Skip to content

Commit e662f6f

Browse files
kapravelkapravel
authored
Merge pull request #122 from SocketDev/fix-health-endpoint
Fix health endpoint
2 parents 73f4361 + c3341bf commit e662f6f

File tree

3 files changed

+95
-50
lines changed

3 files changed

+95
-50
lines changed

index.ts

Lines changed: 30 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -253,7 +253,34 @@ if (useHttp) {
253253
let httpTransport: StreamableHTTPServerTransport | null = null
254254

255255
const httpServer = createServer(async (req, res) => {
256-
// Validate Origin header as required by MCP spec
256+
// Parse URL first to check for health endpoint
257+
let url: URL
258+
try {
259+
url = new URL(req.url!, `http://localhost:${port}`)
260+
} catch (error) {
261+
logger.warn(`Invalid URL in request: ${req.url} - ${error}`)
262+
res.writeHead(400, { 'Content-Type': 'application/json' })
263+
res.end(JSON.stringify({
264+
jsonrpc: '2.0',
265+
error: { code: -32000, message: 'Bad Request: Invalid URL' },
266+
id: null
267+
}))
268+
return
269+
}
270+
271+
// Health check endpoint for K8s/Docker - bypass origin validation
272+
if (url.pathname === '/health') {
273+
res.writeHead(200, { 'Content-Type': 'application/json' })
274+
res.end(JSON.stringify({
275+
status: 'healthy',
276+
service: 'socket-mcp',
277+
version: VERSION,
278+
timestamp: new Date().toISOString()
279+
}))
280+
return
281+
}
282+
283+
// Validate Origin header as required by MCP spec (for non-health endpoints)
257284
const origin = req.headers.origin
258285
const allowedOrigins = [
259286
'http://localhost:3000',
@@ -276,11 +303,8 @@ if (useHttp) {
276303
}
277304

278305
// Set CORS headers for valid origins
279-
if (origin && isValidOrigin) {
280-
res.setHeader('Access-Control-Allow-Origin', origin)
281-
} else {
282-
res.setHeader('Access-Control-Allow-Origin', 'http://localhost:3000')
283-
}
306+
// Note: origin is guaranteed to be truthy here because isValidOrigin === true
307+
res.setHeader('Access-Control-Allow-Origin', origin!)
284308
res.setHeader('Access-Control-Allow-Methods', 'POST, OPTIONS')
285309
res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Accept')
286310

@@ -290,32 +314,6 @@ if (useHttp) {
290314
return
291315
}
292316

293-
let url: URL
294-
try {
295-
url = new URL(req.url!, `http://localhost:${port}`)
296-
} catch (error) {
297-
logger.warn(`Invalid URL in request: ${req.url} - ${error}`)
298-
res.writeHead(400, { 'Content-Type': 'application/json' })
299-
res.end(JSON.stringify({
300-
jsonrpc: '2.0',
301-
error: { code: -32000, message: 'Bad Request: Invalid URL' },
302-
id: null
303-
}))
304-
return
305-
}
306-
307-
// Health check endpoint for K8s/Docker
308-
if (url.pathname === '/health') {
309-
res.writeHead(200, { 'Content-Type': 'application/json' })
310-
res.end(JSON.stringify({
311-
status: 'healthy',
312-
service: 'socket-mcp',
313-
version: VERSION,
314-
timestamp: new Date().toISOString()
315-
}))
316-
return
317-
}
318-
319317
if (url.pathname === '/') {
320318
if (req.method === 'POST') {
321319
// Handle JSON-RPC messages statelessly

0 commit comments

Comments
 (0)