Since this Software Statement is essentially a Bearer Token it would allow any running process on localhost to present itself as a legitimate client. It is a common risk in all these flows when dealing with localhost.

Since this Software Statement is essentially a Bearer Token it would allow any running process on localhost to present itself as a legitimate client. It is a common risk in all these flows when dealing with localhost.


_Originally posted by @JohnBergant in https://github.com/modelcontextprotocol/modelcontextprotocol/issues/1032#issuecomment-3618901377_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Since this Software Statement is essentially a Bearer Token it would allow any running process on localhost to present itself as a legitimate client. It is a common risk in all these flows when dealing with localhost. #64

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Since this Software Statement is essentially a Bearer Token it would allow any running process on localhost to present itself as a legitimate client. It is a common risk in all these flows when dealing with localhost. #64

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions