Reject origins except for /tidewave

Author: josevalim

lib/tidewave/middleware.rb

@@ -20,6 +20,8 @@ class Tidewave::Middleware
     If you really want to allow remote connections, set `config.tidewave.allow_remote_access = true`.
   TEXT
 
+  INVALID_ORIGIN = "For security reasons, Tidewave does not accept requests with an origin header for this endpoint.".freeze
+
   def initialize(app, config)
     @allow_remote_access = config.allow_remote_access
     @client_url = config.client_url
@@ -55,6 +57,7 @@ def call(env)
 
     if path[0] == TIDEWAVE_ROUTE
       return forbidden(INVALID_IP) unless valid_client_ip?(request)
+      return forbidden(INVALID_ORIGIN) if request.get_header("HTTP_ORIGIN") && path != [ TIDEWAVE_ROUTE ]
 
       # The MCP routes are handled downstream by FastMCP
       case [ request.request_method, path ]

spec/middleware_spec.rb

@@ -164,6 +164,30 @@ def app
     end
   end
 
+  describe "Origin header validation" do
+    it "allows requests with Origin header to /tidewave" do
+      get "/tidewave", {}, { "HTTP_ORIGIN" => "http://example.com" }
+      expect(last_response.status).to eq(200)
+    end
+
+    it "rejects requests with Origin header to /tidewave/mcp" do
+      get "/tidewave/mcp", {}, { "HTTP_ORIGIN" => "http://example.com" }
+      expect(last_response.status).to eq(403)
+      expect(last_response.body).to include("Tidewave does not accept requests with an origin header for this endpoint")
+    end
+
+    it "rejects requests with Origin header to /tidewave/config" do
+      get "/tidewave/config", {}, { "HTTP_ORIGIN" => "http://example.com" }
+      expect(last_response.status).to eq(403)
+      expect(last_response.body).to include("Tidewave does not accept requests with an origin header for this endpoint")
+    end
+
+    it "allows requests without Origin header to /tidewave/config" do
+      get "/tidewave/config"
+      expect(last_response.status).to eq(200)
+    end
+  end
+
   describe "edge cases" do
     it "handles trailing slashes" do
       get "/tidewave/"