[Bug]: Duplicate Gateway Registration with Equivalent URLs Bypasses Uniqueness Check #649
Description
🐞 Bug Summary
Currently, when registering a gateway, the system enforces uniqueness based on the exact string match of the URL. As expected, if a user attempts to register a gateway with an identical URL (e.g., http://localhost:8000/sse), a Database IntegrityError is raised.
However, the system does not account for semantically equivalent URLs—such as http://localhost:8000/sse and http://127.0.0.1:8000/sse. Although these URLs resolve to the same MCP server, they are treated as distinct strings, and both registrations are allowed.
This behavior results in duplicate entries pointing to the same server, which can lead to unexpected behavior during gateway communication and management.
🧩 Affected Component
Select the area of the project impacted:
-
mcpgateway- API -
mcpgateway- UI (admin panel)
🔁 Steps to Reproduce
- Register a gateway with the URL: http://localhost:8000/sse
- Register a second gateway with the URL: http://127.0.0.1:8000/sse
- Both registrations succeed, despite targeting the same server.
🤔 Expected Behavior
The system should detect and prevent registration of duplicate gateways that resolve to the same endpoint, even if the URL strings differ. This can be addressed through URL normalization or resolution before enforcing uniqueness.
**Recommendation: **
Introduce URL normalization or canonicalization before storing or comparing gateway URLs. Possible approaches include:
- Resolving hostnames to IP addresses
- Enforcing consistent hostname usage
🧠 Environment Info
You can retrieve most of this from the /version endpoint.
| Key | Value |
|---|---|
| Version or commit | e.g. v0.9.0 or main@a1b2c3d |
| Runtime | e.g. Python 3.11, Gunicorn |
| Platform / OS | e.g. Ubuntu 22.04, macOS |
| Container | e.g. Docker, Podman, none |
🧩 Additional Context (optional)
Add any configuration details, flags, or related issues.