-
Notifications
You must be signed in to change notification settings - Fork 2k
MCP conformance: DNS rebinding protection #3643
Copy link
Copy link
Open
Labels
enhancementImprovement to existing functionality. For issues and smaller PR improvements.Improvement to existing functionality. For issues and smaller PR improvements.httpRelated to HTTP transport, networking, or web server functionality.Related to HTTP transport, networking, or web server functionality.securitySecurity fixes: input validation, SSRF/LFI prevention, auth hardening, injection defenses.Security fixes: input validation, SSRF/LFI prevention, auth hardening, injection defenses.serverRelated to FastMCP server implementation or server-side functionality.Related to FastMCP server implementation or server-side functionality.
Description
Metadata
Metadata
Assignees
Labels
enhancementImprovement to existing functionality. For issues and smaller PR improvements.Improvement to existing functionality. For issues and smaller PR improvements.httpRelated to HTTP transport, networking, or web server functionality.Related to HTTP transport, networking, or web server functionality.securitySecurity fixes: input validation, SSRF/LFI prevention, auth hardening, injection defenses.Security fixes: input validation, SSRF/LFI prevention, auth hardening, injection defenses.serverRelated to FastMCP server implementation or server-side functionality.Related to FastMCP server implementation or server-side functionality.
The MCP conformance test suite expects DNS rebinding protection for HTTP transports. This is listed as an expected failure in
tests/conformance/expected-failures.yml.When implemented, remove
dns-rebinding-protectionfrom the expected failures file and verify the conformance suite passes.