@modelcontextprotocol/server-pdf 1.1.0 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +0 -2
- package/dist/mcp-app.html +23 -28
- package/dist/server.d.ts +1 -3
- package/dist/server.js +5 -27
- package/package.json +1 -1
package/dist/server.d.ts
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
* PDF MCP Server
|
|
3
3
|
*
|
|
4
4
|
* An MCP server that displays PDFs in an interactive viewer.
|
|
5
|
-
* Supports local files and remote URLs
|
|
5
|
+
* Supports local files and remote HTTPS URLs.
|
|
6
6
|
*
|
|
7
7
|
* Tools:
|
|
8
8
|
* - list_pdfs: List available PDFs
|
|
@@ -19,8 +19,6 @@ export declare const CACHE_INACTIVITY_TIMEOUT_MS = 10000;
|
|
|
19
19
|
export declare const CACHE_MAX_LIFETIME_MS = 60000;
|
|
20
20
|
/** Max size for cached PDFs (defensive limit to prevent memory exhaustion) */
|
|
21
21
|
export declare const CACHE_MAX_PDF_SIZE_BYTES: number;
|
|
22
|
-
/** Allowed remote origins (security allowlist) */
|
|
23
|
-
export declare const allowedRemoteOrigins: Set<string>;
|
|
24
22
|
/** Allowed local file paths (populated from CLI args) */
|
|
25
23
|
export declare const allowedLocalFiles: Set<string>;
|
|
26
24
|
/** Allowed local directories (populated from MCP roots) */
|
package/dist/server.js
CHANGED
|
@@ -35767,24 +35767,6 @@ var RESOURCE_URI = "ui://pdf-viewer/mcp-app.html";
|
|
|
35767
35767
|
var CACHE_INACTIVITY_TIMEOUT_MS = 1e4;
|
|
35768
35768
|
var CACHE_MAX_LIFETIME_MS = 60000;
|
|
35769
35769
|
var CACHE_MAX_PDF_SIZE_BYTES = 50 * 1024 * 1024;
|
|
35770
|
-
var allowedRemoteOrigins = new Set([
|
|
35771
|
-
"https://agrirxiv.org",
|
|
35772
|
-
"https://arxiv.org",
|
|
35773
|
-
"https://chemrxiv.org",
|
|
35774
|
-
"https://edarxiv.org",
|
|
35775
|
-
"https://engrxiv.org",
|
|
35776
|
-
"https://hal.science",
|
|
35777
|
-
"https://osf.io",
|
|
35778
|
-
"https://psyarxiv.com",
|
|
35779
|
-
"https://ssrn.com",
|
|
35780
|
-
"https://www.biorxiv.org",
|
|
35781
|
-
"https://www.eartharxiv.org",
|
|
35782
|
-
"https://www.medrxiv.org",
|
|
35783
|
-
"https://www.preprints.org",
|
|
35784
|
-
"https://www.researchsquare.com",
|
|
35785
|
-
"https://www.sportarxiv.org",
|
|
35786
|
-
"https://zenodo.org"
|
|
35787
|
-
]);
|
|
35788
35770
|
var allowedLocalFiles = new Set;
|
|
35789
35771
|
var allowedLocalDirs = new Set;
|
|
35790
35772
|
var DIST_DIR = import.meta.filename.endsWith(".ts") ? path.join(import.meta.dirname, "dist") : import.meta.dirname;
|
|
@@ -35828,9 +35810,8 @@ function validateUrl(url2) {
|
|
|
35828
35810
|
}
|
|
35829
35811
|
try {
|
|
35830
35812
|
const parsed = new URL(url2);
|
|
35831
|
-
|
|
35832
|
-
|
|
35833
|
-
return { valid: false, error: `Origin not allowed: ${origin}` };
|
|
35813
|
+
if (parsed.protocol !== "https:") {
|
|
35814
|
+
return { valid: false, error: `Only HTTPS URLs are allowed: ${url2}` };
|
|
35834
35815
|
}
|
|
35835
35816
|
return { valid: true };
|
|
35836
35817
|
} catch {
|
|
@@ -35997,15 +35978,14 @@ ${[...allowedLocalDirs].map((d2) => `- ${d2}`).join(`
|
|
|
35997
35978
|
`)}
|
|
35998
35979
|
Any PDF file under these directories can be displayed.`);
|
|
35999
35980
|
}
|
|
36000
|
-
parts.push(`
|
|
35981
|
+
parts.push(`Any remote PDF accessible via HTTPS can also be loaded dynamically.`);
|
|
36001
35982
|
return {
|
|
36002
35983
|
content: [{ type: "text", text: parts.join(`
|
|
36003
35984
|
|
|
36004
35985
|
`) }],
|
|
36005
35986
|
structuredContent: {
|
|
36006
35987
|
localFiles: pdfs.filter((p2) => p2.type === "local").map((p2) => p2.url),
|
|
36007
|
-
allowedDirectories: [...allowedLocalDirs]
|
|
36008
|
-
allowedOrigins: [...allowedRemoteOrigins]
|
|
35988
|
+
allowedDirectories: [...allowedLocalDirs]
|
|
36009
35989
|
}
|
|
36010
35990
|
};
|
|
36011
35991
|
});
|
|
@@ -36067,7 +36047,6 @@ Any PDF file under these directories can be displayed.`);
|
|
|
36067
36047
|
};
|
|
36068
36048
|
}
|
|
36069
36049
|
});
|
|
36070
|
-
const allowedDomains = [...allowedRemoteOrigins].map((origin) => origin.replace(/^https?:\/\/(www\.)?/, "")).join(", ");
|
|
36071
36050
|
hk(server, "display_pdf", {
|
|
36072
36051
|
title: "Display PDF",
|
|
36073
36052
|
description: `Display an interactive PDF viewer.
|
|
@@ -36075,7 +36054,7 @@ Any PDF file under these directories can be displayed.`);
|
|
|
36075
36054
|
Accepts:
|
|
36076
36055
|
- Local files explicitly added to the server (use list_pdfs to see available files)
|
|
36077
36056
|
- Local files under directories provided by the client as MCP roots
|
|
36078
|
-
-
|
|
36057
|
+
- Any remote PDF accessible via HTTPS`,
|
|
36079
36058
|
inputSchema: {
|
|
36080
36059
|
url: exports_external.string().default(DEFAULT_PDF).describe("PDF URL"),
|
|
36081
36060
|
page: exports_external.number().min(1).default(1).describe("Initial page")
|
|
@@ -36127,7 +36106,6 @@ export {
|
|
|
36127
36106
|
fileUrlToPath,
|
|
36128
36107
|
createServer,
|
|
36129
36108
|
createPdfCache,
|
|
36130
|
-
allowedRemoteOrigins,
|
|
36131
36109
|
allowedLocalFiles,
|
|
36132
36110
|
allowedLocalDirs,
|
|
36133
36111
|
RESOURCE_URI,
|
package/package.json
CHANGED