MCPcopy Index your code
hub / github.com/simstudioai/sim / hasEnvVarInHostname

Function hasEnvVarInHostname

apps/sim/lib/mcp/domain-check.ts:53–67  ·  view source on GitHub ↗

* Returns true if the URL's hostname contains an env var reference, * meaning domain validation must be deferred until env var resolution. * Only bypasses validation when the hostname itself is unresolvable — * env vars in the path/query do NOT bypass the domain check.

(url: string)

Source from the content-addressed store, hash-verified

51 * env vars in the path/query do NOT bypass the domain check.
52 */
53function hasEnvVarInHostname(url: string): boolean {
54 // If the entire URL is an env var reference, hostname is unknown
55 if (url.trim().replace(createEnvVarPattern(), '').trim() === '') return true
56 try {
57 // Extract the authority portion (between :// and the first /, ?, or # per RFC 3986)
58 const protocolEnd = url.indexOf('://')
59 if (protocolEnd === -1) return createEnvVarPattern().test(url)
60 const afterProtocol = url.substring(protocolEnd + 3)
61 const authorityEnd = afterProtocol.search(/[/?#]/)
62 const authority = authorityEnd === -1 ? afterProtocol : afterProtocol.substring(0, authorityEnd)
63 return createEnvVarPattern().test(authority)
64 } catch {
65 return createEnvVarPattern().test(url)
66 }
67}
68
69/**
70 * Returns true if the URL's domain is allowed (or no restriction is configured).

Callers 3

isMcpDomainAllowedFunction · 0.70
validateMcpDomainFunction · 0.70
validateMcpServerSsrfFunction · 0.70

Calls 3

createEnvVarPatternFunction · 0.90
testMethod · 0.80
replaceMethod · 0.65

Tested by

no test coverage detected