fix: strip port from host

hugodutka · hugodutka · commit 8f2d898aae10 · 2025-08-08T20:08:23.000+02:00
diff --git a/README.md b/README.md
@@ -80,7 +80,7 @@ There are 4 endpoints:
 
 #### Allowed hosts
 
-By default, the server only allows requests with the host header set to localhost:3284. If you'd like to host AgentAPI elsewhere, you can change this by using the `AGENTAPI_ALLOWED_HOSTS` environment variable or the `--allowed-hosts` flag.
+By default, the server only allows requests with the host header set to `localhost`. If you'd like to host AgentAPI elsewhere, you can change this by using the `AGENTAPI_ALLOWED_HOSTS` environment variable or the `--allowed-hosts` flag. Hosts must be hostnames only (no ports); the server ignores the port portion of incoming requests when authorizing.
 
 To allow requests from any host, use `*` as the allowed host.
 
diff --git a/cmd/server/server.go b/cmd/server/server.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"log/slog"
 	"net/http"
+	"net/url"
 	"os"
 	"sort"
 	"strings"
@@ -59,10 +60,63 @@ func parseAgentType(firstArg string, agentTypeVar string) (AgentType, error) {
 	return AgentTypeCustom, nil
 }
 
-// Validate allowed hosts or origins don't contain whitespace or commas.
+// Validate allowed hosts don't contain whitespace, commas, schemes, or ports.
 // Viper/Cobra use different separators (space for env vars, comma for flags),
 // so these characters likely indicate user error.
-func validateAllowedHostsOrOrigins(input []string) error {
+func validateAllowedHosts(input []string) error {
+	if len(input) == 0 {
+		return fmt.Errorf("the list must not be empty")
+	}
+	// First pass: whitespace & comma checks (surface these errors first)
+	for _, item := range input {
+		for _, r := range item {
+			if unicode.IsSpace(r) {
+				return fmt.Errorf("'%s' contains whitespace characters, which are not allowed", item)
+			}
+		}
+		if strings.Contains(item, ",") {
+			return fmt.Errorf("'%s' contains comma characters, which are not allowed", item)
+		}
+	}
+	// Second pass: scheme check
+	for _, item := range input {
+		if strings.Contains(item, "http://") || strings.Contains(item, "https://") {
+			return fmt.Errorf("'%s' must not include http:// or https://", item)
+		}
+	}
+	// Third pass: port check (but allow IPv6 literals without ports)
+	for _, item := range input {
+		trimmed := strings.TrimSpace(item)
+		colonCount := strings.Count(trimmed, ":")
+		// If bracketed, rely on url.Parse to detect a port in "]:<port>" form.
+		if strings.HasPrefix(trimmed, "[") {
+			if u, err := url.Parse("http://" + trimmed); err == nil {
+				if u.Port() != "" {
+					return fmt.Errorf("'%s' must not include a port", item)
+				}
+			}
+			continue
+		}
+		// Unbracketed IPv6: multiple colons and no brackets; treat as valid (no ports allowed here)
+		if colonCount >= 2 {
+			continue
+		}
+		// IPv4 or hostname: if URL parsing finds a port or there's a single colon, it's invalid
+		if u, err := url.Parse("http://" + trimmed); err == nil {
+			if u.Port() != "" {
+				return fmt.Errorf("'%s' must not include a port", item)
+			}
+		}
+		if colonCount == 1 {
+			return fmt.Errorf("'%s' must not include a port", item)
+		}
+	}
+	return nil
+}
+
+// Validate allowed origins don't contain whitespace or commas.
+// Origins must include a scheme, validated later by the HTTP layer.
+func validateAllowedOrigins(input []string) error {
 	if len(input) == 0 {
 		return fmt.Errorf("the list must not be empty")
 	}
@@ -195,11 +249,11 @@ func CreateServerCmd() *cobra.Command {
 		Args:  cobra.MinimumNArgs(1),
 		PreRunE: func(cmd *cobra.Command, args []string) error {
 			allowedHosts := viper.GetStringSlice(FlagAllowedHosts)
-			if err := validateAllowedHostsOrOrigins(allowedHosts); err != nil {
+			if err := validateAllowedHosts(allowedHosts); err != nil {
 				return xerrors.Errorf("failed to validate allowed hosts: %w", err)
 			}
 			allowedOrigins := viper.GetStringSlice(FlagAllowedOrigins)
-			if err := validateAllowedHostsOrOrigins(allowedOrigins); err != nil {
+			if err := validateAllowedOrigins(allowedOrigins); err != nil {
 				return xerrors.Errorf("failed to validate allowed origins: %w", err)
 			}
 			return nil
@@ -225,8 +279,8 @@ func CreateServerCmd() *cobra.Command {
 		{FlagChatBasePath, "c", "/chat", "Base path for assets and routes used in the static files of the chat interface", "string"},
 		{FlagTermWidth, "W", uint16(80), "Width of the emulated terminal", "uint16"},
 		{FlagTermHeight, "H", uint16(1000), "Height of the emulated terminal", "uint16"},
-		// localhost:3284 is the default host for the server
-		{FlagAllowedHosts, "a", []string{"localhost:3284"}, "HTTP allowed hosts. Use '*' for all, comma-separated list via flag, space-separated list via AGENTAPI_ALLOWED_HOSTS env var", "stringSlice"},
+		// localhost is the default host for the server. Port is ignored during matching.
+		{FlagAllowedHosts, "a", []string{"localhost"}, "HTTP allowed hosts (hostnames only, no ports). Use '*' for all, comma-separated list via flag, space-separated list via AGENTAPI_ALLOWED_HOSTS env var", "stringSlice"},
 		// localhost:3284 is the default origin when you open the chat interface in your browser. localhost:3000 and 3001 are used during development.
 		{FlagAllowedOrigins, "o", []string{"http://localhost:3284", "http://localhost:3000", "http://localhost:3001"}, "HTTP allowed origins. Use '*' for all, comma-separated list via flag, space-separated list via AGENTAPI_ALLOWED_ORIGINS env var", "stringSlice"},
 	}
diff --git a/cmd/server/server_test.go b/cmd/server/server_test.go
@@ -155,7 +155,7 @@ func TestServerCmd_AllArgs_Defaults(t *testing.T) {
 		{"chat-base-path default", FlagChatBasePath, "/chat", func() any { return viper.GetString(FlagChatBasePath) }},
 		{"term-width default", FlagTermWidth, uint16(80), func() any { return viper.GetUint16(FlagTermWidth) }},
 		{"term-height default", FlagTermHeight, uint16(1000), func() any { return viper.GetUint16(FlagTermHeight) }},
-		{"allowed-hosts default", FlagAllowedHosts, []string{"localhost:3284"}, func() any { return viper.GetStringSlice(FlagAllowedHosts) }},
+		{"allowed-hosts default", FlagAllowedHosts, []string{"localhost"}, func() any { return viper.GetStringSlice(FlagAllowedHosts) }},
 		{"allowed-origins default", FlagAllowedOrigins, []string{"http://localhost:3284", "http://localhost:3000", "http://localhost:3001"}, func() any { return viper.GetStringSlice(FlagAllowedOrigins) }},
 	}
 
@@ -189,7 +189,7 @@ func TestServerCmd_AllEnvVars(t *testing.T) {
 		{"AGENTAPI_CHAT_BASE_PATH", "AGENTAPI_CHAT_BASE_PATH", "/api", "/api", func() any { return viper.GetString(FlagChatBasePath) }},
 		{"AGENTAPI_TERM_WIDTH", "AGENTAPI_TERM_WIDTH", "120", uint16(120), func() any { return viper.GetUint16(FlagTermWidth) }},
 		{"AGENTAPI_TERM_HEIGHT", "AGENTAPI_TERM_HEIGHT", "500", uint16(500), func() any { return viper.GetUint16(FlagTermHeight) }},
-		{"AGENTAPI_ALLOWED_HOSTS", "AGENTAPI_ALLOWED_HOSTS", "localhost:3284 localhost:3285", []string{"localhost:3284", "localhost:3285"}, func() any { return viper.GetStringSlice(FlagAllowedHosts) }},
+		{"AGENTAPI_ALLOWED_HOSTS", "AGENTAPI_ALLOWED_HOSTS", "localhost example.com", []string{"localhost", "example.com"}, func() any { return viper.GetStringSlice(FlagAllowedHosts) }},
 		{"AGENTAPI_ALLOWED_ORIGINS", "AGENTAPI_ALLOWED_ORIGINS", "https://example.com http://localhost:3000", []string{"https://example.com", "http://localhost:3000"}, func() any { return viper.GetStringSlice(FlagAllowedOrigins) }},
 	}
 
@@ -325,66 +325,110 @@ func TestServerCmd_AllowedHosts(t *testing.T) {
 		// Environment variable scenarios (space-separated format)
 		{
 			name:     "env: single valid host",
-			env:      map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost:3284"},
+			env:      map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost"},
 			args:     []string{},
-			expected: []string{"localhost:3284"},
+			expected: []string{"localhost"},
 		},
 		{
 			name:     "env: multiple valid hosts space-separated",
-			env:      map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost:3284 example.com 192.168.1.1:8080"},
+			env:      map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost example.com 192.168.1.1"},
 			args:     []string{},
-			expected: []string{"localhost:3284", "example.com", "192.168.1.1:8080"},
+			expected: []string{"localhost", "example.com", "192.168.1.1"},
 		},
 		{
 			name:     "env: host with tab",
-			env:      map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost:3284\texample.com"},
+			env:      map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost\texample.com"},
 			args:     []string{},
-			expected: []string{"localhost:3284", "example.com"},
+			expected: []string{"localhost", "example.com"},
 		},
 		{
 			name:        "env: host with comma (invalid)",
 			env:         map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost:3284,example.com"},
 			args:        []string{},
 			expectedErr: "contains comma characters",
 		},
+		{
+			name:        "env: host with port (invalid)",
+			env:         map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost:3284"},
+			args:        []string{},
+			expectedErr: "must not include a port",
+		},
+        {
+            name:     "env: ipv6 literal",
+            env:      map[string]string{"AGENTAPI_ALLOWED_HOSTS": "2001:db8::1"},
+            args:     []string{},
+            expected: []string{"2001:db8::1"},
+        },
+        {
+            name:     "env: ipv6 bracketed literal",
+            env:      map[string]string{"AGENTAPI_ALLOWED_HOSTS": "[2001:db8::1]"},
+            args:     []string{},
+            expected: []string{"[2001:db8::1]"},
+        },
+        {
+            name:        "env: ipv6 with port (invalid)",
+            env:         map[string]string{"AGENTAPI_ALLOWED_HOSTS": "[2001:db8::1]:443"},
+            args:        []string{},
+            expectedErr: "must not include a port",
+        },
 
 		// CLI flag scenarios (comma-separated format)
 		{
 			name:     "flag: single valid host",
-			args:     []string{"--allowed-hosts", "localhost:3284"},
-			expected: []string{"localhost:3284"},
+			args:     []string{"--allowed-hosts", "localhost"},
+			expected: []string{"localhost"},
 		},
 		{
 			name:     "flag: multiple valid hosts comma-separated",
-			args:     []string{"--allowed-hosts", "localhost:3284,example.com,192.168.1.1:8080"},
-			expected: []string{"localhost:3284", "example.com", "192.168.1.1:8080"},
+			args:     []string{"--allowed-hosts", "localhost,example.com,192.168.1.1"},
+			expected: []string{"localhost", "example.com", "192.168.1.1"},
 		},
 		{
 			name:     "flag: multiple valid hosts with multiple flags",
-			args:     []string{"--allowed-hosts", "localhost:3284", "--allowed-hosts", "example.com"},
-			expected: []string{"localhost:3284", "example.com"},
+			args:     []string{"--allowed-hosts", "localhost", "--allowed-hosts", "example.com"},
+			expected: []string{"localhost", "example.com"},
 		},
 		{
 			name:     "flag: host with newline",
-			args:     []string{"--allowed-hosts", "localhost:3284\n"},
-			expected: []string{"localhost:3284"},
+			args:     []string{"--allowed-hosts", "localhost\n"},
+			expected: []string{"localhost"},
 		},
 		{
 			name:        "flag: host with space in comma-separated list (invalid)",
 			args:        []string{"--allowed-hosts", "localhost:3284,example .com"},
 			expectedErr: "contains whitespace characters",
 		},
+		{
+			name:        "flag: host with port (invalid)",
+			args:        []string{"--allowed-hosts", "localhost:3284"},
+			expectedErr: "must not include a port",
+		},
+        {
+            name:     "flag: ipv6 literal",
+            args:     []string{"--allowed-hosts", "2001:db8::1"},
+            expected: []string{"2001:db8::1"},
+        },
+        {
+            name:     "flag: ipv6 bracketed literal",
+            args:     []string{"--allowed-hosts", "[2001:db8::1]"},
+            expected: []string{"[2001:db8::1]"},
+        },
+        {
+            name:        "flag: ipv6 with port (invalid)",
+            args:        []string{"--allowed-hosts", "[2001:db8::1]:443"},
+            expectedErr: "must not include a port",
+        },
 
 		// Mixed scenarios (env + flag precedence)
 		{
 			name:     "mixed: flag overrides env",
-			env:      map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost:8080"},
+			env:      map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost"},
 			args:     []string{"--allowed-hosts", "override.com"},
 			expected: []string{"override.com"},
 		},
 		{
 			name:        "mixed: flag overrides env but flag is invalid",
-			env:         map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost:8080"},
+			env:         map[string]string{"AGENTAPI_ALLOWED_HOSTS": "localhost"},
 			args:        []string{"--allowed-hosts", "invalid .com"},
 			expectedErr: "contains whitespace characters",
 		},
@@ -400,7 +444,7 @@ func TestServerCmd_AllowedHosts(t *testing.T) {
 		{
 			name:     "default hosts when neither env nor flag provided",
 			args:     []string{},
-			expected: []string{"localhost:3284"},
+			expected: []string{"localhost"},
 		},
 	}
 
diff --git a/lib/httpapi/server.go b/lib/httpapi/server.go
@@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"log/slog"
+	"net"
 	"net/http"
 	"net/url"
 	"slices"
@@ -82,7 +83,32 @@ func parseAllowedHosts(hosts []string) ([]string, error) {
 			return nil, xerrors.Errorf("host must not contain http:// or https://: %q", host)
 		}
 	}
-	return hosts, nil
+	// Normalize hosts to bare hostnames/IPs by stripping any port and brackets.
+	// This ensures allowed entries match the Host header hostname only.
+	normalized := make([]string, 0, len(hosts))
+	for _, raw := range hosts {
+		h := strings.TrimSpace(raw)
+		// If it's an IPv6 literal (possibly bracketed) without an obvious port, keep the literal.
+		unbracketed := strings.Trim(h, "[]")
+		if ip := net.ParseIP(unbracketed); ip != nil {
+			// It's an IP literal; use the bare form without brackets.
+			normalized = append(normalized, unbracketed)
+			continue
+		}
+		// If likely host:port (single colon) or bracketed host, use url.Parse to extract hostname.
+		if strings.Count(h, ":") == 1 || (strings.HasPrefix(h, "[") && strings.Contains(h, "]")) {
+			if u, err := url.Parse("http://" + h); err == nil {
+				hn := u.Hostname()
+				if hn != "" {
+					normalized = append(normalized, hn)
+					continue
+				}
+			}
+		}
+		// Fallback: use as-is (e.g., hostname without port)
+		normalized = append(normalized, h)
+	}
+	return normalized, nil
 }
 
 func parseAllowedOrigins(origins []string) ([]string, error) {
@@ -116,13 +142,14 @@ func NewServer(ctx context.Context, config ServerConfig) (*Server, error) {
 	}
 	logger.Info(fmt.Sprintf("Allowed origins: %s", strings.Join(allowedOrigins, ", ")))
 
-	secureMiddleware := secure.New(secure.Options{
-		AllowedHosts: allowedHosts,
-	})
+	// Enforce allowed hosts in a custom middleware that ignores the port during matching.
 	badHostHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, "Invalid host header. Allowed hosts: "+strings.Join(allowedHosts, ", "), http.StatusBadRequest)
 	})
-	secureMiddleware.SetBadHostHandler(badHostHandler)
+	router.Use(hostAuthorizationMiddleware(allowedHosts, badHostHandler))
+
+	// Keep other security headers/features; do not use AllowedHosts here as we handle it ourselves.
+	secureMiddleware := secure.New(secure.Options{})
 	router.Use(secureMiddleware.Handler)
 
 	corsMiddleware := cors.New(cors.Options{
@@ -174,6 +201,39 @@ func (s *Server) Handler() http.Handler {
 	return s.router
 }
 
+// hostAuthorizationMiddleware enforces that the request Host header matches one of the allowed
+// hosts, ignoring any port in the comparison. If allowedHosts is empty, all hosts are allowed.
+// Always uses url.Parse("http://" + r.Host) to robustly extract the hostname (handles IPv6).
+func hostAuthorizationMiddleware(allowedHosts []string, badHostHandler http.Handler) func(next http.Handler) http.Handler {
+	// Copy for safety; also build a map for O(1) lookups with case-insensitive keys.
+	allowed := make(map[string]struct{}, len(allowedHosts))
+	for _, h := range allowedHosts {
+		allowed[strings.ToLower(h)] = struct{}{}
+	}
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			if len(allowedHosts) == 0 { // wildcard semantics: allow all
+				next.ServeHTTP(w, r)
+				return
+			}
+			// Extract hostname from the Host header using url.Parse; ignore any port.
+			hostHeader := r.Host
+			if hostHeader == "" {
+				badHostHandler.ServeHTTP(w, r)
+				return
+			}
+			if u, err := url.Parse("http://" + hostHeader); err == nil {
+				hostname := u.Hostname()
+				if _, ok := allowed[strings.ToLower(hostname)]; ok {
+					next.ServeHTTP(w, r)
+					return
+				}
+			}
+			badHostHandler.ServeHTTP(w, r)
+		})
+	}
+}
+
 func (s *Server) StartSnapshotLoop(ctx context.Context) {
 	s.conversation.StartSnapshotLoop(ctx)
 	go func() {
diff --git a/lib/httpapi/server_test.go b/lib/httpapi/server_test.go
