24187149224

Committed 09 Apr 2026 11:12AM UTC coverage: 65.022% (+0.03%) from 64.988%

Build # 24187149224

Build Type

push

github

Committed by

web-flow

Commit Message

Add SSRF protection to RemoteURL validation (#4697)

ValidateRemoteURL now rejects URLs targeting internal and metadata
endpoints to prevent SSRF vectors when downstream components fetch
user-supplied URLs in-cluster.

Blocked ranges: loopback (127.0.0.0/8, ::1), link-local/cloud
metadata (169.254.0.0/16), RFC 1918 private (10/8, 172.16/12,
192.168/16), IPv6 ULA (fc00::/7), and the unspecified address
(0.0.0.0/8, ::). IPv4-mapped IPv6 addresses (::ffff:127.0.0.1) are
normalized to prevent bypass.

Blocked hostnames: localhost, kubernetes.default.svc(.cluster.local),
cluster.local, metadata.google.internal (with subdomain matching).

The MCPServerEntry controller now calls ValidateRemoteURL and reports
results through a RemoteURLValidated status condition, consistent with
the existing MCPRemoteProxy controller pattern.

Closes #4695

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Coverage Stats

63 of 64 new or added lines in 2 files covered. (98.44%)

3 existing lines in 1 file now uncovered.

55650 of 85587 relevant lines covered (65.02%)

62.77 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

79.38

/pkg/transport/proxy/httpsse/http_proxy.go

stacklok / toolhive / 24187149224

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source Not Available

Source File
Press 'n' to go to next uncovered line, 'b' for previous