ClinicalTrials.gov MCP Server

Apache 2.0

230

sessionIdUtils.ts.html•10.4 kB

<!doctype html> <html lang="en"> <head> <title>Code coverage report for src/mcp-server/transports/http/sessionIdUtils.ts</title> <meta charset="utf-8" /> <link rel="stylesheet" href="../../../../prettify.css" /> <link rel="stylesheet" href="../../../../base.css" /> <link rel="shortcut icon" type="image/x-icon" href="../../../../favicon.png" /> <meta name="viewport" content="width=device-width, initial-scale=1" /> <style type='text/css'> .coverage-summary .sorter { background-image: url(../../../../sort-arrow-sprite.png); } </style> </head> <body> <div class='wrapper'> <div class='pad1'> <h1><a href="../../../../index.html">All files</a> / <a href="index.html">src/mcp-server/transports/http</a> sessionIdUtils.ts</h1> <div class='clearfix'> <div class='fl pad1y space-right2'> <span class="strong">73.33% </span> <span class="quiet">Statements</span> <span class='fraction'>11/15</span> </div> <div class='fl pad1y space-right2'> <span class="strong">66.66% </span> <span class="quiet">Branches</span> <span class='fraction'>2/3</span> </div> <div class='fl pad1y space-right2'> <span class="strong">100% </span> <span class="quiet">Functions</span> <span class='fraction'>2/2</span> </div> <div class='fl pad1y space-right2'> <span class="strong">73.33% </span> <span class="quiet">Lines</span> <span class='fraction'>11/15</span> </div> </div> <p class="quiet"> Press <em>n</em> or <em>j</em> to go to the next uncovered block, <em>b</em>, <em>p</em> or <em>k</em> for the previous block. </p> <template id="filterTemplate"> <div class="quiet"> Filter: <input type="search" id="fileSearch"> </div> </template> </div> <div class='status-line medium'></div> <pre><table class="coverage"> <tr><td class="line-count quiet"><a name='L1'></a><a href='#L1'>1</a> <a name='L2'></a><a href='#L2'>2</a> <a name='L3'></a><a href='#L3'>3</a> <a name='L4'></a><a href='#L4'>4</a> <a name='L5'></a><a href='#L5'>5</a> <a name='L6'></a><a href='#L6'>6</a> <a name='L7'></a><a href='#L7'>7</a> <a name='L8'></a><a href='#L8'>8</a> <a name='L9'></a><a href='#L9'>9</a> <a name='L10'></a><a href='#L10'>10</a> <a name='L11'></a><a href='#L11'>11</a> <a name='L12'></a><a href='#L12'>12</a> <a name='L13'></a><a href='#L13'>13</a> <a name='L14'></a><a href='#L14'>14</a> <a name='L15'></a><a href='#L15'>15</a> <a name='L16'></a><a href='#L16'>16</a> <a name='L17'></a><a href='#L17'>17</a> <a name='L18'></a><a href='#L18'>18</a> <a name='L19'></a><a href='#L19'>19</a> <a name='L20'></a><a href='#L20'>20</a> <a name='L21'></a><a href='#L21'>21</a> <a name='L22'></a><a href='#L22'>22</a> <a name='L23'></a><a href='#L23'>23</a> <a name='L24'></a><a href='#L24'>24</a> <a name='L25'></a><a href='#L25'>25</a> <a name='L26'></a><a href='#L26'>26</a> <a name='L27'></a><a href='#L27'>27</a> <a name='L28'></a><a href='#L28'>28</a> <a name='L29'></a><a href='#L29'>29</a> <a name='L30'></a><a href='#L30'>30</a> <a name='L31'></a><a href='#L31'>31</a> <a name='L32'></a><a href='#L32'>32</a> <a name='L33'></a><a href='#L33'>33</a> <a name='L34'></a><a href='#L34'>34</a> <a name='L35'></a><a href='#L35'>35</a> <a name='L36'></a><a href='#L36'>36</a> <a name='L37'></a><a href='#L37'>37</a> <a name='L38'></a><a href='#L38'>38</a> <a name='L39'></a><a href='#L39'>39</a> <a name='L40'></a><a href='#L40'>40</a> <a name='L41'></a><a href='#L41'>41</a> <a name='L42'></a><a href='#L42'>42</a> <a name='L43'></a><a href='#L43'>43</a> <a name='L44'></a><a href='#L44'>44</a> <a name='L45'></a><a href='#L45'>45</a> <a name='L46'></a><a href='#L46'>46</a> <a name='L47'></a><a href='#L47'>47</a> <a name='L48'></a><a href='#L48'>48</a> <a name='L49'></a><a href='#L49'>49</a> <a name='L50'></a><a href='#L50'>50</a> <a name='L51'></a><a href='#L51'>51</a> <a name='L52'></a><a href='#L52'>52</a> <a name='L53'></a><a href='#L53'>53</a> <a name='L54'></a><a href='#L54'>54</a> <a name='L55'></a><a href='#L55'>55</a> <a name='L56'></a><a href='#L56'>56</a></td><td class="line-coverage quiet"><span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-yes">1x</span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-yes">1x</span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-yes">1x</span> <span class="cline-any cline-yes">2x</span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-yes">2x</span> <span class="cline-any cline-yes">2x</span> <span class="cline-any cline-yes">2x</span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-no"> </span> <span class="cline-any cline-no"> </span> <span class="cline-any cline-no"> </span> <span class="cline-any cline-no"> </span> <span class="cline-any cline-yes">2x</span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-yes">1x</span> <span class="cline-any cline-neutral"> </span> <span class="cline-any cline-yes">28x</span> <span class="cline-any cline-yes">28x</span> <span class="cline-any cline-neutral"> </span></td><td class="text"><pre class="prettyprint lang-js">/** * @fileoverview Utilities for generating and validating cryptographically secure session IDs. * @module src/mcp-server/transports/http/sessionIdUtils */ import { randomBytes } from 'crypto';   import { runtimeCaps } from '@/utils/internal/runtime.js';   /** * Generates a cryptographically secure session ID. * * Uses 32 bytes (256 bits) of entropy, which provides sufficient security * for session identification per OWASP guidelines. * * @returns A 64-character hexadecimal session ID * * @example * ```typescript * const sessionId = generateSecureSessionId(); * // Returns: "a1b2c3d4e5f6...048" (64 hex characters) * ``` */ export function generateSecureSessionId(): string { if (runtimeCaps.isNode && runtimeCaps.hasBuffer) { // Node.js environment - use crypto.randomBytes const bytes = randomBytes(32); // 256 bits return bytes.toString('hex'); <span class="branch-0 cbranch-no" title="branch not covered" > } else {</span> // Worker/Browser environment - use Web Crypto API <span class="cstat-no" title="statement not covered" > const bytes = new Uint8Array(32);</span> <span class="cstat-no" title="statement not covered" > crypto.getRandomValues(bytes);</span> <span class="cstat-no" title="statement not covered" > return Array.from(bytes, (b) => b.toString(16).padStart(2, '0')).join('');</span> <span class="cstat-no" title="statement not covered" > }</span> }   /** * Validates a session ID format. * * Session IDs must be exactly 64 hexadecimal characters (representing 32 bytes). * This validation helps prevent injection attacks and ensures consistency. * * @param sessionId - The session ID to validate * @returns True if the session ID has a valid format, false otherwise * * @example * ```typescript * validateSessionIdFormat('abc123'); // false - too short * validateSessionIdFormat('g1h2...'); // false - invalid hex * validateSessionIdFormat('a1b2c3...048'); // true - 64 hex chars * ``` */ export function validateSessionIdFormat(sessionId: string): boolean { // Must be exactly 64 hexadecimal characters (32 bytes) return /^[a-f0-9]{64}$/.test(sessionId); }  </pre></td></tr></table></pre> <div class='push'></div> </div> <div class='footer quiet pad2 space-top1 center small'> Code coverage generated by <a href="https://istanbul.js.org/" target="_blank" rel="noopener noreferrer">istanbul</a> at 2025-10-15T17:09:47.939Z </div> <script src="../../../../prettify.js"></script> <script> window.onload = function () { prettyPrint(); }; </script> <script src="../../../../sorter.js"></script> <script src="../../../../block-navigation.js"></script> </body> </html>

Latest Blog Posts

OpenTelemetry for Model Context Protocol (MCP) Analytics and Agent Observability
By Om-Shree-0709 on .
observability
mcp
opentelemetry
Securing Enterprise AI Agents with Unique Identities in the Model Context Protocol (MCP)
By Om-Shree-0709 on .
When Your Year of Work Gets Copied Overnight: What Actually Matters?
By punkpeye on .
startups

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/cyanheads/clinicaltrialsgov-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server