@@ -3,12 +3,13 @@ import { createPinnedFetch } from '@/lib/core/security/input-validation.server'
33import { validateMcpServerSsrf } from '@/lib/mcp/domain-check'
44
55/**
6- * Pinned fetch for all MCP traffic. MCP servers are commonly deployed behind
7- * HTTP/2 fronts (CDNs, cloud LBs), and undici's Agent is h1.1-only unless opted
8- * into h2 via ALPN — so every MCP connection enables it. This is the single
9- * source of the "MCP implies h2" decision; the base `createPinnedFetch` keeps
10- * its h1.1 default for non-MCP consumers. Pinning is unaffected: the pinned
11- * lookup forces the socket to `resolvedIP` regardless of negotiated protocol.
6+ * Pinned fetch for the long-lived MCP transport, which reuses one Agent across
7+ * a connection's requests. MCP servers are commonly behind HTTP/2 fronts (CDNs,
8+ * cloud LBs), and undici's Agent is h1.1-only unless opted into h2 via ALPN, so
9+ * the transport enables it. h2 is *not* used for one-shot flows (OAuth discovery,
10+ * auth-type probe), where a per-request Agent would leave idle h2 sessions with
11+ * no reuse benefit. Pinning is unaffected: the pinned lookup forces the socket to
12+ * `resolvedIP` regardless of negotiated protocol.
1213 */
1314export function createPinnedMcpFetch ( resolvedIP : string ) : typeof fetch {
1415 return createPinnedFetch ( resolvedIP , { allowH2 : true } )
@@ -37,7 +38,7 @@ export function createSsrfGuardedMcpFetch(): FetchLike {
3738 return ( async ( url , init ) => {
3839 const target = typeof url === 'string' ? url : url . href
3940 const resolvedIP = await validateMcpServerSsrf ( target )
40- const pinnedFetch : FetchLike = resolvedIP ? createPinnedMcpFetch ( resolvedIP ) : globalThis . fetch
41+ const pinnedFetch : FetchLike = resolvedIP ? createPinnedFetch ( resolvedIP ) : globalThis . fetch
4142 return pinnedFetch ( url , init )
4243 } ) satisfies FetchLike
4344}
0 commit comments