Chore/Custom MCP Validation (#4996)

- Updated `validateMCPServerSecurity` to only allow whitelisted commands, removing the extensive list of dangerous commands. - Introduced `validateArgsForLocalFileAccess` to check for potential local file access patterns and null byte injections. - Updated `Supergateway_MCP` to utilize the new argument validation function. - Added a warning in `CustomMCP` regarding upcoming changes to Remote MCP support.
2026-06-28 09:00:52 +03:00 · 2025-07-31 23:15:11 +01:00
parent 28fec16873
commit d29db16bfc
4 changed files with 60 additions and 380 deletions
@@ -4,6 +4,7 @@ import { useEffect, useRef, useState, useContext } from 'react'
 import { useSelector, useDispatch } from 'react-redux'
 import { cloneDeep } from 'lodash'
 import showdown from 'showdown'
+import parser from 'html-react-parser'

 // material-ui
 import { useTheme, styled } from '@mui/material/styles'
@@ -966,7 +967,7 @@ const NodeInputHandler = ({
                                }}
                            >
                                <IconAlertTriangle size={30} color='orange' />
-                                <span style={{ color: 'rgb(116,66,16)', marginLeft: 10 }}>{inputParam.warning}</span>
+                                <span style={{ color: 'rgb(116,66,16)', marginLeft: 10 }}>{parser(inputParam.warning)}</span>
                            </div>
                        )}
                        {inputParam.type === 'credential' && (