Default draft protocol support: sessionless + handshake-less (SEP-2575 + SEP-2567)

[halter73]

Summary

Implements the draft MCP protocol revision (2026-07-28) in the C# SDK — removing the initialize handshake and Mcp-Session-Id per SEP-2575 and SEP-2567, while preserving back-compat with legacy clients/servers via probe-and-fallback negotiation.

Stacked on the now-merged #1458 (MRTR). Opt in to draft by setting ProtocolVersion = McpSessionHandler.DraftProtocolVersion.

What's in

Protocol

• DraftProtocolVersion value set to "2026-07-28" (spec string, replaces MRTR's "DRAFT-2026-v1" placeholder).
• server/discover registered on every server; serves as the bootstrap mechanism (clients send it first under draft).
• Per-request _meta.io.modelcontextprotocol/protocolVersion is validated server-side; unsupported versions return -32004 UnsupportedProtocolVersionError with {supported, requested} data.
• ttlMs + cacheScope added to DiscoverResult per spec PR #2855; defaults to ttlMs: 0 + cacheScope: "private" under draft (immediate-stale, not shareable) for safe back-compat behavior.

Transport

• HttpServerTransportOptions.Stateless defaults to true for new code.
• Stateful-only knobs (EventStreamStore, SessionMigrationHandler, PerSessionExecutionContext, IdleTimeout, MaxIdleSessionCount, plus ISseEventStreamStore / ISessionMigrationHandler) are marked [Obsolete(MCP9005)] — see docs/list-of-diagnostics.md.
• Under draft + no session-id, the HTTP handler forces stateless per request.

Client negotiation

• HTTP fallback: client sends draft request first. On 400 Bad Request it parses the body — modern JSON-RPC errors (-32004, -32003, -32001) surface as McpProtocolException to the caller; any other JSON-RPC error (legacy -32600, -32601, -32700, parse fail, empty body) → switch to legacy and initialize. Matches spec PR #2844 ("the fallback MUST NOT be keyed to a single error code").
• Stdio fallback: client probes with server/discover first. DiscoverResult → modern. -32004 with shaped data → retry with supported[]. Anything else, or silence past the 5-second probe timeout → fall back to initialize on the same stdin/stdout (no process restart per spec).
• AutoDetectingClientSessionTransport now recognizes JSON-RPC error envelopes in HTTP 400 bodies; adopts StreamableHttp instead of silently falling back to SSE on modern-error responses.

Public API

• McpClientOptions.MinProtocolVersion : string? — when set, the client refuses to fall back below this version and surfaces a clear McpException instead. Useful for strict-modern production code and for tests that want to assert draft-only behavior.

What's tested

• Existing draft & MRTR coverage: all 51 draft/MRTR/raw-stream tests green.
• New raw conformance tests:
  • tests/ModelContextProtocol.Tests/Server/RawStreamConformanceTests.cs — drives McpServer directly via paired Pipe streams without McpClient. 5 tests covering server/discover first, draft tools/call after no init, -32004 on unsupported version, legacy initialize still works, dual-era dispatch on the same stream.
  • tests/ModelContextProtocol.AspNetCore.Tests/RawHttpConformanceTests.cs — drives the C# server with raw HttpClient against in-memory Kestrel. 5 tests covering draft tools/call with full _meta, raw server/discover, -32004 on unsupported MCP-Protocol-Version header, legacy initialize on the default (stateless+draft) server, and GET /mcp returning 405 when not stateful.
• New HTTP fallback regression tests (tests/ModelContextProtocol.AspNetCore.Tests/DraftHttpFallbackTests.cs): three Kestrel-in-memory cases covering Python-shape (-32600 legacy error), Go-shape (-32004 with supported data), and HeaderMismatch-shape (-32001) on real HTTP. Plus null-id parser tests and HeaderMismatch passthrough test on the in-memory transport.
• HTTP+draft → stateless migration: tests that relied on stateful HTTP for legacy coverage (notably HttpTaskIntegrationTests) now explicitly opt into Stateless = false.
• Cross-suite status at tip d9277e0c:
  • Core (ModelContextProtocol.Tests, net9.0, excluding env-dependent ClientIntegrationTests / DockerEverythingServerTests and the env-quirk-only StdioClientTransportTests.EscapesCliArgumentsCorrectly which depends on local PATH/CMD.EXE config): 2052 passed / 4 skipped. The full suite reports 72 fails for EscapesCliArgumentsCorrectly, all on a parameterized test that's git diff origin/main..HEAD = 0 (i.e. unchanged in this PR); CI on main is green.
  • AspNetCore (ModelContextProtocol.AspNetCore.Tests, net9.0): 482 passed / 3 failed / 29 skipped. The 3 failures are all pre-existing on main: Server_RejectsInvalidUtf8EncodedHeaderValue, RunConformanceTest_Sep2243("http-custom-headers") (the SEP-2243 finding below), and RunCachingConformanceTest (parallel-run port collision; passes in 1s in isolation).

Cross-SDK compatibility (Phase 7 + Phase 11d)

Validated against the other Tier-1 SDKs (TypeScript, Python, Go) in their current main / draft-branch states. Wire-trace artifacts kept in this branch's session state.

C# direction	Peer	Transport	Status
→ TS draft (PR #2251 sep-2575-2567-draft-protocol)	http	PASS — draft handshake-less, tools/list succeeds
→ Python simple-streamablehttp-stateless (origin/main)	http	PASS — C# probes draft, recognizes -32600, falls back to legacy initialize, negotiates 2025-06-18
→ Python simple-tool (origin/main)	stdio	PASS — C# probes server/discover, gets -32601, falls back to initialize on the same stdin/stdout, negotiates 2025-06-18
→ Go vanilla HTTP (origin/main, AutoDetect default)	http	PASS — AutoDetect recognizes -32004 in 400 body, adopts StreamableHttp, retries legacy initialize with 2025-11-25, lists 10 tools
→ Go vanilla stdio (origin/main, after PR #987)	stdio	PASS — Go responds to server/discover natively; C# negotiates down to 2025-11-25
→ Go draft fork (compat/go-draft-fork with version-string + exported opt-in patches)	both	PASS — full modern draft session end-to-end
← TS draft client	both	PASS — C# server serves server/discover and tools/list
← Go draft fork client	both	PASS
← Python simple-tool client	stdio	PASS — Python sends legacy initialize with max 2025-06-18; C# server (stateless default) serves single-shot legacy session

α-findings fixed in this PR (post-cross-SDK testing)

Commit	Fix
ccdd4223	Accept null-id JSON-RPC error responses per spec §5.1 (Python's simple-streamablehttp-stateless returns id: null on errors before the request id can be determined).
00d57f71	Surface any JSON-RPC error in HTTP 400 body as McpProtocolException per spec PR #2844 (not just modern -32004/-32003) so the connect-time fallback chain can dispatch on the error code.
276bde45	Surface HeaderMismatch (-32001) instead of falling back to legacy initialize.
3778e00e	AutoDetectingClientSessionTransport now recognizes JSON-RPC error envelopes in HTTP 400 bodies; adopts StreamableHttp instead of silently falling back to SSE.

β-findings (peer-SDK issues, informational)

• β-TS-1 — TS draft client (compat/ts-draft) doesn't yet emit Mcp-Method / Mcp-Name headers (the fix is on a different branch). Closure awaits upstream merge.
• β-PY-1 — partially closed; Python main no longer crashes on draft probe, now returns clean JSON-RPC error envelope.
• β-GO-1, β-GO-2 — Go origin/main still uses 2026-06-30 version string and unexported ClientSessionOptions.protocolVersion. Documented; patches applied locally for cross-SDK testing only.

Conformance suite (Phase 12)

Ran the upstream @modelcontextprotocol/conformance suite against the C# SDK. Two tracks:

Track A — bump the published npm pin

Bumped tests/Common/Utils/package.json from 0.1.16 → 0.2.0-alpha.2 (d539e7fd). This activates 5 previously-gated test classes (ClientConformanceTests.RunConformanceTest_Sep2243, ServerConformanceTests.RunConformanceTest_HttpHeaderValidation, ServerConformanceTests.RunConformanceTest_HttpCustomHeaderServerValidation, ServerConformanceTests.RunMrtrConformanceTest, CachingConformanceTests.RunCachingConformanceTest).

Because 0.2.0-alpha.2 still emits the placeholder wire version DRAFT-2026-v1 (the spec-aligned 2026-07-28 only landed in unpublished alpha.3), a wire-version-match gate (HasMatchingDraftWireVersion() in tests/Common/Utils/NodeHelpers.cs, commit f3698c71) is ANDed into each draft-only HasXxx skip predicate so the 14 draft-scenario rows skip cleanly under the published alpha.2 instead of failing with mismatched-string assertions.

Track B — local build of compat/conformance-draft

Assembled a local compat/conformance-draft branch in modelcontextprotocol/conformance (tip 50ad0fa) by merging the following SEP-relevant open PRs on top of main:

• #336 — stateless error-code expectations (-32001 / -32004)
• #262 — Tasks (SEP-2663) MRTR scenarios
• #333 — SEP-2567 sessionless suite

#310 (SEP-2549 absence-assert) was skipped — too-deep conflict with main's RunContext refactor (PRs #319 / #317 / #321 / #318). Deferred to a follow-up.

Installed locally with npm install --no-save H:\modelcontextprotocol\conformance. ⚠️ Note: npm ci reverts to pinned alpha.2; reviewers reproducing locally must re-run the path-install after dependency restore. Flipped 3 --spec-version DRAFT-2026-v1 references in ServerConformanceTests.cs + 1 in CachingConformanceTests.cs to 2026-07-28 (commit d9277e0c), and renamed 6 tools + 1 prompt in IncompleteResultTools.cs / IncompleteResultPrompts.cs to match conformance's rename of incomplete-result-* → input-required-result-* (mirrors the SDK's MRTR IncompleteResult → InputRequiredResult rename).

Outcome (serial run on stateless HTTP):

Result	Count	Notes
PASS	19	including all 14 MRTR input-required-result-* scenarios — the tampered-state (HMAC-protected requestState) and capability-check (per-request capability-aware inputRequest gating) rows are now implemented in ConformanceServer and un-skipped — plus both Sep2243.http-{standard,invalid-tool}-headers and Caching
FAIL	0	—
SKIP / N-A	1	ClientConformanceTests.RunConformanceTest_Sep2243("http-custom-headers") — not a C# bug: the harness scenario puts x-mcp-header on a type: "number" parameter, which SEP-2243 forbids (the spec's earlier self-contradiction was resolved against number upstream in modelcontextprotocol/modelcontextprotocol#2863). The C# client correctly excludes the malformed tool, so no Mcp-Param-* headers are sent. Stays skipped until a conformant package ships; tracked in #1655.

Modes: only stateless HTTP exercised so far. Stateful HTTP and stdio modes deferred to a follow-up — Track B already validates draft conformance on the most important transport, and the published-pin gate (Track A) ensures CI on pinned alpha.2 keeps working without local conformance-build dependencies.

Parallel-run flakiness: CachingConformanceTest shows a port-pool collision (port 301x range) under parallel xUnit collections; passes consistently in isolation in under 2 s. Documented as known-flaky-in-parallel; the test suite was not switched to serial.

Out of scope

• The Tasks extension (SEP-2663) shipped in Implement SEP-2663 Tasks Extension #1579 (merged); this PR rebases on top of it.
• Legacy protocol types (InitializeRequestParams, Mcp-Session-Id constants, PingRequestParams, …) are still current in 2025-11-25 and remain un-obsoleted in this PR.
• HTTP+SSE (2024-11-05) transport stays mapped under /sse and /message for legacy back-compat.

Resolved during review (originally punted, now done in this PR)

• HeaderMismatch (-32001) validation — the server already compared the HTTP MCP-Protocol-Version header against the body _meta.io.modelcontextprotocol/protocolVersion, but threw -32602 InvalidParams. A draft client's server/discover probe treats any non-modern error (including InvalidParams) as a legacy signal and falls back to initialize, so a modern server detecting a genuine mismatch was misread as legacy. It now emits -32001 HeaderMismatch — the code the client recognizes as a modern-server signal — with a RawHttpConformanceTests regression.
• The two previously-skipped MRTR conformance scenarios (input-required-result-tampered-state HMAC + input-required-result-capability-check per-request gating) are now implemented in ConformanceServer and un-skipped (14/14 RunMrtrConformanceTest pass against the local compat/conformance-draft build), with in-process wire-level regressions in MrtrProtocolTests.

Punted to follow-up PRs

• Draft request with stray mcp-session-id header: server returns 400 rather than silently ignoring it. This is the deliberate choice — rejecting surfaces the client bug, and SEP-2567 removes the header from the draft revision so "ignore" is a robustness option, not a requirement. Not tracking (closed Draft server: validate body/header protocolVersion mismatch and no-op stray Mcp-Session-Id #1654).
• IsStatefulSession() gate review in McpServerImpl.IsMrtrSupported (the existing TODO from the MRTR PR) — tracked in Draft follow-up tidy-ups: configurable stdio probe timeout + IsStatefulSession/IsMrtrSupported gate review #1652.
• Configurable stdio probe timeout (currently hard-coded to 5 s); needs new public API — tracked in Draft follow-up tidy-ups: configurable stdio probe timeout + IsStatefulSession/IsMrtrSupported gate review #1652.
• C# client Mcp-Param-* header emission for x-mcp-header on type: "number" parameters: no change — SEP-2243 forbids number (resolved upstream in (chore): sep-to-spec consistency pass modelcontextprotocol#2863), so the harness http-custom-headers scenario is the non-conformant party. Tracked in Upstream conformance harness: http-custom-headers tests float x-mcp-header (forbidden by SEP-2243) #1655 (re-enable the xunit case once upstream ships a conformant package).
• Conformance suite Track B coverage extensions: (1) stateful HTTP + stdio modes, (2) reinstate SEP-2549 absence-assert (#310) after the conformance RunContext refactor settles, (3) file upstream issue for missing server/discover standalone scenario — tracked in Conformance Track B: stateful HTTP/stdio modes, SEP-2549 absence-assert, remaining MRTR scenarios #1653.

[mikekistler]

Looks good! 👍

Copilot found a few things worth mentioning. I'll leave it to you to decide if any of these require changes.

[tarekgh]

re marked [Obsolete(MCP9005)] — see docs/list-of-diagnostics.md.

Note that I have the same diagnostic ID in my PR too #1651. If we want to have a different Ids, either you change it or I can change it in my PR. Let me know what work better for you.

[tarekgh]

On defaulting HttpServerTransportOptions.Stateless = true

Flagging the new Stateless = true default as the highest-impact change for existing AspNetCore server hosts: it silently disables server-initiated requests (sampling, elicitation, roots) and the SSE GET endpoint for any host that doesn't explicitly set Stateless = false. I want to suggest an alternative that removes the breaking change while keeping the draft/stateless direction for new code.

The statefulness decision is already per-connection

In StreamableHttpHandler.GetOrCreateSessionAsync, each new connection already branches on the peer:

• Draft request (MCP-Protocol-Version: 2026-07-28, no Mcp-Session-Id) is forced stateless via forceStateless: true, ignoring the option.
• Everything else (legacy initialize) uses HttpServerTransportOptions.Stateless.

So the server can already tell a draft peer from a legacy peer at session-creation time (the draft header is absent on a legacy initialize). The static = true default only changes the legacy branch, which is exactly the branch that breaks existing consumers.

Suggestion: an auto-default keyed to the negotiated revision

Make Stateless a bool? defaulting to null meaning "auto":

• Draft peer -> stateless (as today).
• Legacy peer -> stateful (preserves back-compat).
• Explicit true/false still overrides in either direction.

This reuses the dispatch hook that already exists, makes the breaking change disappear for legacy server hosts, and still defaults new draft clients to the sessionless model. The cost is that bool -> bool? is itself a (smaller, source-compatible) API change, and "auto" is slightly less obvious to reason about than a fixed bool.

Alternative: default from the server's own capabilities

Default stateless only when the server has nothing that needs a back-channel (no sampling/elicitation/roots handlers, no IdleTimeout/EventStreamStore), and default stateful otherwise. This is closer to "does this server need server-initiated requests," but it can still surprise a host that relies on session-scoped state (per-session DI, idle eviction) without using bidirectional features.

Tradeoff summary

• Static true (current PR): simplest, pushes the ecosystem hardest toward stateless, at the cost of a real breaking change for legacy server hosts.
• bool? auto-default keyed to the peer revision: removes the breaking change, matches the per-request model already in the handler, best balance in my opinion.
• Capability-based default: intent-aware, but can silently drop session-scoped behaviors that don't involve a back-channel.

My preference is the bool? auto-default.

[tarekgh]

I have added a few comments will be good if you consider them. LGTM otherwise.