Yuan Teoh d00b6fdf18 chore: update host validation error to 403 (#2306) ...

Update error code from 400 to 403 according to MCP
[updates](https://github.com/modelcontextprotocol/modelcontextprotocol/pull/1439)
for invalid origin header.

Also updated hostCheck to only check host, not port.

To test, run Toolbox with the following (also work with port number e.g.
`--allowed-host=127.0.0.1:5000`):
```
go run . --allowed-hosts=127.0.0.1 
```

Test with the following:
```
// curl successfully
curl -H "Host: 127.0.0.1:5000" http://127.0.0.1:5000

// curl successfully
curl -H "Host: 127.0.0.1:3000" http://127.0.0.1:5000

// will show Invalid Host Header error
curl -H "Host: attacker:5000" http://127.0.0.1:5000
```

2026-01-15 21:09:40 +00:00

..

auth

chore: embed Config into Auth (#1865)

2025-11-13 16:37:23 -08:00

embeddingmodels

feat(tools/postgressql): Add Parameter embeddedBy config support (#2151)

2026-01-06 17:54:43 -05:00

log

fix: fix spellings in comments (#561)

2025-05-13 21:09:37 +00:00

prebuiltconfigs

feat(prebuilt/cloud-sql): Add create backup tool for Cloud SQL (#2141)

2026-01-14 22:55:11 +00:00

prompts

chore: update toolset and promptset initialize failure log (#2039)

2025-11-27 17:41:16 +00:00

server

chore: update host validation error to 403 (#2306)

2026-01-15 21:09:40 +00:00

sources

feat(prebuilt/cloud-sql): Add create backup tool for Cloud SQL (#2141)

2026-01-14 22:55:11 +00:00

telemetry

chore(deps): update otel dependencies (#1954)

2025-11-14 10:04:08 -08:00

testutils

feat: add the Gemini Data Analytics (GDA) integration for DB NL2SQL conversion to Toolbox (#2181)

2025-12-18 09:58:46 -08:00

tools

refactor(tools/cloudgda)!: update description and parameter name for cloudgda tool (#2288)

2026-01-14 23:54:43 +00:00

util

feat: add default value to manifest (#2264)

2026-01-08 20:53:45 +00:00