Skip to content

Add CORS middleware to Starlette app for frontend support #1201

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Add CORS middleware to Starlette app for frontend support #1201

wants to merge 2 commits into from
+29 −2

Conversation

@SmartManoj
Copy link

@SmartManoj SmartManoj commented Jul 26, 2025

Introduces CORS middleware to the Starlette app instances in FastMCP to allow requests from local web frontends. This enables compatibility with web clients running on localhost and related origins, supporting credentials and common HTTP methods and headers.

Motivation and Context

Fixes #187 (comment)

How Has This Been Tested?

Breaking Changes

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Documentation
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

Additional context

@SmartManoj
Add CORS middleware to Starlette app for frontend support
2792992 
Introduces CORS middleware to the Starlette app instances in FastMCP to allow requests from local web frontends. This enables compatibility with web clients running on localhost and related origins, supporting credentials and common HTTP methods and headers.
@SmartManoj SmartManoj requested review from a team and dsp-ant July 26, 2025 12:27
dsp-ant
dsp-ant requested changes Aug 4, 2025
View reviewed changes
Copy link
Member

@dsp-ant dsp-ant left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we want to add this by default. If we do want to allow for certain types of starlette middlewares. We likely want to mimic what FastMCP 2.0 does here. We want support for a proper middleware stack and a default set for auth, with a pre-defined order.

@SmartManoj
Copy link
Author

SmartManoj commented Aug 4, 2025

I don't think we want to add this by default.

Is this wrong?

punkpeye/fastmcp@fe39e7a

@Kludex Kludex mentioned this pull request Aug 9, 2025
Closed
9 tasks
@felixweinberger
Copy link
Contributor

felixweinberger commented Sep 22, 2025

I don't think we want to add this by default.

Is this wrong?

punkpeye/fastmcp@fe39e7a

That's looking at the Typescript implementation of FastMCP - if you look at FastMCP 2.0 @dsp-ant was referring to here: #1245

That shows the middleware support in the Python SDK. Tentatively going to mark this as a v2 idea that we'd like to have for tracking

@felixweinberger felixweinberger added enhancement v2 Ideas, requests and plans for v2 of the SDK which will incorporate major changes and fixes needs more work Not ready to be merged yet, needs additional follow-up from the author(s). labels Sep 22, 2025
@felixweinberger felixweinberger mentioned this pull request Sep 23, 2025
Draft
9 tasks
@felixweinberger felixweinberger added this to the Middleware milestone Sep 23, 2025
@felixweinberger felixweinberger marked this pull request as draft September 30, 2025 10:46
@felixweinberger
Copy link
Contributor

felixweinberger commented Sep 30, 2025

Converting this to a draft for now to remove it from the review queue - keeping this around for future work on v2

@felixweinberger felixweinberger added enhancement Request for a new feature that's not currently supported and removed enhancement deprecated labels Nov 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dsp-ant dsp-ant dsp-ant requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

enhancement Request for a new feature that's not currently supported needs more work Not ready to be merged yet, needs additional follow-up from the author(s). v2 Ideas, requests and plans for v2 of the SDK which will incorporate major changes and fixes

Projects

None yet

Milestone

Python SDK v2.0

Development

Successfully merging this pull request may close these issues.

Better CORS defaults for SSE transport

3 participants

@SmartManoj @felixweinberger @dsp-ant