Allow for insecure https connections to upstream MCP servers w/ --insecure flag #132
Conversation
jessesanford
force-pushed
the
allow-insecure-tls-with-override
branch
2 times, most recently
from
acbb2a4 to
d39a31e
Compare
Signed-off-by: Jesse Sanford <[email protected]>
jessesanford
force-pushed
the
allow-insecure-tls-with-override
branch
from
c3bb896 to
1f4bebf
Compare
| }, | ||
| "comment": { | ||
| "header": "📦 **Package Preview Available**", | ||
| "footer": "Install this preview: `npm install https://pkg.pr.new/mcp-remote@{{pr}}`" |
There was a problem hiding this comment.
Can you show me a screenshot of what this will look like? I'm not sure if it's an upgrade on what we have right now. In any case I usually prefer to keep changes like this separate to the new functionality, unless there's a good reason to include it at the same time.
| @@ -324,6 +369,14 @@ export async function connectToRemoteServer( | |||
| debugLog('Already attempted auth reconnection, giving up', { | |||
| recursionReasons: Array.from(recursionReasons), | |||
| }) | |||
| // Restore original TLS settings before throwing | |||
There was a problem hiding this comment.
In general, I try to avoid anything that requires clean up like this during exceptions. Is there no other way to implement this feature?
|
Thanks for the PR, and apologies for the delay in getting back to you. I've never actually needed to do this myself, but from reading your implementation, am I right in assuming that this is currently possible by setting Because if this is already possible by setting an environment variable, I think maybe all we want to do is add a section to the readme that that you can use that in order to test with self-signed certificates. What do you think? |
commit: |
Many times when developing an MCP server we will want to test https or do integration testing with self-signed certificates. We should allow for this, just like curl and other common http libs/utils do, but with the caveat that it is not default. This PR allows for a --insecure flag to be passed which will enable the acceptance of such insecure connections.