Skip to content

fix: normalize trailing slashes before length check in check_resource_allowed#2074

Merged
felixweinberger merged 1 commit intomainfrom
fweinberger/fix-check-resource-allowed
Feb 17, 2026
Merged

fix: normalize trailing slashes before length check in check_resource_allowed#2074
felixweinberger merged 1 commit intomainfrom
fweinberger/fix-check-resource-allowed

Conversation

@felixweinberger
Copy link
Contributor

@felixweinberger felixweinberger commented Feb 17, 2026

Motivation and Context

check_resource_allowed incorrectly rejected equivalent paths like /api vs /api/ because the length check ran before trailing slash normalization. For example, check_resource_allowed("https://example.com/api", "https://example.com/api/") returned False even though these should be equivalent.

This also caused redundant normalization in _validate_resource_match which worked around the bug.

Found during review of #2069 (v1.x backport).

How Has This Been Tested?

  • Existing test assertion flipped from False to True for the /api vs /api/ case
  • Full test suite passes with 100% branch coverage

Breaking Changes

None — this is a bug fix that makes the function more permissive.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Documentation
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

@felixweinberger
fix: normalize trailing slashes before length check in check_resource…
aa8f3e1 
…_allowed

The length check rejected equivalent paths like /api vs /api/ because
the trailing slash made the configured path longer. Move trailing slash
normalization before the comparison so paths differing only by a
trailing slash are treated as equivalent.

Also removes redundant normalization from _validate_resource_match
since check_resource_allowed now handles it correctly.
@felixweinberger felixweinberger marked this pull request as draft February 17, 2026 14:26
@felixweinberger felixweinberger mentioned this pull request Feb 17, 2026
Merged
9 tasks
@felixweinberger felixweinberger marked this pull request as ready for review February 17, 2026 14:30
@felixweinberger felixweinberger merged commit be5bb7c into main Feb 17, 2026
31 checks passed
@felixweinberger felixweinberger deleted the fweinberger/fix-check-resource-allowed branch February 17, 2026 14:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pcarleton pcarleton pcarleton approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@felixweinberger @pcarleton

Comments