Add conformance tests for SEP-2243 HTTP Standardization#259
Open
mikekistler wants to merge 9 commits into
Open
Add conformance tests for SEP-2243 HTTP Standardization#259mikekistler wants to merge 9 commits into
mikekistler wants to merge 9 commits into
Conversation
commit: |
Contributor
Author
|
Notes on how this was tested: I ran the tests in this branch the support for SEP-2243 added in this branch of the MCP C# SDK and all tests pass. Here's how I ran the tests: # In the MCP C# SDK repo, checkout the branch
git checkout mdk/sep-2243-implementation
# Remove any existing node_modules to get to a known state
rm -rf node_modules
# Install node modules with the exact versions in package lock
npm ci
# Now replace the conformance node module with the tests in this branch
npm install --no-save "@modelcontextprotocol/conformance@github:mikekistler/conformance#mdk/sep-2243-conformance-tests"
# Run the server conformance tests (.NET 10 only)
MCP_CONFORMANCE_PROTOCOL_VERSION=DRAFT-2026-v1 dotnet test tests/ModelContextProtocol.AspNetCore.Tests/ModelContextProtocol.AspNetCore.Tests.csproj -f net10.0 --filter "FullyQualifiedName~ServerConformanceTests"
# Run the client conformanct tests (.NET 10 only)
MCP_CONFORMANCE_PROTOCOL_VERSION=DRAFT-2026-v1 dotnet test tests/ModelContextProtocol.AspNetCore.Tests/ModelContextProtocol.AspNetCore.Tests.csproj -f net10.0 --filter "FullyQualifiedName~ClientConformanceTests"Here's the server conformance test output I got: And here's the output from the client conformance tests: |
9 tasks
Close gaps in HTTP header conformance scenarios: Client standard headers (http-standard-headers.ts): - Enforce all expected methods in checks, failing any that were not observed - Track Mcp-Name header per-method separately from Mcp-Method - Advertise resources and prompts capabilities so clients exercise those endpoints - Add a prompt entry for prompts/get testing Client custom headers (http-custom-headers.ts): - Add Base64 encoding checks for non-ASCII, whitespace, and control-char values - Add null/omitted parameter test (second tool call with null value) - Add client-keeps-valid-tool check verifying clients still call valid tools after filtering out invalid ones Server header validation (server/http-standard-headers.ts): - Replace fetch-based sendRawRequest with http.request to preserve exact header casing on the wire (fetch/Headers lowercases names) - Compute defaultArgs and defaultHeaders from tool schema so test requests satisfy all required parameters while varying only the param under test Traceability (sep-2243.yaml): - Add 7 new spec-to-check mappings (nonascii, whitespace, controlchar, keeps-valid-tool, literal-missing-base64-prefix/suffix, no-mirror-unannotated) - Fix 2 incorrect existing mappings
Add missing test cases identified by comparing the branch against the SEP-2243 spec's Conformance Test Cases section: - Mcp-Method on notifications: add notifications/initialized to expectedMethods so clients are checked for header on notifications - Boolean true: add debug=true param to complement verbose=false - Leading-space-only and trailing-space-only: separate checks for Base64 encoding when only one edge has whitespace - Internal spaces only: verify plain ASCII (no Base64) for values like 'us west 1' that have spaces only in the middle - CRLF string: add line1\r\nline2 test (complements existing \n test) - Leading tab: add \tindented test for tab-triggered Base64 encoding - Server rejects invalid Mcp-Param chars: mark as excluded in YAML since HTTP itself prevents these characters in headers Register all new checks in sep-2243.yaml.
The spec states header values are case-sensitive (RFC 9110). The =?base64? prefix is part of the header value, not the header name, so it should be matched case-sensitively. This was identified as a bug in the conformance tests per feedback on SEP-2243. Changes: - Remove server-accepts-case-insensitive-base64 check from server validation scenario - Change base64 prefix regex from case-insensitive (/i) to case-sensitive in client header validation - Remove corresponding entry from sep-2243.yaml
The spec constrains x-mcp-header to primitive types but does not restrict it to top-level properties only. A nested string property with x-mcp-header is valid per the spec. This was confirmed by mikekistler in SEP-2243 PR discussion. Removes invalid_nested_header from the invalid tool definitions list and its corresponding sep-2243.yaml entry.
Compare number header values numerically instead of as strings to accommodate cross-SDK floating point representation differences (e.g., '42' vs '42.0'). For integers, exact numeric match is required. For decimals, a tolerance of 1e-9 is allowed. See SEP-2243 discussion on number precision.
Suggested PR description updateHere's an updated description reflecting the changes made based on SDK implementer feedback: Changes based on SDK implementer feedbackThe following changes were made after reviewing feedback from SDK implementers on SEP-2243 PR #2243:
Items requiring SEP-2243 spec updatesThe following inconsistencies were found between the SEP conformance test table and the normative spec text. These need to be corrected in the SEP:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds conformance test scenarios for SEP-2243 (HTTP Standardization), covering the new standard and custom MCP request headers.
The PR also adds a "prepare" script to the package.json to allow "npm install" from a branch for pre-merge testing.
Scenarios added
Server scenarios (test server — inspects client requests)
http-standard-headers— Verifies clients sendMcp-MethodandMcp-Nameheaders on HTTP POST requestshttp-custom-headers— Verifies clients handlex-mcp-headerannotations: mirror param values intoMcp-Param-*headers, apply Base64 encoding for non-ASCII values, and convert number/boolean values correctlyhttp-invalid-tool-headers— Verifies clients reject invalidx-mcp-headertool definitions (empty values, duplicates, non-primitive types, illegal characters, etc.)Client scenarios (connect to server under test)
http-header-validation— Verifies servers reject mismatched/missingMcp-Method/Mcp-Nameheaders, accept case-insensitive header names, reject case-mismatched values, trim whitespace, validate Base64-encoded custom headers, and return-32001(HeaderMismatch)http-custom-header-server-validation— Verifies servers validate customMcp-Param-*headers against the request bodyTraceability
src/scenarios/sep-2243.yamlmaps 30+ spec requirements to check IDsNotes
preparescript inpackage.jsonfor git-based dependency installsChecklist
npm run buildpassesnpm testpassessrc/scenarios/index.ts