Skip to content

v0.4.2

Latest

Choose a tag to compare

@designcomputer designcomputer released this 20 Jun 15:25

Security Fix

  • SSE: DNS rebinding protection enabledSseServerTransport now receives TransportSecuritySettings(enable_dns_rebinding_protection=True), validating Host and Origin headers against an allowlist. This closes the DNS rebinding attack vector reported in #92.
  • Default allowed hosts are localhost:{port} and 127.0.0.1:{port}. Operators deploying behind a reverse proxy can extend the list via MCP_SSE_ALLOWED_HOSTS (comma-separated).
  • Graceful fallback for older mcp versions that predate transport_security.

Documentation

  • New Security Considerations note explaining that SSE has no built-in authentication and showing how to front it with an nginx reverse proxy (with MCP_SSE_HOST=127.0.0.1 and MCP_SSE_ALLOWED_HOSTS).
  • MCP_SSE_ALLOWED_HOSTS added to the .env example block.