Skip to content

Implementation for SEP-2243 Http Standardization#1553

Open
mikekistler wants to merge 6 commits intomainfrom
mdk/sep-2243-implementation
Open

Implementation for SEP-2243 Http Standardization#1553
mikekistler wants to merge 6 commits intomainfrom
mdk/sep-2243-implementation

Conversation

@mikekistler
Copy link
Copy Markdown
Contributor

@mikekistler mikekistler commented May 1, 2026
edited
Loading

Motivation and Context

Implements SEP-2243 (HTTP Standardization) (modelcontextprotocol/modelcontextprotocol#2243) for both the client and server Streamable HTTP transports. This enables network infrastructure (load balancers, proxies, gateways) to make routing and filtering decisions based on MCP request metadata without parsing the JSON-RPC body.

Fixes #1541.

Changes

Protocol & Constants

  • Add McpHttpHeaders static class with standard header name constants (Mcp-Method, Mcp-Name, Mcp-Param-*, etc.)
  • Add "DRAFT-2026-v1" as a supported protocol version
  • Add McpErrorCode.HeaderMismatch (-32001) for header validation failures

Client-side (ModelContextProtocol.Core)

  • StreamableHttpClientSessionTransport now emits Mcp-Method, Mcp-Name, and Mcp-Param-* headers on outgoing requests
  • McpHeaderEncoder handles value encoding (plain ASCII pass-through, Base64 wrapping for non-ASCII/control characters)
  • McpHeaderExtractor reads x-mcp-header annotations from tool schemas and adds the corresponding parameter headers

Server-side (ModelContextProtocol.AspNetCore)

  • StreamableHttpHandler validates incoming Mcp-Method and Mcp-Name headers match the JSON-RPC body (enforced only for DRAFT-2026-v1+)
  • Validates Mcp-Param-* headers against tool schema annotations
  • Returns HeaderMismatch error response on validation failure

Tool authoring (ModelContextProtocol.Core)

  • [McpHeader("Name")] attribute marks tool parameters for header mirroring
  • AIFunctionMcpServerTool emits x-mcp-header extension in the tool's JSON schema for annotated parameters

Tests

  • Unit tests for McpHeaderEncoder, McpHeaderAttribute, and tool schema generation
  • Conformance client/server test scenarios wired up for end-to-end validation

Protocol Version Gating

Header validation is only enforced when the client's MCP-Protocol-Version header is >= DRAFT-2026-v1. Clients on older protocol versions are unaffected.

How Has This Been Tested?

The PR includes tests and all tests are passing. This includes conformance tests currently in PR to the conformance repo.

Breaking Changes

No breaking changes.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Documentation
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

Additional context

mikekistler and others added 6 commits May 1, 2026 09:30
@mikekistler
Add protocol version "DRAFT-2026-v1" as supported protocol version
adb0367
@mikekistler
Wire up SEP-2243 conformance test scenarios for client and server
0207bac
@mikekistler
Add SEP-2243 HTTP Standardization support
259a28b
@mikekistler
Add docs for custom HTTP headers from tool parameters
4164474
@tarekgh
Fix SEP-2243 spec compliance gaps and add comprehensive tests
ef7281a 
Address multiple specification compliance issues identified during review:

Source fixes:
- Fix tab (0x09) encoding: tabs now trigger Base64 encoding per spec
- Add client-side tool schema validation: tools with invalid x-mcp-header
  annotations (non-object schemas, missing properties) are filtered out
- Remove server empty-header early-return that skipped validation
- Fix numeric precision loss: use GetRawText()/ToJsonString() instead of
  GetDouble()/GetValue<double>() for header value extraction
- Implement proper version gating: only DRAFT-2026-v1 requires header
  validation on server side (client always sends headers unconditionally)
- Add server-side invalid character validation for header values

Test additions:
- 22 new integration tests in Sep2243HeaderTests.cs covering encoding,
  validation, tool filtering, and end-to-end header scenarios
- 4 new server conformance tests for draft version header validation
- 2 new client conformance tests for tool filtering and header sending
- 2 new unit tests for tab encoding behavior
- 1 new theory for SupportsStandardHeaders version gating
- Fix ConformanceClient to handle toolCalls array format and add
  prompts/list + prompts/get calls for http-standard-headers scenario

Other:
- Add *.lscache to .gitignore
@tarekgh
Gate SEP-2243 conformance tests on harness version >= 0.1.16
9705707 
The http-standard-headers, http-custom-headers, and http-invalid-tool-headers
client scenarios and http-header-validation, http-custom-header-server-validation
server scenarios require conformance package >= 0.1.16 which is not yet
published to npm.

Add NodeHelpers.GetConformanceVersion() that runs 'conformance --version'
and NodeHelpers.IsConformanceVersionAtLeast() for runtime version checks.
Tests auto-skip when the harness is too old and auto-run once the package
is updated. Works with both npm-published and local file: references.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

SEP-2243: HTTP Standardization

2 participants

@mikekistler @tarekgh