Skip to content

Add middleware to normalize Content-Type header#2334

Open
utafrali wants to merge 1 commit intogithub:mainfrom
utafrali:fix/issue-2333-content-type-must-be-application-json-wh
Open

Add middleware to normalize Content-Type header#2334
utafrali wants to merge 1 commit intogithub:mainfrom
utafrali:fix/issue-2333-content-type-must-be-application-json-wh

Conversation

@utafrali
Copy link
Copy Markdown

@utafrali utafrali commented Apr 15, 2026

Fixes #2333

Summary

Added middleware that normalizes the Content-Type header by stripping MIME parameters like charset.

Why

The API was rejecting requests with Content-Type: application/json; charset=utf-8 because downstream validation expected exactly application/json. This middleware strips those extra parameters so handlers see the clean media type.

What changed

Created a new middleware that uses mime.ParseMediaType to extract just the media type, then rewrites the header if parameters were present. Registered it early in the handler's middleware chain so all downstream handlers get the normalized version. Included tests covering cases with no parameters, charset parameter, multiple parameters, and empty headers.

MCP impact

MCP clients that send Content-Type headers with charset parameters will now work correctly. The normalized header is transparent to downstream handlers and doesn't change behavior for anything else.

Prompts tested

N/A

Security/limits consideration

No security implications. The middleware only parses and normalizes the header, it doesn't validate or reject anything.

Tool renaming considerations

N/A

Checklist

  • Ran ./script/lint
  • Ran ./script/test
  • Updated docs

@utafrali
Add middleware to normalize Content-Type header
f764a6e 
Strip MIME parameters like charset from Content-Type so handlers
don't reject requests with charset=utf-8 and similar.
@utafrali utafrali requested a review from a team as a code owner April 15, 2026 13:35
@SamMorrowDrums
Copy link
Copy Markdown
Collaborator

SamMorrowDrums commented Apr 15, 2026

Thanks for looking into this! I wanted to flag that the go-sdk already handles Content-Type: application/json; charset=utf-8 correctly — the StreamableHTTPHandler uses mime.ParseMediaType to extract the media type before comparing, so charset=utf-8 (and other MIME parameters) are already stripped at the SDK level:

mediaType, _, err := mime.ParseMediaType(req.Header.Get("Content-Type"))
if err != nil || mediaType != "application/json" {
    http.Error(w, "Content-Type must be 'application/json'", http.StatusUnsupportedMediaType)
    return
}

This Content-Type validation was added in go-sdk v1.4.1 as part of cross-origin protection. The current OSS repo uses go-sdk v1.3.1-pre which predates this check entirely (so there's no Content-Type validation to normalize for). When the go-sdk dependency is updated, mime.ParseMediaType will handle charset=utf-8 correctly without needing additional middleware.

@utafrali — are you currently able to reproduce this issue? If so, could you share what endpoint you're hitting and the exact error response? That would help us understand if there's something else going on beyond the Content-Type header parsing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

'Content-Type must be 'application/json' - when setting charset

2 participants

@utafrali @SamMorrowDrums