🎉 ai-infra v1.0 is here — Production-ready AI/LLM infrastructure
What's new
nfrax logonfrax

Infrastructure that just works. Ship products, not boilerplate.

Frameworks

  • svc-infra
  • ai-infra
  • fin-infra
  • robo-infra

Resources

  • Getting Started
  • What's New
  • Contributing

Community

  • GitHub

© 2026 nfrax. All rights reserved.

nfrax logonfrax
Start HereWhat's New
GitHub
ai-infra / API Reference

MCPSecuritySettings

from ai_infra.mcp import MCPSecuritySettings
View source
ai_infra.mcp

Security settings for MCP servers with automatic environment detection. By default, auto-detects the deployment environment and configures appropriate security settings. Works with Railway, Render, Fly.io, Heroku, Vercel, and other platforms. Examples: # Auto-detect (recommended - works everywhere) mcp = mcp_from_functions(name="my-mcp", functions=[my_tool]) # Disable security for development security = MCPSecuritySettings(enable_security=False) # Custom domains (overrides auto-detection) security = MCPSecuritySettings(domains=["api.example.com"])

Constructor
MCPSecuritySettings(domains: Sequence[str] | None = None, enable_security: bool = True, allowed_hosts: Sequence[str] | None = None, allowed_origins: Sequence[str] | None = None)
ParameterTypeDefaultDescription
domainsSequence[str] |NoneNoneCustom domains to allow (e.g., ["api.example.com"]). If not provided, auto-detects from environment.
enable_securityboolTrueWhether to enable DNS rebinding protection. Set to False to allow all hosts (dev only).
allowed_hostsSequence[str] |NoneNoneAdvanced: Override auto-detected host patterns.
allowed_originsSequence[str] |NoneNoneAdvanced: Override auto-detected origin patterns.

Methods

On This Page

Constructorto_transport_settings