happyz
/
llama.cpp
mirror of https://github.com/ggerganov/llama.cpp.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: include API key in CORS proxy requests for MCP connections (#21193) 

* fix: include API key in CORS proxy requests for MCP connections

When llama-server is started with --api-key-file and --webui-mcp-proxy,
the /cors-proxy endpoint requires authentication. The WebUI was not
including the Authorization header in proxy requests, causing MCP
connections to fail with 401.

Inject getAuthHeaders() into requestInit when useProxy is true so the
proxy request carries the Bearer token alongside the forwarded target
headers.

Fixes #21167

* fix: simplify headers assignment based on reviewer suggestion

Apply buildProxiedHeaders only when useProxy is true, pass headers
directly to the transport otherwise.
This commit is contained in:
SATISH K C 2026-03-31 03:52:34 -05:00 committed by GitHub
parent 4453e77561
commit fcc2d598c8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
tools/server/webui/src/lib/services/mcp.service.ts
View File

@ -42,6 +42,7 @@ import type {
import {
buildProxiedUrl,
buildProxiedHeaders,
getAuthHeaders,
throwIfAborted,
isAbortError,
createBase64DataUrl
@ -124,7 +125,14 @@ export class MCPService {
const requestInit: RequestInit = {};
if (config.headers) {
requestInit.headers = buildProxiedHeaders(config.headers);
requestInit.headers = config.useProxy ? buildProxiedHeaders(config.headers) : config.headers;
}
if (useProxy) {
requestInit.headers = {
...getAuthHeaders(),
...(requestInit.headers as Record<string, string>)
};
}
if (config.credentials) {