862868f284
Support `allowed-origins` flag to allow secure deployment of Toolbox.
Current Toolbox is **insecure by default**, which allows all origin
(`*`). This PR also updated docs to notify user of the new
`allowed-origins` flag in the Cloud Run, kubernetes, and docker
deployment docs.
This PR was tested manually by mocking a browser access:
1. Created a HTML file with Javascript fetch named
`malicious-client.html`:
```
<!DOCTYPE html>
<html>
<head>
<title>Malicious CORS Test</title>
</head>
<body>
<h1>Attempting to access API at http://127.0.0.1:5000/mcp</h1>
<p>Check the **Chrome Developer Console** (F12 -> Console tab) for the result.</p>
<script>
fetch('http://127.0.0.1:5000/mcp', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
// The browser automatically adds the 'Origin' header based on where this HTML is served from (http://localhost:8000)
},
body: JSON.stringify({
"jsonrpc": "2.0",
"id": 1,
"method": "tools/list"
})
})
.then(response => {
console.log('Success (but check console for CORS enforcement details):', response);
return response.json();
})
.then(data => console.log('Data received (only if CORS passes):', data))
.catch(error => console.error('Fetch Error:', error));
</script>
</body>
</html>
```
2. Run `python3 -m http.server 8000`
3. Open `http://localhost:8000/malicious-client.html` in browser.
4. Tried without `--allowed-origins` flag -- success.
Tried with `--allowed-origins=http://localhost:8000` -- success.
Tried with `--allowed-origins=http://foo.com` -- unsuccessful.
---------
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Averi Kitsch <akitsch@google.com>
3.1 KiB
title, type, weight, description
| title | type | weight | description |
|---|---|---|---|
| Deploy using Docker Compose | docs | 4 | How to deploy Toolbox using Docker Compose. |
Before you begin
Configure tools.yaml file
Create a tools.yaml file that contains your configuration for Toolbox. For
details, see the
configuration
section.
Deploy using Docker Compose
- Create a
docker-compose.ymlfile, customizing as needed:
services:
toolbox:
# TODO: It is recommended to pin to a specific image version instead of latest.
image: us-central1-docker.pkg.dev/database-toolbox/toolbox/toolbox:latest
hostname: toolbox
platform: linux/amd64
ports:
- "5000:5000"
volumes:
- ./config:/config
command: [ "toolbox", "--tools-file", "/config/tools.yaml", "--address", "0.0.0.0"]
depends_on:
db:
condition: service_healthy
networks:
- tool-network
db:
# TODO: It is recommended to pin to a specific image version instead of latest.
image: postgres
hostname: db
environment:
POSTGRES_USER: toolbox_user
POSTGRES_PASSWORD: my-password
POSTGRES_DB: toolbox_db
ports:
- "5432:5432"
volumes:
- ./db:/var/lib/postgresql/data
# This file can be used to bootstrap your schema if needed.
# See "initialization scripts" on https://hub.docker.com/_/postgres/ for more info
- ./config/init.sql:/docker-entrypoint-initdb.d/init.sql
healthcheck:
test: ["CMD-SHELL", "pg_isready -U toolbox_user -d toolbox_db"]
interval: 10s
timeout: 5s
retries: 5
networks:
- tool-network
networks:
tool-network:
{{< notice tip >}}
To prevent DNS rebinding attack, use the --allowed-origins flag to specify a
list of origins permitted to access the server. E.g. command: [ "toolbox", "--tools-file", "/config/tools.yaml", "--address", "0.0.0.0", "--allowed-origins", "https://foo.bar"]
{{< /notice >}}
-
Run the following command to bring up the Toolbox and Postgres instance
docker-compose up -d
{{< notice tip >}}
You can use this setup to quickly set up Toolbox + Postgres to follow along in our Quickstart
{{< /notice >}}
Connecting with Toolbox Client SDK
Next, we will use Toolbox with the Client SDKs:
-
The url for the Toolbox server running using docker-compose will be:
http://localhost:5000 -
Import and initialize the client with the URL:
{{< tabpane persist=header >}} {{< tab header="LangChain" lang="Python" >}} from toolbox_langchain import ToolboxClient
Replace with the cloud run service URL generated above
async with ToolboxClient("http://$YOUR_URL") as toolbox: {{< /tab >}} {{< tab header="Llamaindex" lang="Python" >}} from toolbox_llamaindex import ToolboxClient
Replace with the cloud run service URL generated above
async with ToolboxClient("http://$YOUR_URL") as toolbox: {{< /tab >}} {{< /tabpane >}}