find_invalid_x_mcp_header: handle non-str type; bump client conformance timeout

maxisbey · maxisbey · commit 992b4da87fcb · 2026-06-25T16:45:09.000Z
- find_invalid_x_mcp_header: a JSON-Schema array type (e.g. ["string", "null"])
  raised TypeError on the frozenset membership check, crashing list_tools() on
  modern sessions against untrusted server input. Guard with isinstance(str) so
  any non-scalar type cleanly maps to the not-primitive reason. Covers dict/list
  type values via two new parametrize cases.
- conformance.yml: bump --timeout to 60s on the client legs. The harness runs
  all scenarios via unbounded Promise.all; 40 parallel python processes on a
  2-core runner starve sse-retry (the only scenario with a real-time SSE
  reconnect wait) past the 30s default.
- everything-server _unseal_state: normalise base64/utf-8 decode errors to the
  same INVALID_PARAMS as the HMAC mismatch path.
diff --git a/.github/workflows/conformance.yml b/.github/workflows/conformance.yml
@@ -67,15 +67,20 @@ jobs:
           node-version: 24
       - run: uv sync --frozen --all-extras --package mcp
       - name: Run client conformance (all suite)
+        # The harness runs all scenarios via unbounded Promise.all; with 40
+        # scenarios on a 2-core runner the slowest one (sse-retry, which has a
+        # real-time SSE reconnect wait) needs more than the 30s default budget.
         run: >-
           npx --yes "$CONFORMANCE_PKG" client
           --command 'uv run --frozen python .github/actions/conformance/client.py'
           --suite all
+          --timeout 60000
           --expected-failures ./.github/actions/conformance/expected-failures.yml
       - name: Run client conformance (2026-07-28 wire, all suite)
         run: >-
           npx --yes "$CONFORMANCE_PKG" client
           --command 'uv run --frozen python .github/actions/conformance/client.py'
           --suite all
+          --timeout 60000
           --spec-version 2026-07-28
           --expected-failures ./.github/actions/conformance/expected-failures.2026-07-28.yml
diff --git a/examples/servers/everything-server/mcp_everything_server/server.py b/examples/servers/everything-server/mcp_everything_server/server.py
@@ -6,6 +6,7 @@
 
 import asyncio
 import base64
+import binascii
 import hashlib
 import hmac
 import json
@@ -493,7 +494,10 @@ def _unseal_state(state: str) -> str:
     expected = hmac.new(_STATE_HMAC_KEY, encoded.encode(), hashlib.sha256).hexdigest()
     if not sig or not hmac.compare_digest(sig, expected):
         raise MCPError(code=INVALID_PARAMS, message="requestState failed integrity verification")
-    return base64.urlsafe_b64decode(encoded).decode()
+    try:
+        return base64.urlsafe_b64decode(encoded).decode()
+    except (binascii.Error, UnicodeDecodeError) as e:
+        raise MCPError(code=INVALID_PARAMS, message="requestState failed integrity verification") from e
 
 
 @mcp.tool()
diff --git a/src/mcp/shared/inbound.py b/src/mcp/shared/inbound.py
@@ -141,7 +141,8 @@ def find_invalid_x_mcp_header(input_schema: Any) -> str | None:
         header = prop_schema[X_MCP_HEADER_KEY]
         if not isinstance(header, str) or not _RFC9110_TOKEN.fullmatch(header):
             return f"property {prop_name!r}: {X_MCP_HEADER_KEY} {header!r} is not an RFC 9110 token"
-        if prop_schema.get("type") not in _X_MCP_HEADER_PRIMITIVE_TYPES:
+        prop_type = prop_schema.get("type")
+        if not isinstance(prop_type, str) or prop_type not in _X_MCP_HEADER_PRIMITIVE_TYPES:
             return f"property {prop_name!r}: {X_MCP_HEADER_KEY} is only permitted on primitive-typed properties"
         lower = header.lower()
         if lower in seen:
diff --git a/tests/shared/test_inbound.py b/tests/shared/test_inbound.py
@@ -383,6 +383,8 @@ def test_find_invalid_x_mcp_header_accepts_valid_or_absent_annotations(input_sch
         pytest.param(_schema(a={"type": "object", "x-mcp-header": "Data"}), id="on-object"),
         pytest.param(_schema(a={"type": "array", "x-mcp-header": "Items"}), id="on-array"),
         pytest.param(_schema(a={"type": "null", "x-mcp-header": "Nil"}), id="on-null"),
+        pytest.param(_schema(a={"type": ["string", "null"], "x-mcp-header": "Maybe"}), id="array-type"),
+        pytest.param(_schema(a={"type": {"not": "valid"}, "x-mcp-header": "Bad"}), id="dict-type"),
         pytest.param(_schema(a={"x-mcp-header": "NoType"}), id="missing-type"),
         pytest.param(
             _schema(a={"type": "string", "x-mcp-header": "Region"}, b={"type": "string", "x-mcp-header": "Region"}),
