -776,7 +776,7 @@ final class PhabricatorEnv extends Phobject {
         pht(
           'URI "%s" is not a valid fetchable resource. The domain "%s" could '.
           'not be resolved.',
-          $uri,
+          $raw_uri,
           $domain));
     }
 
@@ -787,7 +787,7 @@ final class PhabricatorEnv extends Phobject {
             'URI "%s" is not a valid fetchable resource. The domain "%s" '.
             'resolves to the address "%s", which is blacklisted for '.
             'outbound requests.',
-            $uri,
+            $raw_uri,
             $domain,
             $address));
       }