Jason Woltje
c02d1d8974
All checks were successful
ci/woodpecker/push/build Pipeline was successful
FastMCP auto-enables DNS rebinding protection when host=127.0.0.1 (the default). Production requests from brain.woltje.com were rejected with 421 Invalid Host header because the allowed_hosts list was empty. Added MCP_ALLOWED_HOSTS config field (comma-separated). When set, DNS rebinding protection is enabled with those hosts; when empty, protection is disabled. Set MCP_ALLOWED_HOSTS=brain.woltje.com in Portainer stack env. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>