chore(mcp): unguessable mdb url (#37677)

yury-s · web-flow · commit 288bd8705491 · 2025-10-02T10:52:27.000-07:00
diff --git a/packages/playwright/src/mcp/sdk/http.ts b/packages/playwright/src/mcp/sdk/http.ts
@@ -59,11 +59,12 @@ export function httpAddressToString(address: string | net.AddressInfo | null): s
   return `http://${resolvedHost}:${resolvedPort}`;
 }
 
-export async function installHttpTransport(httpServer: http.Server, serverBackendFactory: ServerBackendFactory, allowedHosts?: string[]) {
+export async function installHttpTransport(httpServer: http.Server, serverBackendFactory: ServerBackendFactory, unguessableUrl: boolean, allowedHosts?: string[]) {
   const url = httpAddressToString(httpServer.address());
   const host = new URL(url).host;
   allowedHosts = (allowedHosts || [host]).map(h => h.toLowerCase());
   const allowAnyHost = allowedHosts.includes('*');
+  const pathPrefix = unguessableUrl ? `/${crypto.randomUUID()}` : '';
 
   const sseSessions = new Map();
   const streamableSessions = new Map();
@@ -83,7 +84,13 @@ export async function installHttpTransport(httpServer: http.Server, serverBacken
       }
     }
 
-    const url = new URL(`http://localhost${req.url}`);
+    if (!req.url?.startsWith(pathPrefix)) {
+      res.statusCode = 404;
+      return res.end('Not found');
+    }
+
+    const path = req.url?.slice(pathPrefix.length);
+    const url = new URL(`http://localhost${path}`);
     if (url.pathname === '/killkillkill' && req.method === 'GET') {
       res.statusCode = 200;
       res.end('Killing process');
@@ -96,6 +103,8 @@ export async function installHttpTransport(httpServer: http.Server, serverBacken
     else
       await handleStreamable(serverBackendFactory, req, res, streamableSessions);
   });
+
+  return `${url}${pathPrefix}`;
 }
 
 async function handleSSE(serverBackendFactory: ServerBackendFactory, req: http.IncomingMessage, res: http.ServerResponse, url: URL, sessions: Map<string, SSEServerTransport>) {
diff --git a/packages/playwright/src/mcp/sdk/mdb.ts b/packages/playwright/src/mcp/sdk/mdb.ts
@@ -167,8 +167,7 @@ export async function runOnPauseBackendLoop(backend: mcpServer.ServerBackend, in
   };
 
   const httpServer = await mcpHttp.startHttpServer({ port: 0 });
-  await mcpHttp.installHttpTransport(httpServer, factory);
-  const url = mcpHttp.httpAddressToString(httpServer.address());
+  const url = await mcpHttp.installHttpTransport(httpServer, factory, true);
 
   const client = new mcpBundle.Client({ name: 'Pushing client', version: '0.0.0' });
   client.setRequestHandler(mcpBundle.PingRequestSchema, () => ({}));
@@ -193,8 +192,7 @@ export async function runOnPauseBackendLoop(backend: mcpServer.ServerBackend, in
 
 async function startAsHttp(backendFactory: mcpServer.ServerBackendFactory, options: { port: number }) {
   const httpServer = await mcpHttp.startHttpServer(options);
-  await mcpHttp.installHttpTransport(httpServer, backendFactory);
-  return mcpHttp.httpAddressToString(httpServer.address());
+  return await mcpHttp.installHttpTransport(httpServer, backendFactory, true);
 }
 
 
diff --git a/packages/playwright/src/mcp/sdk/server.ts b/packages/playwright/src/mcp/sdk/server.ts
@@ -19,7 +19,7 @@ import { fileURLToPath } from 'url';
 import { debug } from 'playwright-core/lib/utilsBundle';
 
 import * as mcpBundle from './bundle';
-import { httpAddressToString, installHttpTransport, startHttpServer } from './http';
+import { installHttpTransport, startHttpServer } from './http';
 import { InProcessTransport } from './inProcessTransport';
 
 import type { Tool, CallToolResult, CallToolRequest, Root } from '@modelcontextprotocol/sdk/types.js';
@@ -166,8 +166,7 @@ export async function start(serverBackendFactory: ServerBackendFactory, options:
   }
 
   const httpServer = await startHttpServer(options);
-  const url = httpAddressToString(httpServer.address());
-  await installHttpTransport(httpServer, serverBackendFactory, options.allowedHosts);
+  const url = await installHttpTransport(httpServer, serverBackendFactory, false, options.allowedHosts);
 
   const mcpConfig: any = { mcpServers: { } };
   mcpConfig.mcpServers[serverBackendFactory.nameInConfig] = {
diff --git a/tests/mcp/mdb.spec.ts b/tests/mcp/mdb.spec.ts
@@ -156,6 +156,26 @@ test('reset on pause tools', async () => {
   await mdbClient.close();
 });
 
+test('mdb has unguessable url', async () => {
+  let firstPathname: string | undefined;
+  let secondPathname: string | undefined;
+  {
+    const { mdbUrl } = await startMDBAndCLI();
+    firstPathname = new URL(mdbUrl).pathname;
+    const mdbClient = await createMDBClient(mdbUrl);
+    await mdbClient.close();
+  }
+  {
+    const { mdbUrl } = await startMDBAndCLI();
+    secondPathname = new URL(mdbUrl).pathname;
+    const mdbClient = await createMDBClient(mdbUrl);
+    await mdbClient.close();
+  }
+  expect(firstPathname.length).toBe(37);
+  expect(secondPathname.length).toBe(37);
+  expect(firstPathname).not.toBe(secondPathname);
+});
+
 async function startMDBAndCLI(): Promise<{ mdbUrl: string, log: string[] }> {
   const mdbUrlBox = { mdbUrl: undefined as string | undefined };
   const log: string[] = [];
