Implement READONLY mode checks and enhance SQL query validation in Tools #64
Conversation
|
Hey noticed the TS\Node blocked problematic queries going through, but dotnet just let anything happen... this should copy the behaviour. |
There was a problem hiding this comment.
Pull Request Overview
This PR implements comprehensive security enhancements for the MSSQL MCP server, adding READONLY mode checks and extensive SQL query validation to prevent unauthorized database operations and potential security vulnerabilities.
- Adds READONLY mode environment variable support that blocks destructive operations
- Implements comprehensive SQL injection protection with keyword filtering and pattern detection
- Adds a new TestConnection tool for database connectivity validation
Reviewed Changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| Tools/Tools.cs | Adds IsReadOnlyMode property that checks READONLY environment variable |
| Tools/UpdateData.cs | Adds READONLY mode check to prevent UPDATE operations |
| Tools/InsertData.cs | Adds READONLY mode check to prevent INSERT operations |
| Tools/CreateTable.cs | Adds READONLY mode check to prevent CREATE TABLE operations |
| Tools/DropTable.cs | Adds READONLY mode check to prevent DROP TABLE operations |
| Tools/ReadData.cs | Implements comprehensive SQL validation, injection protection, and result sanitization |
| Tools/TestConnection.cs | New tool for testing database connectivity with connection information |
| MssqlMcp.Tests/UnitTests.cs | Adds comprehensive test coverage for READONLY mode and TestConnection functionality |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
@sitefinitysteve thank you for the PR, copilot assisted review and has left few comments PTAL. |
Oh cool feature! I'll get on it once I'm back from vacation |
@sitefinitysteve the one thing I noticed is that the code currently looks at the readonly flag and returns which is good (second level validation), in addition to this what would be required is showing only the tools that are readonly, i.e describe table, list tables and read. |
…r SQL query validation
…eadonly from breaking the readdatatests
I believe this is correct, seems to work VSCode reports back properly 9732602 |
|
No rush I was more curious than anything, working off my fork anyway!
…On Thu, Sep 4, 2025 at 3:57 PM Arun Vijayraghavan ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In MssqlMcp/dotnet/MssqlMcp/Tools/ReadData.cs
<#64 (comment)>
:
> using Microsoft.Data.SqlClient;
using Microsoft.Extensions.Logging;
using ModelContextProtocol.Server;
namespace Mssql.McpServer;
public partial class Tools
{
+ // List of dangerous SQL keywords that should not be allowed
+ private static readonly string[] DangerousKeywords =
+ [
+ "DELETE", "DROP", "UPDATE", "INSERT", "ALTER", "CREATE",
+ "TRUNCATE", "EXEC", "EXECUTE", "MERGE", "REPLACE",
+ "GRANT", "REVOKE", "COMMIT", "ROLLBACK", "TRANSACTION",
+ "BEGIN", "DECLARE", "SET", "USE", "BACKUP",
@sitefinitysteve <https://github.com/sitefinitysteve> will get this
merged waiting on some approvals.
—
Reply to this email directly, view it on GitHub
<#64 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALYR2FMFJR4BB7I7ZK5X4T3RCKUFAVCNFSM6AAAAACEA6INGWVHI2DSMVQWIX3LMV43YUDVNRWFEZLROVSXG5CSMV3GSZLXHMZTCOBWHE4TAMBRHA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
dotnet changes: