fix: enhance CORS handling to prevent DNS rebinding and reject prefli…

[schecthellraiser606]

Abstruct

No CORS headers: this server is accessed only by local MCP bridge
processes (not browsers). Omitting Access-Control-Allow-Origin
prevents malicious websites from making cross-origin requests.

Validate Origin header per MCP spec to prevent DNS rebinding. _check_origin

Per the MCP specification (Streamable HTTP - Security Warning):
servers MUST validate the Origin header on all incoming connections.
If the Origin header is present and invalid, servers MUST respond
with HTTP 403 Forbidden.

This server is only accessed by local MCP bridge processes which
do not send an Origin header. Any request carrying an Origin
header is from a browser and must be rejected.

Reject CORS preflight requests. do_OPTIONS

This server is accessed only by local MCP bridge processes, never
from a browser. Returning 403 ensures that any browser-initiated
preflight fails and the actual request is blocked.

[Copilot]

Pull request overview

This PR tightens the HTTP server’s browser-facing surface by removing permissive CORS behavior and explicitly rejecting browser-originated requests, aligning the server with an intended “local MCP bridge only” access model and mitigating DNS rebinding risks.

Changes:

• Removed Access-Control-Allow-Origin: * from default responses.
• Added Origin-header enforcement that rejects requests carrying an Origin header with HTTP 403.
• Added an explicit OPTIONS handler that rejects CORS preflight requests with HTTP 403.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[schecthellraiser606]

@fosdickio
With the following code, there is a risk that Binja's analysis results could be retrieved via malicious web pages. I think this needs to be addressed, perhaps by simply deleting this line.

self.send_header("Access-Control-Allow-Origin", "*")
I would appreciate it if you could check this when you have a moment.