mcp-proxy 6.4.0 → 6.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/bin/mcp-proxy.mjs +1 -1
  2. package/dist/index.mjs +1 -1
  3. package/dist/{stdio-CyOk7u4Q.mjs → stdio-vt8L9uwX.mjs} +3 -3
  4. package/dist/{stdio-CyOk7u4Q.mjs.map → stdio-vt8L9uwX.mjs.map} +1 -1
  5. package/jsr.json +1 -1
  6. package/package.json +1 -1
  7. package/src/startHTTPServer.test.ts +1 -1
  8. package/src/startHTTPServer.ts +7 -4
package/jsr.json CHANGED
@@ -3,5 +3,5 @@
3
3
  "include": ["src/index.ts", "src/bin/mcp-proxy.ts"],
4
4
  "license": "MIT",
5
5
  "name": "@punkpeye/mcp-proxy",
6
- "version": "6.4.0"
6
+ "version": "6.4.1"
7
7
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "mcp-proxy",
3
- "version": "6.4.0",
3
+ "version": "6.4.1",
4
4
  "main": "dist/index.mjs",
5
5
  "scripts": {
6
6
  "build": "tsdown",
package/src/startHTTPServer.test.ts CHANGED
@@ -2047,7 +2047,7 @@ it("uses default CORS settings when cors: true", async () => {
2047
2047
  expect(response.status).toBe(204);
2048
2048
  expect(response.headers.get("Access-Control-Allow-Origin")).toBe("*");
2049
2049
  expect(response.headers.get("Access-Control-Allow-Headers")).toBe(
2050
- "Content-Type, Authorization, Accept, Mcp-Session-Id, Last-Event-Id",
2050
+ "Content-Type, Authorization, Accept, Mcp-Session-Id, Mcp-Protocol-Version, Last-Event-Id",
2051
2051
  );
2052
2052
  expect(response.headers.get("Access-Control-Allow-Credentials")).toBe("true");
2053
2053
 
package/src/startHTTPServer.ts CHANGED
@@ -219,7 +219,7 @@ const applyCorsHeaders = (
219
219
  // Default CORS configuration for backward compatibility
220
220
  const defaultCorsOptions: CorsOptions = {
221
221
  allowedHeaders:
222
- "Content-Type, Authorization, Accept, Mcp-Session-Id, Last-Event-Id",
222
+ "Content-Type, Authorization, Accept, Mcp-Session-Id, Mcp-Protocol-Version, Last-Event-Id",
223
223
  credentials: true,
224
224
  exposedHeaders: ["Mcp-Session-Id"],
225
225
  methods: ["GET", "POST", "OPTIONS"],
@@ -348,9 +348,12 @@ const handleStreamRequest = async <T extends ServerLike>({
348
348
  ) {
349
349
  let body: unknown;
350
350
  try {
351
- const sessionId = Array.isArray(req.headers["mcp-session-id"])
352
- ? req.headers["mcp-session-id"][0]
353
- : req.headers["mcp-session-id"];
351
+ // In stateless mode, ignore session ID header entirely (like Python MCP SDK)
352
+ const sessionId = stateless
353
+ ? undefined
354
+ : (Array.isArray(req.headers["mcp-session-id"])
355
+ ? req.headers["mcp-session-id"][0]
356
+ : req.headers["mcp-session-id"]);
354
357
 
355
358
  let transport: StreamableHTTPServerTransport;
356
359