Skip to content

Allow "Remote"-ing to Executor Web Dashboard#261

Merged
RhysSullivan merged 3 commits intoRhysSullivan:mainfrom
therealsamyak:feat/cli-hostname-no-cors
Apr 17, 2026
Merged

Allow "Remote"-ing to Executor Web Dashboard#261
RhysSullivan merged 3 commits intoRhysSullivan:mainfrom
therealsamyak:feat/cli-hostname-no-cors

Conversation

@therealsamyak
Copy link
Copy Markdown
Contributor

@therealsamyak therealsamyak commented Apr 15, 2026

What Changed

Added --hostname and --exposed CLI flags to executor web:

  • --hostname <addr> changes the Bun.serve bind address (default: 127.0.0.1)
  • --exposed binds to 0.0.0.0 and disables the host allowlist check, allowing remote access from non localhost clients

Why

When running executor web in Docker or on a remote machine (ex. trying to access over Tailscale), the server needs to bind to 0.0.0.0 instead of 127.0.0.1, and the isAllowedHost check must be bypassed since non localhost Host headers get rejected with 403.

Impact

Two files changed:

  • apps/local/src/serve.ts

    • Added hostname and disableHostCheck to StartServerOptions
    • Used in Bun.serve() and host check logic

  • apps/cli/src/main.ts

    • Added --hostname and --exposed flags to the web command
    • Wired through to startServer()

Default behavior unchanged: executor web with no flags behaves identically to upstream.

Validation

  • bun vitest run

    • 141/143 tests passing
    • 2 pre existing failures in preset icon tests (unrelated)

  • bun run apps/cli/src/main.ts web --help

    • Shows --hostname and --exposed

  • executor web --exposed

    • Binds to 0.0.0.0
    • Non localhost Host headers return 200

  • executor web

    • Binds to 127.0.0.1
    • Non localhost Host headers return 403

Notes

This PR was vibe-coded with with Opencode + Oh-my-Openagent + GLM-5.1 / GLM-5-Turbo.

The --hostname flag might not be necessary. If you are going to host this on a custom domain / IP, you could instead use the --exposed flag, then containerize + reverse proxy, etc., instead of putting that burden on this repo / maintainers moving forward.

I am not that familiar with networking stuff so correct me if I am wrong here...

Feel free to checkout the branch and push changes accordingly.

@therealsamyak therealsamyak changed the title Allow Remote Access to Executor Dashboard Allow "Remote"-ing to Executor Dashboard Apr 15, 2026
@therealsamyak therealsamyak changed the title Allow "Remote"-ing to Executor Dashboard Allow "Remote"-ing to Executor Web Dashboard Apr 15, 2026
mrzmyr
mrzmyr reviewed Apr 16, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@mrzmyr mrzmyr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Claude Code Review (Opus 4.6)

Clean PR — the feature makes sense and the implementation is minimal. Two things I'd fix:

1. Display URL is broken when using --exposed

When --exposed sets hostname to 0.0.0.0, the console prints http://0.0.0.0:4788 which doesn't work in a browser. Should still display localhost:

const displayHost = hostname === "0.0.0.0" ? "localhost" : hostname;
const baseUrl = `http://${displayHost}:${server.port}`;

2. --exposed silently overrides --hostname

If someone passes --hostname 10.0.0.5 --exposed, the hostname is quietly ignored. These should either be mutually exclusive (error if both provided) or --exposed should only control disableHostCheck without touching hostname.

@therealsamyak therealsamyak force-pushed the feat/cli-hostname-no-cors branch from 886771c to 7565aaa Compare April 16, 2026 23:31
@RhysSullivan
Replace --exposed with --allowed-host list
3f8d7db 
Drop the kill-switch that bypassed the Host-header allowlist entirely.
Instead, let the user extend the allowlist explicitly via repeatable
--allowed-host flags. Localhost/127.0.0.1 remain always allowed.

This preserves the DNS-rebinding protection when binding to 0.0.0.0:
an attacker's site still can't target the executor unless it can forge
a Host header that the user has explicitly permitted.

Also:
- log a warning when binding to a non-localhost address
- show "localhost" in the printed baseUrl when bound to 0.0.0.0
  (the literal 0.0.0.0 isn't a visitable URL)
@RhysSullivan
Copy link
Copy Markdown
Owner

RhysSullivan commented Apr 17, 2026
edited
Loading

Swapped it to:

  • Dropped --exposed. It disabled the Host-header allowlist entirely, which removes the DNS-rebinding protection. If someone ran executor web --exposed on a network a browser could reach, any site they visited could rebind DNS and hit the executor API
  • Kept --hostname (same semantics: bind address).
  • Added --allowed-host <host> (repeatable). Appends to the built-in allowlist instead of bypassing it. Localhost/127.0.0.1 are always allowed.
  • Added a startup warning when binding non-locally.
  • Printed baseUrl uses localhost instead of 0.0.0.0 (the literal isn't a visitable URL).

@RhysSullivan RhysSullivan merged commit ac89b51 into RhysSullivan:main Apr 17, 2026
@therealsamyak therealsamyak deleted the feat/cli-hostname-no-cors branch April 17, 2026 15:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@mrzmyr mrzmyr mrzmyr left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@therealsamyak @RhysSullivan @mrzmyr