Merge commit from fork

* Add secure default for DNS rebinding, use in examples

* Update README examples to use createMcpExpressApp, bump to 1.23.0

- Update all server examples to use createMcpExpressApp() for secure defaults
- Rewrite DNS Rebinding Protection section to document new middleware approach
- Bump version from 1.23.0-beta.0 to 1.23.0

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* Add IPv6 support, allowedHosts option, and warning for unprotected servers

- Use native URL API to parse Host headers (handles IPv6 correctly)
- Add [::1] (IPv6 localhost) to localhostHostValidation
- Add ::1 to list of localhost hosts that get automatic protection
- Add allowedHosts option to createMcpExpressApp for custom host validation
- Warn when binding to 0.0.0.0 or :: without allowedHosts configured
- Add tests for IPv6 and allowedHosts functionality

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* Update remaining examples to use createMcpExpressApp and add DNS rebinding docs

- Update simpleTaskInteractive.ts, ssePollingExample.ts, and elicitationUrlExample.ts
  to use createMcpExpressApp() instead of express() + express.json()
- Add DNS rebinding protection section to docs/server.md explaining how to use
  createMcpExpressApp() and hostHeaderValidation middleware

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

---------

Co-authored-by: Claude <noreply@anthropic.com>

Author: pcarleton

docs/server.md

@@ -66,6 +66,34 @@ For a minimal “getting started” experience:
 
 For more detailed patterns (stateless vs stateful, JSON response mode, CORS, DNS rebind protection), see the examples above and the MCP spec sections on transports.
 
+## DNS rebinding protection
+
+MCP servers running on localhost are vulnerable to DNS rebinding attacks. Use `createMcpExpressApp()` to create an Express app with DNS rebinding protection enabled by default:
+
+```typescript
+import { createMcpExpressApp } from '@modelcontextprotocol/sdk/server/index.js';
+
+// Protection auto-enabled (default host is 127.0.0.1)
+const app = createMcpExpressApp();
+
+// Protection auto-enabled for localhost
+const app = createMcpExpressApp({ host: 'localhost' });
+
+// No auto protection when binding to all interfaces
+const app = createMcpExpressApp({ host: '0.0.0.0' });
+```
+
+For custom host validation, use the middleware directly:
+
+```typescript
+import express from 'express';
+import { hostHeaderValidation } from '@modelcontextprotocol/sdk/server/middleware/hostHeaderValidation.js';
+
+const app = express();
+app.use(express.json());
+app.use(hostHeaderValidation(['localhost', '127.0.0.1', 'myhost.local']));
+```
+
 ## Tools, resources, and prompts
 
 ### Tools

src/examples/server/elicitationFormExample.ts

@@ -8,11 +8,11 @@
 // to collect *sensitive* user input via a browser.
 
 import { randomUUID } from 'node:crypto';
-import cors from 'cors';
-import express, { type Request, type Response } from 'express';
+import { type Request, type Response } from 'express';
 import { McpServer } from '../../server/mcp.js';
 import { StreamableHTTPServerTransport } from '../../server/streamableHttp.js';
 import { isInitializeRequest } from '../../types.js';
+import { createMcpExpressApp } from '../../server/index.js';
 
 // Create MCP server - it will automatically use AjvJsonSchemaValidator with sensible defaults
 // The validator supports format validation (email, date, etc.) if ajv-formats is installed
@@ -320,16 +320,7 @@ mcpServer.registerTool(
 async function main() {
     const PORT = process.env.PORT ? parseInt(process.env.PORT, 10) : 3000;
 
-    const app = express();
-    app.use(express.json());
-
-    // Allow CORS for all domains, expose the Mcp-Session-Id header
-    app.use(
-        cors({
-            origin: '*',
-            exposedHeaders: ['Mcp-Session-Id']
-        })
-    );
+    const app = createMcpExpressApp();
 
     // Map to store transports by session ID
     const transports: { [sessionId: string]: StreamableHTTPServerTransport } = {};

src/examples/server/elicitationUrlExample.ts

@@ -11,6 +11,7 @@ import express, { Request, Response } from 'express';
 import { randomUUID } from 'node:crypto';
 import { z } from 'zod';
 import { McpServer } from '../../server/mcp.js';
+import { createMcpExpressApp } from '../../server/index.js';
 import { StreamableHTTPServerTransport } from '../../server/streamableHttp.js';
 import { getOAuthProtectedResourceMetadataUrl, mcpAuthMetadataRouter } from '../../server/auth/router.js';
 import { requireBearerAuth } from '../../server/auth/middleware/bearerAuth.js';
@@ -214,8 +215,7 @@ function completeURLElicitation(elicitationId: string) {
 const MCP_PORT = process.env.MCP_PORT ? parseInt(process.env.MCP_PORT, 10) : 3000;
 const AUTH_PORT = process.env.MCP_AUTH_PORT ? parseInt(process.env.MCP_AUTH_PORT, 10) : 3001;
 
-const app = express();
-app.use(express.json());
+const app = createMcpExpressApp();
 
 // Allow CORS all domains, expose the Mcp-Session-Id header
 app.use(

src/examples/server/jsonResponseStreamableHttp.ts

@@ -1,10 +1,10 @@
-import express, { Request, Response } from 'express';
+import { Request, Response } from 'express';
 import { randomUUID } from 'node:crypto';
 import { McpServer } from '../../server/mcp.js';
 import { StreamableHTTPServerTransport } from '../../server/streamableHttp.js';
 import * as z from 'zod/v4';
 import { CallToolResult, isInitializeRequest } from '../../types.js';
-import cors from 'cors';
+import { createMcpExpressApp } from '../../server/index.js';
 
 // Create an MCP server with implementation details
 const getServer = () => {
@@ -90,16 +90,7 @@ const getServer = () => {
     return server;
 };
 
-const app = express();
-app.use(express.json());
-
-// Configure CORS to expose Mcp-Session-Id header for browser-based clients
-app.use(
-    cors({
-        origin: '*', // Allow all origins - adjust as needed for production
-        exposedHeaders: ['Mcp-Session-Id']
-    })
-);
+const app = createMcpExpressApp();
 
 // Map to store transports by session ID
 const transports: { [sessionId: string]: StreamableHTTPServerTransport } = {};

src/examples/server/simpleSseServer.ts

@@ -1,8 +1,9 @@
-import express, { Request, Response } from 'express';
+import { Request, Response } from 'express';
 import { McpServer } from '../../server/mcp.js';
 import { SSEServerTransport } from '../../server/sse.js';
 import * as z from 'zod/v4';
 import { CallToolResult } from '../../types.js';
+import { createMcpExpressApp } from '../../server/index.js';
 
 /**
  * This example server demonstrates the deprecated HTTP+SSE transport
@@ -75,8 +76,7 @@ const getServer = () => {
     return server;
 };
 
-const app = express();
-app.use(express.json());
+const app = createMcpExpressApp();
 
 // Store transports by session ID
 const transports: Record<string, SSEServerTransport> = {};

src/examples/server/simpleStatelessStreamableHttp.ts

@@ -1,9 +1,9 @@
-import express, { Request, Response } from 'express';
+import { Request, Response } from 'express';
 import { McpServer } from '../../server/mcp.js';
 import { StreamableHTTPServerTransport } from '../../server/streamableHttp.js';
 import * as z from 'zod/v4';
 import { CallToolResult, GetPromptResult, ReadResourceResult } from '../../types.js';
-import cors from 'cors';
+import { createMcpExpressApp } from '../../server/index.js';
 
 const getServer = () => {
     // Create an MCP server with implementation details
@@ -96,16 +96,7 @@ const getServer = () => {
     return server;
 };
 
-const app = express();
-app.use(express.json());
-
-// Configure CORS to expose Mcp-Session-Id header for browser-based clients
-app.use(
-    cors({
-        origin: '*', // Allow all origins - adjust as needed for production
-        exposedHeaders: ['Mcp-Session-Id']
-    })
-);
+const app = createMcpExpressApp();
 
 app.post('/mcp', async (req: Request, res: Response) => {
     const server = getServer();

src/examples/server/simpleStreamableHttp.ts

@@ -1,10 +1,11 @@
-import express, { Request, Response } from 'express';
+import { Request, Response } from 'express';
 import { randomUUID } from 'node:crypto';
 import * as z from 'zod/v4';
 import { McpServer } from '../../server/mcp.js';
 import { StreamableHTTPServerTransport } from '../../server/streamableHttp.js';
 import { getOAuthProtectedResourceMetadataUrl, mcpAuthMetadataRouter } from '../../server/auth/router.js';
 import { requireBearerAuth } from '../../server/auth/middleware/bearerAuth.js';
+import { createMcpExpressApp } from '../../server/index.js';
 import {
     CallToolResult,
     ElicitResultSchema,
@@ -20,8 +21,6 @@ import { setupAuthServer } from './demoInMemoryOAuthProvider.js';
 import { OAuthMetadata } from '../../shared/auth.js';
 import { checkResourceAllowed } from '../../shared/auth-utils.js';
 
-import cors from 'cors';
-
 // Check for OAuth flag
 const useOAuth = process.argv.includes('--oauth');
 const strictOAuth = process.argv.includes('--oauth-strict');
@@ -507,16 +506,7 @@ const getServer = () => {
 const MCP_PORT = process.env.MCP_PORT ? parseInt(process.env.MCP_PORT, 10) : 3000;
 const AUTH_PORT = process.env.MCP_AUTH_PORT ? parseInt(process.env.MCP_AUTH_PORT, 10) : 3001;
 
-const app = express();
-app.use(express.json());
-
-// Allow CORS all domains, expose the Mcp-Session-Id header
-app.use(
-    cors({
-        origin: '*', // Allow all origins
-        exposedHeaders: ['Mcp-Session-Id']
-    })
-);
+const app = createMcpExpressApp();
 
 // Set up OAuth if enabled
 let authMiddleware = null;

src/examples/server/simpleTaskInteractive.ts

@@ -9,9 +9,9 @@
  * creates a task, and the result is fetched via tasks/result endpoint.
  */
 
-import express, { Request, Response } from 'express';
+import { Request, Response } from 'express';
 import { randomUUID } from 'node:crypto';
-import { Server } from '../../server/index.js';
+import { createMcpExpressApp, Server } from '../../server/index.js';
 import { StreamableHTTPServerTransport } from '../../server/streamableHttp.js';
 import {
     CallToolResult,
@@ -630,8 +630,7 @@ const createServer = (): Server => {
 // Express App Setup
 // ============================================================================
 
-const app = express();
-app.use(express.json());
+const app = createMcpExpressApp();
 
 // Map to store transports by session ID
 const transports: { [sessionId: string]: StreamableHTTPServerTransport } = {};

src/examples/server/sseAndStreamableHttpCompatibleServer.ts

@@ -1,12 +1,12 @@
-import express, { Request, Response } from 'express';
+import { Request, Response } from 'express';
 import { randomUUID } from 'node:crypto';
 import { McpServer } from '../../server/mcp.js';
 import { StreamableHTTPServerTransport } from '../../server/streamableHttp.js';
 import { SSEServerTransport } from '../../server/sse.js';
 import * as z from 'zod/v4';
 import { CallToolResult, isInitializeRequest } from '../../types.js';
 import { InMemoryEventStore } from '../shared/inMemoryEventStore.js';
-import cors from 'cors';
+import { createMcpExpressApp } from '../../server/index.js';
 
 /**
  * This example server demonstrates backwards compatibility with both:
@@ -71,16 +71,7 @@ const getServer = () => {
 };
 
 // Create Express application
-const app = express();
-app.use(express.json());
-
-// Configure CORS to expose Mcp-Session-Id header for browser-based clients
-app.use(
-    cors({
-        origin: '*', // Allow all origins - adjust as needed for production
-        exposedHeaders: ['Mcp-Session-Id']
-    })
-);
+const app = createMcpExpressApp();
 
 // Store transports by session ID
 const transports: Record<string, StreamableHTTPServerTransport | SSEServerTransport> = {};

src/examples/server/ssePollingExample.ts

@@ -12,9 +12,10 @@
  * Run with: npx tsx src/examples/server/ssePollingExample.ts
  * Test with: curl or the MCP Inspector
  */
-import express, { Request, Response } from 'express';
+import { Request, Response } from 'express';
 import { randomUUID } from 'node:crypto';
 import { McpServer } from '../../server/mcp.js';
+import { createMcpExpressApp } from '../../server/index.js';
 import { StreamableHTTPServerTransport } from '../../server/streamableHttp.js';
 import { CallToolResult } from '../../types.js';
 import { InMemoryEventStore } from '../shared/inMemoryEventStore.js';
@@ -103,7 +104,7 @@ server.tool(
 );
 
 // Set up Express app
-const app = express();
+const app = createMcpExpressApp();
 app.use(cors());
 
 // Create event store for resumability
@@ -112,8 +113,8 @@ const eventStore = new InMemoryEventStore();
 // Track transports by session ID for session reuse
 const transports = new Map<string, StreamableHTTPServerTransport>();
 
-// Handle all MCP requests - use express.json() only for this route
-app.all('/mcp', express.json(), async (req: Request, res: Response) => {
+// Handle all MCP requests
+app.all('/mcp', async (req: Request, res: Response) => {
     const sessionId = req.headers['mcp-session-id'] as string | undefined;
 
     // Reuse existing transport or create new one