- Add intelligent URL detection supporting BASE_URL, PUBLIC_URL, and proxy headers
- Fix hardcoded localhost URLs in server console output
- Add hostname validation to prevent host header injection attacks
- Restrict URL schemes to http/https only (block javascript:, file://, etc.)
- Remove sensitive environment data from API responses
- Add GET endpoints (/, /mcp) for better API discovery
- Fix version inconsistency between server implementations
- Update HTTP bridge to use HOST/PORT environment variables
- Add comprehensive test scripts for URL configuration and security
This resolves issues #41 and #42 by making the HTTP server properly handle
deployment behind reverse proxies and adds critical security validations.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add TRUST_PROXY environment variable to enable proxy header trust
- Configure Express trust proxy in both HTTP server implementations
- Fix issue #19: Docker internal IPs logged instead of real client IPs
- Update documentation with reverse proxy configuration guide
- Add examples for nginx proxy header forwarding
- Maintain backward compatibility (disabled by default)
When TRUST_PROXY=1 is set, the server will correctly log client IPs
from X-Forwarded-For headers instead of proxy/container IPs.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Added warning about experimental remote server deployment
- Clarified HTTP bridge architecture in documentation
- Added deployment scenarios section explaining local vs remote options
- Enhanced troubleshooting with bridge-specific issues
- Created http-bridge.js for local HTTP testing
- Fixed HTTP server to include management tools in tools/list
The documentation now clearly explains:
- Why "node" command is used instead of "docker" (stdio bridge requirement)
- Three deployment scenarios with pros/cons
- How to test locally with Docker
- Bridge architecture (Claude Desktop → bridge → HTTP server)
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add comprehensive documentation for n8n API integration
- Document all 16 management tools available when configured
- Add environment variables N8N_API_URL and N8N_API_KEY
- Include security best practices for API key management
- Add examples of using n8n management tools
- Note version requirement (v2.7.1+) for Docker fix
- Correct tool counts (38 total: 22 documentation + 16 management)
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Updated README.md with clear setup instructions and recent updates
- Simplified Claude Desktop setup guide with troubleshooting
- Enhanced HTTP deployment guide for production use
- Streamlined troubleshooting guide with quick fixes
- Added mcp-http-client.js for Node.js 16 compatibility
- Fixed stdio mode console output corruption
Key improvements:
- Clear distinction between local and remote deployment
- Node.js 18+ requirement for mcp-remote clearly documented
- USE_FIXED_HTTP=true prominently featured for v2.3.2
- Production deployment best practices
- Multi-user service considerations
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Major documentation cleanup and updates:
Updates:
- Add USE_FIXED_HTTP=true to all Docker and HTTP deployment examples
- Update main README with v2.3.2 release notes and version badges
- Add HTTP server troubleshooting section for stream errors
- Update CHANGELOG with v2.3.1 and v2.3.2 entries
- Update all configuration examples (.env.example, docker-compose.yml)
- Add clear instructions for using the fixed HTTP implementation
Removed legacy documentation (11 files):
- Implementation plans that have been completed
- Architecture analysis documents
- Intermediate fix documentation
- Planning documents for features now implemented
- Duplicate SETUP.md (content merged into INSTALLATION.md)
The documentation now accurately reflects the current v2.3.2 state
with the complete HTTP server fix using USE_FIXED_HTTP=true.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
