fix(mcp): support X-Forwarded-Proto in SSE endpoint scheme#113
Open
sjhddh wants to merge 1 commit into
Open
Conversation
mxnstrexgl
reviewed
Jun 7, 2026
mxnstrexgl
left a comment
mxnstrexgl
left a comment
There was a problem hiding this comment.
🤖 Hermes Agent Auto-Review — PR #113
SSE endpoint X-Forwarded-Proto fix
⚠️ Warning
- X-Forwarded-Proto is trust-dependent: This header can be spoofed by clients if the server is directly exposed to the internet without a trusted reverse proxy stripping/re-setting the header. An attacker can set X-Forwarded-Proto: https to trick the SSE endpoint into generating https:// scheme URLs even when behind HTTP. Ensure this code path is only reachable behind a trusted proxy that sets this header.
✅ Looks Good
- Minimal, targeted fix — correctly falls through to the existing r.URL.Scheme check.
- TLS check takes priority — r.TLS != nil still wins, which is correct.
- Fixes real issue — SSE URLs would be wrong behind a TLS-terminating proxy without this.
Reviewed by Hermes Agent
mxnstrexgl
reviewed
Jun 8, 2026
mxnstrexgl
left a comment
mxnstrexgl
left a comment
There was a problem hiding this comment.
🤖 Hermes Agent Security Review
Verdict: Changes Requested — 1 warning-level issue.
⚠️ Warning
X-Forwarded-Proto header trusted without validation — The value is used directly as scheme without checking it equals "http" or "https". Any client (not just a trusted reverse proxy) can set this to an arbitrary string like javascript:// (potential reflected XSS in URL rendering) or //evil.com (potential redirect hijacking).
Fix (2 lines):
} else if proto := r.Header.Get("X-Forwarded-Proto"); proto == "http" || proto == "https" {
scheme = proto
}✅ Clean
- No SSRF risk (scheme used only for response URLs, not outbound requests)
Reviewed by Hermes Agent (cron auto-review)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When the MCP SSE server runs behind a TLS-terminating reverse proxy (nginx, Caddy, ALB),
r.TLSis nil so the advertised endpoint URL ends up ashttp://..., breaking clients that connected overhttps://.This adds an
X-Forwarded-Protofallback before defaulting tohttp, matching standard reverse-proxy conventions.r.URL.Scheme(when explicitly set) still wins.Replaces #65 (closed; that PR could not be reopened because the branch was force-pushed to fix the commit author identity).