fix: validate URL

idosal · idosal · commit b7c994dfdd94 · 2025-07-10T23:46:39.000+03:00
diff --git a/README.md b/README.md
@@ -52,7 +52,7 @@ The primary payload returned from the server to the client is the `UIResource`:
 interface UIResource {
   type: 'resource';
   resource: {
-    uri: string;       // ui://component/id
+    uri: string;       // e.g., ui://component/id
     mimeType: 'text/html' | 'text/uri-list' | 'application/vnd.mcp-ui.remote-dom'; // text/html for HTML content, text/uri-list for URL content, application/vnd.mcp-ui.remote-dom for remote-dom content (Javascript)
     text?: string;      // Inline HTML, external URL, or remote-dom script
     blob?: string;      // Base64-encoded HTML, URL, or remote-dom script
@@ -63,7 +63,7 @@ interface UIResource {
 * **`uri`**: Unique identifier for caching and routing
   * `ui://…` — UI resources (rendering method determined by mimeType)
 * **`mimeType`**: `text/html` for HTML content (iframe srcDoc), `text/uri-list` for URL content (iframe src), `application/vnd.mcp-ui.remote-dom` for remote-dom content (Javascript)
-  * **MCP-UI requires a single URL**: While `text/uri-list` format supports multiple URLs, MCP-UI uses only the first valid URL and logs others
+  * **MCP-UI requires a single URL**: While `text/uri-list` format supports multiple URLs, MCP-UI uses only the first valid `http/s` URL and warns if additional URLs are found
 * **`text` vs. `blob`**: Choose `text` for simple strings; use `blob` for larger or encoded content.
 
 ### Resource Renderer
@@ -96,7 +96,7 @@ Rendered using the `<HTMLResourceRenderer />` component, which displays content
 
 *   **`mimeType`**:
     *   `text/html`: Renders inline HTML content.
-    *   `text/uri-list`: Renders an external URL. MCP-UI uses the first valid URL.
+    *   `text/uri-list`: Renders an external URL. MCP-UI uses the first valid `http/s` URL.
 
 #### Remote DOM (`application/vnd.mcp-ui.remote-dom`)
 
diff --git a/docs/src/guide/client/html-resource.md b/docs/src/guide/client/html-resource.md
@@ -36,7 +36,7 @@ The component accepts the following props:
 2.  **Handles URI Schemes**:
     - For resources with `mimeType: 'text/uri-list'`:
       - Expects `resource.text` or `resource.blob` to contain a single URL in URI list format
-      - **MCP-UI requires a single URL**: While the format supports multiple URLs, only the first valid URL is used
+      - **MCP-UI requires a single URL**: While the format supports multiple URLs, only the first valid `http/s` URL is used
       - Multiple URLs are supported for fallback specification but will trigger warnings
       - Ignores comment lines starting with `#` and empty lines
       - If using `blob`, it decodes it from Base64.
diff --git a/docs/src/guide/protocol-details.md b/docs/src/guide/protocol-details.md
@@ -40,7 +40,7 @@ export interface UIResource {
 
 ## URI List Format Support
 
-When using `mimeType: 'text/uri-list'`, the content follows the standard URI list format (RFC 2483). However, **MCP-UI requires a single URL** for rendering.
+When using `mimeType: 'text/uri-list'`, the content follows the standard URI list format (RFC 2483). However, **MCP-UI requires a single URL** for rendering. For security reasons, the protocol must be `http/s`.
 
 - **Single URL Requirement**: MCP-UI will use only the first valid URL found
 - **Multiple URLs**: If multiple URLs are provided, the client will use the first valid URL and log a warning about the ignored alternatives
diff --git a/packages/client/README.md b/packages/client/README.md
@@ -52,7 +52,7 @@ The primary payload returned from the server to the client is the `UIResource`:
 interface UIResource {
   type: 'resource';
   resource: {
-    uri: string;       // ui://component/id
+    uri: string;       // e.g., ui://component/id
     mimeType: 'text/html' | 'text/uri-list' | 'application/vnd.mcp-ui.remote-dom'; // text/html for HTML content, text/uri-list for URL content, application/vnd.mcp-ui.remote-dom for remote-dom content (Javascript)
     text?: string;      // Inline HTML, external URL, or remote-dom script
     blob?: string;      // Base64-encoded HTML, URL, or remote-dom script
@@ -63,7 +63,7 @@ interface UIResource {
 * **`uri`**: Unique identifier for caching and routing
   * `ui://…` — UI resources (rendering method determined by mimeType)
 * **`mimeType`**: `text/html` for HTML content (iframe srcDoc), `text/uri-list` for URL content (iframe src), `application/vnd.mcp-ui.remote-dom` for remote-dom content (Javascript)
-  * **MCP-UI requires a single URL**: While `text/uri-list` format supports multiple URLs, MCP-UI uses only the first valid URL and logs others
+  * **MCP-UI requires a single URL**: While `text/uri-list` format supports multiple URLs, MCP-UI uses only the first valid `http/s` URL and warns if additional URLs are found
 * **`text` vs. `blob`**: Choose `text` for simple strings; use `blob` for larger or encoded content.
 
 ### Resource Renderer
@@ -96,7 +96,7 @@ Rendered using the `<HTMLResourceRenderer />` component, which displays content
 
 *   **`mimeType`**:
     *   `text/html`: Renders inline HTML content.
-    *   `text/uri-list`: Renders an external URL. MCP-UI uses the first valid URL.
+    *   `text/uri-list`: Renders an external URL. MCP-UI uses the first valid `http/s` URL.
 
 #### Remote DOM (`application/vnd.mcp-ui.remote-dom`)
 
diff --git a/packages/client/src/utils/__tests__/processResource.test.ts b/packages/client/src/utils/__tests__/processResource.test.ts
@@ -0,0 +1,74 @@
+import { describe, it, expect } from 'vitest';
+import { processHTMLResource } from '../processResource';
+
+describe('text/uri-list', () => {
+  it('should process a valid https URL', () => {
+    const resource = {
+      mimeType: 'text/uri-list',
+      text: 'https://example.com',
+    };
+    const result = processHTMLResource(resource);
+    expect(result.error).toBeUndefined();
+    expect(result.iframeSrc).toBe('https://example.com');
+    expect(result.iframeRenderMode).toBe('src');
+  });
+
+  it('should process a valid http URL', () => {
+    const resource = {
+      mimeType: 'text/uri-list',
+      text: 'http://example.com',
+    };
+    const result = processHTMLResource(resource);
+    expect(result.error).toBeUndefined();
+    expect(result.iframeSrc).toBe('http://example.com');
+    expect(result.iframeRenderMode).toBe('src');
+  });
+
+  it('should return an error for an invalid URL (javascript:alert)', () => {
+    const resource = {
+      mimeType: 'text/uri-list',
+      text: 'javascript:alert("pwned")',
+    };
+    const result = processHTMLResource(resource);
+    expect(result.error).toBe('No valid URLs found in uri-list content.');
+    expect(result.iframeSrc).toBeUndefined();
+  });
+
+  it('should return an error for a blob URL', () => {
+    const resource = {
+      mimeType: 'text/uri-list',
+      text: 'blob:https://example.com/some-uuid',
+    };
+    const result = processHTMLResource(resource);
+    expect(result.error).toBe('No valid URLs found in uri-list content.');
+    expect(result.iframeSrc).toBeUndefined();
+  });
+
+  it('should extract the first valid URL from a list', () => {
+    const resource = {
+      mimeType: 'text/uri-list',
+      text: '# comment\ninvalid-url\nhttps://first-valid.com\nhttps://second-valid.com',
+    };
+    const result = processHTMLResource(resource);
+    expect(result.error).toBeUndefined();
+    expect(result.iframeSrc).toBe('https://first-valid.com');
+  });
+
+  it('should handle empty or commented-out content', () => {
+    const resource = {
+      mimeType: 'text/uri-list',
+      text: '# just a comment\n# another comment',
+    };
+    const result = processHTMLResource(resource);
+    expect(result.error).toBe('No valid URLs found in uri-list content.');
+  });
+
+  it('should return error for content with no valid URLs', () => {
+    const resource = {
+      mimeType: 'text/uri-list',
+      text: 'just-some-string\nanother-string',
+    };
+    const result = processHTMLResource(resource);
+    expect(result.error).toBe('No valid URLs found in uri-list content.');
+  });
+}); 
diff --git a/packages/client/src/utils/processResource.ts b/packages/client/src/utils/processResource.ts
@@ -7,6 +7,17 @@ type ProcessResourceResult = {
   htmlString?: string;
 };
 
+function isValidHttpUrl(string: string): boolean {
+  let url;
+  try {
+    url = new URL(string);
+  } catch (e) {
+    console.error('Error parsing URL:', e);
+    return false;
+  }
+  return url.protocol === 'http:' || url.protocol === 'https:';
+}
+
 export function processHTMLResource(resource: Partial<Resource>): ProcessResourceResult {
   if (resource.mimeType !== 'text/html' && resource.mimeType !== 'text/uri-list') {
     return {
@@ -51,7 +62,7 @@ export function processHTMLResource(resource: Partial<Resource>): ProcessResourc
     const lines = urlContent
       .split('\n')
       .map((line) => line.trim())
-      .filter((line) => line && !line.startsWith('#'));
+      .filter((line) => line && !line.startsWith('#') && isValidHttpUrl(line));
 
     if (lines.length === 0) {
       return {
diff --git a/packages/server/README.md b/packages/server/README.md
@@ -52,7 +52,7 @@ The primary payload returned from the server to the client is the `UIResource`:
 interface UIResource {
   type: 'resource';
   resource: {
-    uri: string;       // ui://component/id
+    uri: string;       // e.g., ui://component/id
     mimeType: 'text/html' | 'text/uri-list' | 'application/vnd.mcp-ui.remote-dom'; // text/html for HTML content, text/uri-list for URL content, application/vnd.mcp-ui.remote-dom for remote-dom content (Javascript)
     text?: string;      // Inline HTML, external URL, or remote-dom script
     blob?: string;      // Base64-encoded HTML, URL, or remote-dom script
@@ -63,7 +63,7 @@ interface UIResource {
 * **`uri`**: Unique identifier for caching and routing
   * `ui://…` — UI resources (rendering method determined by mimeType)
 * **`mimeType`**: `text/html` for HTML content (iframe srcDoc), `text/uri-list` for URL content (iframe src), `application/vnd.mcp-ui.remote-dom` for remote-dom content (Javascript)
-  * **MCP-UI requires a single URL**: While `text/uri-list` format supports multiple URLs, MCP-UI uses only the first valid URL and logs others
+  * **MCP-UI requires a single URL**: While `text/uri-list` format supports multiple URLs, MCP-UI uses only the first valid `http/s` URL and warns if additional URLs are found
 * **`text` vs. `blob`**: Choose `text` for simple strings; use `blob` for larger or encoded content.
 
 ### Resource Renderer
@@ -96,7 +96,7 @@ Rendered using the `<HTMLResourceRenderer />` component, which displays content
 
 *   **`mimeType`**:
     *   `text/html`: Renders inline HTML content.
-    *   `text/uri-list`: Renders an external URL. MCP-UI uses the first valid URL.
+    *   `text/uri-list`: Renders an external URL. MCP-UI uses the first valid `http/s` URL.
 
 #### Remote DOM (`application/vnd.mcp-ui.remote-dom`)
 
