httpmcp_rust/middleware/
mod.rs

1use actix_web::http::header;
2use actix_web::{HttpResponse, Result};
3
4/// CORS middleware configuration
5pub fn cors_middleware() -> actix_web::middleware::DefaultHeaders {
6    actix_web::middleware::DefaultHeaders::new()
7        .add((header::ACCESS_CONTROL_ALLOW_ORIGIN, "*"))
8        .add((header::ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, OPTIONS"))
9        .add((
10            header::ACCESS_CONTROL_ALLOW_HEADERS,
11            "Content-Type, Authorization, Accept, Last-Event-ID",
12        ))
13}
14
15/// Request validation middleware
16pub async fn validate_request(
17    req: actix_web::dev::ServiceRequest,
18    next: actix_web_lab::middleware::Next<actix_web::body::BoxBody>,
19) -> Result<actix_web::dev::ServiceResponse> {
20    // Validate Content-Type for POST requests
21    if req.method() == actix_web::http::Method::POST {
22        if let Some(content_type) = req.headers().get(header::CONTENT_TYPE) {
23            if let Ok(ct) = content_type.to_str() {
24                if !ct.contains("application/json") {
25                    let (req, _) = req.into_parts();
26                    let response = HttpResponse::BadRequest().json(serde_json::json!({
27                        "jsonrpc": "2.0",
28                        "error": {
29                            "code": -32600,
30                            "message": "Invalid Content-Type. Expected application/json"
31                        },
32                        "id": null
33                    }));
34                    return Ok(actix_web::dev::ServiceResponse::new(req, response));
35                }
36            }
37        }
38    }
39
40    next.call(req).await
41}
httpmcp_rust/middleware/mod.rs

httpmcp_rust/middleware/
mod.rs
