[disable-stream] Add WithDisableStreaming option to StreamableHTTP server to allow disabling streaming #613
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -69,6 +69,16 @@ func WithHeartbeatInterval(interval time.Duration) StreamableHTTPOption { | |
| } | ||
| } | ||
|
|
||
| // WithDisableStreaming prevents the server from responding to GET requests with | ||
| // a streaming response. Instead, it will respond with a 403 Forbidden status. | ||
| // This can be useful in scenarios where streaming is not desired or supported. | ||
| // The default is false, meaning streaming is enabled. | ||
| func WithDisableStreaming(disable bool) StreamableHTTPOption { | ||
| return func(s *StreamableHTTPServer) { | ||
| s.disableStreaming = disable | ||
| } | ||
| } | ||
coderabbitai[bot] marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| // WithHTTPContextFunc sets a function that will be called to customise the context | ||
| // to the server using the incoming request. | ||
| // This can be used to inject context values from headers, for example. | ||
|
|
@@ -141,6 +151,7 @@ type StreamableHTTPServer struct { | |
| listenHeartbeatInterval time.Duration | ||
| logger util.Logger | ||
| sessionLogLevels *sessionLogLevelsStore | ||
| disableStreaming bool | ||
|
|
||
| tlsCertFile string | ||
| tlsKeyFile string | ||
|
|
@@ -400,6 +411,10 @@ func (s *StreamableHTTPServer) handlePost(w http.ResponseWriter, r *http.Request | |
| func (s *StreamableHTTPServer) handleGet(w http.ResponseWriter, r *http.Request) { | ||
| // get request is for listening to notifications | ||
| // https://modelcontextprotocol.io/specification/2025-03-26/basic/transports#listening-for-messages-from-the-server | ||
| if s.disableStreaming { | ||
| http.Error(w, "Streaming is disabled on this server", http.StatusMethodNotAllowed) | ||
| return | ||
| } | ||
|
Comment on lines
414
to
418
Contributor
There was a problem hiding this comment. 🛠️ Refactor suggestion | 🟠 Major Implementation looks good, but add tests and consider logging. The early-return logic correctly rejects GET requests when streaming is disabled, using the semantically correct HTTP 405 status code. However, this behavioral change should be covered by tests. Essential: Add tests for this feature. Please add test coverage for:
Optional: Add debug logging. Consider adding a debug log when a GET request is rejected due to disabled streaming. This helps server operators diagnose why clients are receiving 405 responses: if s.disableStreaming {
+ s.logger.Debugf("Rejected GET request: streaming is disabled (session: %s)", r.Header.Get(HeaderKeySessionID))
http.Error(w, "Streaming is disabled on this server", http.StatusMethodNotAllowed)
return
}
Contributor
Author
There was a problem hiding this comment. 🤔 there are tests in
Contributor
There was a problem hiding this comment. 🧩 Analysis chain🏁 Script executed: Length of output: 77752 @jaredly, you're absolutely right—I apologize for missing that! I can see ✅ GET requests blocked when And I also see that the debug logging I suggested as optional is already implemented in the code: s.logger.Debugf("Rejected GET request: streaming is disabled (session: %s)", r.Header.Get(HeaderKeySessionID))Great work on the thorough implementation! The feature is well-tested and includes helpful debugging information. 🎉 🧬 Code Graph Analysis Results
var _ SessionWithStreamableHTTPConfig = (*streamableHttpSession)(nil)
|
||
|
|
||
| sessionID := r.Header.Get(HeaderKeySessionID) | ||
| // the specification didn't say we should validate the session id | ||
|
|
||
Uh oh!
There was an error while loading. Please reload this page.