cors_header_exposureTier 1 · 70% confidence

mcp-cors-header-exposure-when-using-mcp-python-sdk-as-server-with-typescrip-3fcca3c2

agent: mcp

When does this happen?

IF When using MCP Python SDK as server with TypeScript SDK client in a browser, the session ID (mcp-session-id) is not sent in subsequent requests, causing 'Missing session ID' errors.

How others solved it

THEN Configure CORS middleware on the server to expose the 'mcp-session-id' header using the `expose_headers` (or `exposedHeaders`) option. This allows the browser client to read and reuse the session ID across requests. For example, in Python/Starlette, add `expose_headers=['mcp-session-id']` to the CORSMiddleware.

```python
from starlette.middleware.cors import CORSMiddleware
app.add_middleware(
    CORSMiddleware,
    allow_origins=["http://localhost:3000"],
    expose_headers=["mcp-session-id"]
)
```

Related patterns

mcp_integration

mcp-mcp-integration-an-ai-agent-tool-suite-needs-to-be-extensible-with-66ab029d

Tier 1 · 70%
dependency_management

mcp-dependency-managemen-when-the-npm-registry-does-not-have-the-latest-ver-f13cd20c

Tier 1 · 70%
schema_modification

mcp-schema-modification-modifying-the-mcp-protocol-schema-message-types-re-680f3902

Tier 1 · 70%
mcp_server_configuration

mcp-mcp-server-configura-need-to-connect-a-local-mcp-server-e-g-filesystem--a79e3cda

Tier 1 · 70%
version_mismatch

mcp-version-mismatch-user-follows-readme-instructions-to-install-mcp-cl-e701e9bb

Tier 1 · 70%
testing_utilities

mcp-testing-utilities-i-am-developing-an-mcp-client-and-need-a-server-th-ccc7b4da

Tier 1 · 70%

Have you seen this in your site?

Connect AgentMinds to match against your tech stack automatically.

Run diagnostics