Follow-up from #4908 (Origin header validation for DNS-rebind protection)
#4908 adds Origin-header validation to the CLI/proxyrunner path via the --allowed-origins flag and the origin middleware. The operator path is not yet covered: MCPServerSpec, MCPRemoteProxySpec, and VirtualMCPServerSpec have no allowedOrigins field, and operator-deployed pods bind to non-loopback addresses. As a result origin.ResolveAllowedOrigins returns nil and the middleware is skipped (with a WARN), so Kubernetes deployments currently ship with Origin validation disabled.
Scope
- Add an
allowedOrigins []string field to the workload CRDs (MCPServer / MCPRemoteProxy / VirtualMCPServer).
- Serialize it into the generated RunConfig so the proxyrunner pod's middleware chain enforces it.
- Regenerate CRDs/docs and add controller tests.
Context
Follow-up from #4908 (Origin header validation for DNS-rebind protection)
#4908 adds Origin-header validation to the CLI/proxyrunner path via the
--allowed-originsflag and theoriginmiddleware. The operator path is not yet covered:MCPServerSpec,MCPRemoteProxySpec, andVirtualMCPServerSpechave noallowedOriginsfield, and operator-deployed pods bind to non-loopback addresses. As a resultorigin.ResolveAllowedOriginsreturnsniland the middleware is skipped (with a WARN), so Kubernetes deployments currently ship with Origin validation disabled.Scope
allowedOrigins []stringfield to the workload CRDs (MCPServer / MCPRemoteProxy / VirtualMCPServer).Context