mcp: add case senstive tests to the parser (#43463)

<!--
!!!ATTENTION!!!

If you are fixing *any* crash or *any* potential security issue, *do
not*
open a pull request in this repo. Please report the issue via emailing
envoy-security@googlegroups.com where the issue will be triaged
appropriately.
Thank you in advance for helping to keep Envoy secure.

!!!ATTENTION!!!

For an explanation of how to fill out the fields, please see the
relevant section
in
[PULL_REQUESTS.md](https://github.com/envoyproxy/envoy/blob/main/PULL_REQUESTS.md)

!!!ATTENTION!!!

Please check the [use of generative AI
policy](https://github.com/envoyproxy/envoy/blob/main/CONTRIBUTING.md?plain=1#L41).

You may use generative AI only if you fully understand the code. You
need to disclose
this usage in the PR description to ensure transparency.
-->

verify that a potential smuggling is not the problem.

```
{
  "jsonrpc": "2.0",
  "method": "tools/call",
  "params": {
    "name": "backend__greet",
    "Name": "backend__secretTool",  // ← different casing
    "arguments": {"name": "Exploit"}
  }
  ```

#39174 

Commit Message:
Additional Description:
Risk Level:
Testing:
Docs Changes:
Release Notes:
Platform Specific Features:
[Optional Runtime guard:]
[Optional Fixes #Issue]
[Optional Fixes commit #PR or SHA]
[Optional Deprecated:]
[Optional [API Considerations](https://github.com/envoyproxy/envoy/blob/main/api/review_checklist.md):]

Signed-off-by: Boteng Yao <boteng@google.com>

Author: botengyao

test/extensions/filters/http/mcp/mcp_json_parser_test.cc

@@ -1498,6 +1498,90 @@ TEST(McpParserConfigTest, MethodGroupEmptyGroupFallsBackToBuiltIn) {
   EXPECT_EQ(config.getMethodGroup("tools/call"), "tool");
 }
 
+// Case sensitivity tests: verify key confusion attacks (e.g., "name" vs "Name") are prevented.
+// Wrong-cased top-level fields ("Jsonrpc", "Method") should not be recognized.
+TEST_F(McpJsonParserTest, CaseSensitiveTopLevelFieldsAreIgnored) {
+  std::string json = R"({
+    "Jsonrpc": "2.0",
+    "Method": "tools/call",
+    "Id": 1,
+    "params": {"name": "calculator"}
+  })";
+
+  EXPECT_OK(parser_->parse(json));
+  auto finish_status = parser_->finishParse();
+
+  EXPECT_FALSE(parser_->isValidMcpRequest());
+  EXPECT_EQ(parser_->getMethod(), "");
+}
+
+// Both "method" and "Method" present — only lowercase "method" should be used.
+TEST_F(McpJsonParserTest, CaseSensitiveMethodFieldOnlyLowercaseRecognized) {
+  std::string json = R"({
+    "jsonrpc": "2.0",
+    "method": "tools/call",
+    "Method": "resources/read",
+    "params": {"name": "calculator"},
+    "id": 1
+  })";
+
+  parseJson(json);
+
+  EXPECT_TRUE(parser_->isValidMcpRequest());
+  EXPECT_EQ(parser_->getMethod(), Methods::TOOLS_CALL);
+}
+
+// Both "name" and "Name" in params — only lowercase "name" should be extracted.
+TEST_F(McpJsonParserTest, CaseSensitiveParamsNameKeyConfusionAttack) {
+  std::string json = R"({
+    "jsonrpc": "2.0",
+    "method": "tools/call",
+    "params": {
+      "name": "allowed_tool",
+      "Name": "restricted_secret_tool",
+      "arguments": {"input": "data"}
+    },
+    "id": 3
+  })";
+
+  parseJson(json);
+
+  EXPECT_TRUE(parser_->isValidMcpRequest());
+  EXPECT_EQ(parser_->getMethod(), Methods::TOOLS_CALL);
+
+  const auto* name_value = parser_->getNestedValue("params.name");
+  ASSERT_NE(name_value, nullptr);
+  EXPECT_EQ(name_value->string_value(), "allowed_tool");
+
+  // "params.Name"will not be extracted.
+  const auto* upper_name_value = parser_->getNestedValue("params.Name");
+  EXPECT_EQ(upper_name_value, nullptr);
+}
+
+// "Params" vs "params" — only the correctly-cased "params" object is used.
+TEST_F(McpJsonParserTest, CaseSensitiveParamsObjectKeyConfusion) {
+  std::string json = R"({
+    "jsonrpc": "2.0",
+    "method": "tools/call",
+    "Params": {
+      "name": "spoofed_tool"
+    },
+    "params": {
+      "name": "real_tool"
+    },
+    "id": 1
+  })";
+
+  parseJson(json);
+
+  EXPECT_TRUE(parser_->isValidMcpRequest());
+  EXPECT_EQ(parser_->getMethod(), Methods::TOOLS_CALL);
+
+  const auto* name_value = parser_->getNestedValue("params.name");
+  ASSERT_NE(name_value, nullptr);
+  EXPECT_EQ(name_value->string_value(), "real_tool");
+}
+
 } // namespace
 } // namespace Mcp
 } // namespace HttpFilters