Feat/Enhance security validation for MCP configurations (#5232)

feat: enhance security validation for MCP configurations - Added environment variable checks for CUSTOM_MCP_SECURITY_CHECK, CUSTOM_MCP_PROTOCOL, and HTTP_DENY_LIST across various Docker and application files. - Implemented validation functions in MCP core to prevent command injection and ensure safe environment variable usage
2026-06-22 09:01:09 +03:00 · 2025-09-18 14:37:31 +01:00
parent 42152dd036
commit 41131dfac3
10 changed files with 130 additions and 9 deletions
@@ -124,6 +124,11 @@ services:
            - REDIS_CA=${REDIS_CA}
            - REDIS_KEEP_ALIVE=${REDIS_KEEP_ALIVE}
            - ENABLE_BULLMQ_DASHBOARD=${ENABLE_BULLMQ_DASHBOARD}
+
+              # SECURITY
+            - CUSTOM_MCP_SECURITY_CHECK=${CUSTOM_MCP_SECURITY_CHECK}
+            - CUSTOM_MCP_PROTOCOL=${CUSTOM_MCP_PROTOCOL}
+            - HTTP_DENY_LIST=${HTTP_DENY_LIST}
        ports:
            - '${PORT}:${PORT}'
        healthcheck: