feat: private hostname guard for authenticated/private mode

Reject requests from unrecognised Host headers when running authenticated/private. Adds server middleware, CLI `allowed-hostname` command, config-schema field, and prompt support for configuring allowed hostnames during onboard/configure. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 19:43:52 -06:00
parent 076092685e
commit 85c0b9a3dc
15 changed files with 385 additions and 8 deletions
--- a/packages/shared/src/config-schema.ts
+++ b/packages/shared/src/config-schema.ts
@@ -35,6 +35,7 @@ export const serverConfigSchema = z.object({
  exposure: z.enum(DEPLOYMENT_EXPOSURES).default("private"),
  host: z.string().default("127.0.0.1"),
  port: z.number().int().min(1).max(65535).default(3100),
+  allowedHostnames: z.array(z.string().min(1)).default([]),
  serveUi: z.boolean().default(true),
 });