wp-mcp

wp-mcp
src
http

utils.ts•860 B

import { getEnv } from "./env"; export const checkSecureUrl = (url?: string): void => { const env = getEnv(); const allowedHostnames = ["localhost", "127.0.0.1", ...env.allowedHostnames]; if (!url) { throw new Error("URL is not defined"); } const secureUrl = new URL(url); // RFC 9728 (OAuth 2.0 Protected Resource Metadata) requires HTTPS for all URLs (Section 7.1), // with no localhost exemption specified. This implementation allows localhost for ease of testing. if ( secureUrl.protocol !== "https:" && !allowedHostnames.includes(secureUrl.hostname) ) { throw new Error("Secure URL must be HTTPS"); } if (secureUrl.hash) { throw new Error(`Secure URL must not have a fragment: ${secureUrl}`); } if (secureUrl.search) { throw new Error(`Secure URL must not have a query string: ${secureUrl}`); } };

Loading blob content...

Latest Blog Posts

Don't Use Large Strings as Cache Keys
By punkpeye on January 11, 2026.
markdown
node-js
cache
What are Claude Skills?
By punkpeye on January 10, 2026.
mcp
skills
How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/rnaga/wp-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

utils.ts•860 B