Skip to content

MCP Python SDK Protocol Version Initialize Handling Design Question #1456

New issue
New issue
Closed as duplicate of#1627
Closed as duplicate of#1627
MCP Python SDK Protocol Version Initialize Handling Design Question#1456
Labels
questionFurther information is requested
@younaman

Description

@younaman
younaman
opened on Oct 9, 2025

Question

Question Overview

The MCP Python SDK exhibits layered inconsistency in protocol version handling, requiring clarification from developers regarding the design intent.

Observed Phenomena

1. Session Layer Correct Implementation

# src/mcp/client/session.py:151-167
result = await self.send_request(
    types.ClientRequest(
        types.InitializeRequest(
            params=types.InitializeRequestParams(
                protocolVersion=types.LATEST_PROTOCOL_VERSION,  # ✅ Correctly sent
                capabilities=types.ClientCapabilities(...),
                clientInfo=self._client_info,
            ),
        )
    ),
    types.InitializeResult,
)

The session layer correctly sends protocol version information in MCP messages.

2. HTTP Transport Layer Missing Implementation

# src/mcp/client/streamable_http.py:102, 109-116
self.protocol_version = None  # Initially None

def _prepare_request_headers(self, base_headers: dict[str, str]) -> dict[str, str]:
    """Update headers with session ID and protocol version if available."""
    headers = base_headers.copy()
    if self.session_id:
        headers[MCP_SESSION_ID] = self.session_id
    if self.protocol_version:  # ⚠️ Condition not met, no HTTP header sent
        headers[MCP_PROTOCOL_VERSION] = self.protocol_version
    return headers

The HTTP transport layer does not send protocol version headers during initialization requests.

3. Server-Side Special Handling

# src/mcp/server/streamable_http.py:356-373
is_initialization_request = isinstance(message.root, JSONRPCRequest) and message.root.method == "initialize"

if is_initialization_request:
    # Initialization request: Skip HTTP header validation!
    pass
elif not await self._validate_request_headers(request, send):
    # Non-initialization requests: Validate HTTP headers (including protocol version)
    return

The server bypasses HTTP header protocol version validation for initialization requests.

📋 MCP Specification Requirements

According to the MCP specification:

"In the initialize request, the client MUST send a protocol version it supports. This SHOULD be the latest version supported by the client."

The specification clearly requires clients to send protocol version in initialize requests.

Design Questions

Inconsistent Layered Validation

Request Type HTTP Header Validation MCP Message Validation Result
Initialization Request ❌ Skipped ✅ Executed Inconsistent
Other Requests ✅ Executed ✅ Executed Consistent

Core Questions

  1. Why does MCP design HTTP header protocol version validation but then bypasses it for initialization requests?

  2. Is this design intentional with specific considerations?

  3. Should clients send protocol version in HTTP headers as well, even if the server skips validation?

  4. What is the design intent behind this "dual insertion" mechanism (HTTP headers + MCP messages)?

Question Summary

Is this inconsistent design intentional, or does it need to be fixed?

  • If intentional design, I will be very appreciated if maintainers could explian the design rationale for me.
  • If needs fix, please treated as a reported bug.

P.S. I am uncertain whether this is a design/implementation issue or a reasonable choice and would appreciate clarification and guidance from the development team.

Additional Context

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    questionFurther information is requested

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions