Commit Graph

90 Commits

Author SHA1 Message Date
Chris Anderson
86dad64f11 fix: harden local MCP server (CSRF, body cap, concurrency, tests)
Addresses review of the initial MCP HTTP server cut. Loopback bind alone
does not protect against browser-driven attacks — any page in the user's
browser is also on loopback. Adds a three-layer security gate, a body
size cap, a handler concurrency limit, and full HTTP-transport coverage.

Security
- McpHttpServer rejects requests with an Origin header (browsers always
  set it; real MCP clients never do). Validates Host against loopback
  names (DNS-rebinding pivot defense). Requires application/json on
  POST so a cross-origin browser fetch must trigger a CORS preflight,
  which we never satisfy.
- 4 MiB body cap with bounded streaming read (413 on overrun).
- 8-handler concurrency cap so a misbehaving local client cannot pin
  every threadpool thread on long-running screen/camera calls.
- Settings migration: legacy McpOnlyMode=false no longer silently
  inherits EnableNodeMode (would have flipped MCP on without consent).

Bridge
- _capabilities snapshotted to array per call (was racing concurrent
  enumeration vs UI-thread mutation).
- Non-integer / out-of-range / string ids round-trip via GetRawText
  instead of GetInt64 (used to strip the id from error responses on
  fractional or big-int ids, breaking client correlation).
- tools/call validates 'arguments' is an object if present and rejects
  empty 'name'.
- Generic 'internal error' on the wire for unhandled exceptions; full
  exception with stack goes to the log via Error(string, Exception).
- Empty resources/list and prompts/list for Cursor compat (was
  MethodNotFound).
- Non-object root → InvalidRequest.

Lifecycle
- Start() failure now disposes the half-constructed listener/CTS
  instead of leaking the port reservation.
- _disposed guarded with Interlocked.Exchange (idempotent across
  threads).
- App.xaml.cs warns when both modes are enabled but gateway
  prerequisites are missing — silent fall-back to MCP-only was
  confusing.
- NodeService.McpStartupError surfaces the actual failure to Settings
  UI; status text shows 'Failed to start: <reason>' instead of the
  misleading 'Stopped — save and restart to start'.

Refactor
- McpHttpServer moved from OpenClaw.Tray.WinUI/Services to
  OpenClaw.Shared/Mcp (no WinUI deps; lets it be unit-tested).

Tests
- 10 new McpToolBridgeTests: non-object root, missing/non-string
  params, non-object arguments, fractional/big-int/string ids,
  empty resources/prompts, generic-message guarantee on internal
  errors.
- New McpHttpServerTests (13): GET probe, valid POST, Origin reject,
  rebind-Host reject, localhost-Host accept, text/plain reject,
  json+charset accept, PUT reject, oversized body reject, notification
  204, idempotent dispose, ctor null guards.

Docs
- MCP_MODE.md: rewritten Security Model section with the three-layer
  model and curl-based 'verify the gate' examples; tool list updated
  to reflect master (screen.snapshot, camera.clip, location.get).

All 715 tests pass (32 MCP, 20 integration, 663 other).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-27 09:33:09 -07:00
Chris Anderson
a3d884f4c4 feat: local MCP HTTP server mode, independent of node mode
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 09:33:09 -07:00
Scott Hanselman
c64484e392 docs: document release flow
Document the tag-driven release process, versioning expectations, and retagging steps for OpenClaw Windows Hub releases.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 08:54:11 -07:00
Scott Hanselman
65542764f2 docs: sync mission control parity status
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 07:01:37 -07:00
Scott Hanselman
64a5221e99 feat: expand activity stream history
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 06:56:30 -07:00
Scott Hanselman
dd51149a5e docs: record voice mode parity blockers
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 06:45:57 -07:00
Scott Hanselman
62d7e0c28b feat: add debug bundle entrypoint
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 06:32:21 -07:00
Scott Hanselman
ec4ce4aafc feat: add summary copy entrypoints
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 06:17:46 -07:00
Scott Hanselman
582cec5557 feat: add diagnostics copy entrypoints
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 06:13:14 -07:00
Scott Hanselman
51c14f38d1 feat: add port diagnostics entrypoint
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 06:08:12 -07:00
Scott Hanselman
65339ab658 feat: add manual update check entrypoint
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 05:57:54 -07:00
Scott Hanselman
8bba19ca9d feat: add browser setup guidance entrypoint
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 05:44:45 -07:00
Scott Hanselman
0ca2014244 fix: redact support context paths
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 05:13:58 -07:00
Scott Hanselman
18b43a50e8 feat: add support debug entrypoints
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 05:04:09 -07:00
Scott Hanselman
9a4fe87642 docs: update mission control parity status
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 04:52:21 -07:00
Scott Hanselman
9bce622daa docs: sync deep link list
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 04:41:10 -07:00
Scott Hanselman
4be273c9eb feat: add tray utility palette actions
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 04:39:30 -07:00
Scott Hanselman
4ccf2ad923 feat: add notification history entrypoint
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 04:36:27 -07:00
Scott Hanselman
966422d8b6 docs: update powertoys command list
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 04:30:35 -07:00
Scott Hanselman
dfb1e6a04d feat: add command center to palette
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 04:19:37 -07:00
Scott Hanselman
38f9042654 docs: record browser host smoke status
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 04:16:03 -07:00
Scott Hanselman
6cef6d7ee2 docs: add browser proxy testing guidance
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 03:33:25 -07:00
Scott Hanselman
1e0ced8c58 docs: correct voice tts parity status
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 03:31:31 -07:00
Scott Hanselman
0dc9be4b73 docs: align browser parity status
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 03:28:08 -07:00
Scott Hanselman
25c364da11 fix: use tunnel local port for browser diagnostics
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 03:22:34 -07:00
Scott Hanselman
233034fcbf fix: support asymmetric browser ssh guidance
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 03:16:53 -07:00
Scott Hanselman
9537c44056 docs: update browser diagnostic category
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 03:07:12 -07:00
Scott Hanselman
87e0a85c79 fix: guide disabled browser proxy parity
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 03:04:01 -07:00
Scott Hanselman
6e636b2a6b feat: preview managed ssh tunnel command
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 03:01:31 -07:00
Scott Hanselman
d7d9670a3c docs: refresh browser proxy architecture status
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:55:35 -07:00
Scott Hanselman
082f630fd9 fix: align settings ssh test tunnel
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:53:25 -07:00
Scott Hanselman
b0c604cbf7 docs: explain browser ssh tunnel forward
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:51:28 -07:00
Scott Hanselman
c6dbe6d3cc fix: clarify browser proxy reachability errors
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:48:10 -07:00
Scott Hanselman
e8df736a72 fix: guide missing browser ssh forward
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:43:39 -07:00
Scott Hanselman
769cb31e84 feat: show gateway runtime owner
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:40:56 -07:00
Scott Hanselman
2c4020f107 feat: detect manual ssh gateway forwards
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:36:03 -07:00
Scott Hanselman
d8f7dfb37d feat: show port owner diagnostics
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:31:25 -07:00
Scott Hanselman
17f377e04c fix: diagnose blocked browser proxy policy
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:27:52 -07:00
Scott Hanselman
48387bd1bd feat: forward browser proxy over ssh tunnel
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:22:59 -07:00
Scott Hanselman
8ee30a0a2f feat: add port diagnostics copy action
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:14:03 -07:00
Scott Hanselman
c298507c31 feat: add node inventory copy action
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:10:45 -07:00
Scott Hanselman
35e04bca75 feat: show update status in command center
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:06:41 -07:00
Scott Hanselman
7f558e1e1b feat: redact topology support context
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 02:01:47 -07:00
Scott Hanselman
0ea647ea9e feat: show topology summary in settings
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 01:59:02 -07:00
Scott Hanselman
e7208f3545 fix: distinguish disabled node capabilities
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 01:53:54 -07:00
Scott Hanselman
e885802052 feat: warn before enabling node mode
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 01:49:11 -07:00
Scott Hanselman
2758faca3b feat: add node capability settings
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 01:44:45 -07:00
Scott Hanselman
ed218e9607 feat: detect expired setup codes
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 01:37:21 -07:00
Scott Hanselman
9e319da08d feat: clarify setup pairing expectations
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 01:34:25 -07:00
Scott Hanselman
08834cb0e3 docs: document node command allowlists
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-27 01:27:06 -07:00