LibreChat/client
Dustin Healy 87341c67c0 fix(mcp): carry apps flag through the request resolver and canonicalize resource-read auth
resolveMCPAllowlists now returns appsEnabled from the merged tenant-scoped config, so a
tenant/role/user override of mcpSettings.apps reaches the registry's per-request resolution and
callTool attaches no UI resource for users whose tenant disabled apps.

Authorize app-driven resource reads in the canonical (fully percent-decoded) space the server
resolves and reject any relative path segment, so a percent-encoded traversal such as %2e%2e%2f can
no longer match an advertised template. Exact resources/list matches are unaffected.

Trim narrating comments across the MCP Apps changes so the code is self-documenting.
2026-06-29 00:52:58 -07:00
..
public chore(mcp): loosen csp safety so threejs mcp apps official demo server can run 2026-06-25 22:56:54 -07:00
scripts
src fix(mcp): carry apps flag through the request resolver and canonicalize resource-read auth 2026-06-29 00:52:58 -07:00
sw
test
babel.config.cjs
check_updates.sh
index.html
jest.config.cjs
nginx.conf
package.json refactor: replace @mcp-ui/client with @modelcontextprotocol/ext-apps/app-bridge 2026-06-23 13:55:56 -07:00
postcss.config.cjs
tailwind.config.cjs
tsconfig.json
vite.config.ts