Skip to content

Add splash page for MCP Everything Server #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 27, 2025
Merged

Add splash page for MCP Everything Server #6

merged 2 commits into from
Aug 27, 2025

Conversation

@jerome3o-anthropic
Copy link
Member

@jerome3o-anthropic jerome3o-anthropic commented Aug 20, 2025

Summary

  • Added a comprehensive splash page at the root / endpoint
  • Implemented black and white theme matching MCP branding
  • Created responsive design that works on mobile and desktop

Changes

  • Added new src/static/index.html splash page with:
    • Server features overview (MCP support, transports, OAuth, scalability)
    • API endpoints documentation
    • Quick links to GitHub repository and MCP documentation
    • Clean, professional design matching MCP aesthetic
  • Added route handler in src/index.ts to serve the splash page at /

Test Plan

  • Verified splash page loads at http://localhost:3232/
  • Confirmed logo displays correctly via /mcp-logo.png endpoint
  • Tested responsive design on different screen sizes
  • Ran npm run build - builds successfully
  • Ran npm run lint - no linting errors
  • Ran npm test - all tests pass

🤖 Generated with Claude Code
@jerome3o-anthropic @claude
Add splash page for MCP Everything Server
3e81ec4 
Implemented a clean, informative splash page at the root endpoint that showcases: - Server features and capabilities - API endpoints documentation - Links to GitHub repository and MCP documentation - Black and white theme matching MCP branding - Responsive design for mobile and desktop The splash page provides users with an immediate overview of the server's functionality and serves as a landing page for the MCP Everything Server. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 20, 2025
View reviewed changes
src/index.ts
Comment on lines +171 to +174
app.get("/", (req, res) => {
const splashPath = path.join(__dirname, "static", "index.html");
res.sendFile(splashPath);
});

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
a file system access
Loading
, but is not rate-limited.

Copilot Autofix

AI 2 months ago

To fix the problem, we should add a rate-limiting middleware to the route handler for / (the splash page) in src/index.ts. The recommended approach is to use the well-known express-rate-limit package, which is compatible with Express and easy to configure. We will:

  • Import express-rate-limit at the top of the file.
  • Create a rate limiter instance with reasonable defaults (e.g., 100 requests per 15 minutes per IP).
  • Apply the rate limiter middleware to the / route only, so it does not affect other routes unnecessarily.
  • Ensure the fix is limited to the code shown, without changing existing functionality.
Suggested changeset 2
src/index.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply diff --git a/src/index.ts b/src/index.ts --- a/src/index.ts +++ b/src/index.ts @@ -2,6 +2,7 @@ import { AuthRouterOptions, getOAuthProtectedResourceMetadataUrl, mcpAuthRouter } from "@modelcontextprotocol/sdk/server/auth/router.js"; import cors from "cors"; import express from "express"; +import rateLimit from "express-rate-limit"; import path from "path"; import { fileURLToPath } from "url"; import { EverythingAuthProvider } from "./auth/provider.js"; @@ -15,6 +16,13 @@ const app = express(); +// Rate limiter for splash page +const splashLimiter = rateLimit({ + windowMs: 15 * 60 * 1000, // 15 minutes + max: 100, // limit each IP to 100 requests per windowMs + standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers + legacyHeaders: false, // Disable the `X-RateLimit-*` headers +}); // Get the directory of the current module const __filename = fileURLToPath(import.meta.url); const __dirname = path.dirname(__filename); @@ -168,7 +176,7 @@ }); // Splash page -app.get("/", (req, res) => { +app.get("/", splashLimiter, (req, res) => { const splashPath = path.join(__dirname, "static", "index.html"); res.sendFile(splashPath); }); EOF
@@ -2,6 +2,7 @@
import { AuthRouterOptions, getOAuthProtectedResourceMetadataUrl, mcpAuthRouter } from "@modelcontextprotocol/sdk/server/auth/router.js";
import cors from "cors";
import express from "express";
import rateLimit from "express-rate-limit";
import path from "path";
import { fileURLToPath } from "url";
import { EverythingAuthProvider } from "./auth/provider.js";
@@ -15,6 +16,13 @@

const app = express();

// Rate limiter for splash page
const splashLimiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100, // limit each IP to 100 requests per windowMs
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
});
// Get the directory of the current module
const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);
@@ -168,7 +176,7 @@
});

// Splash page
app.get("/", (req, res) => {
app.get("/", splashLimiter, (req, res) => {
const splashPath = path.join(__dirname, "static", "index.html");
res.sendFile(splashPath);
});
package.json
Outside changed files

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply diff --git a/package.json b/package.json --- a/package.json +++ b/package.json @@ -32,7 +32,8 @@ "cors": "^2.8.5", "dotenv": "^16.4.7", "express": "^4.21.2", - "raw-body": "^3.0.0" + "raw-body": "^3.0.0", + "express-rate-limit": "^8.0.1" }, "overrides": { "@types/express": "^5.0.0", EOF
@@ -32,7 +32,8 @@
"cors": "^2.8.5",
"dotenv": "^16.4.7",
"express": "^4.21.2",
"raw-body": "^3.0.0"
"raw-body": "^3.0.0",
"express-rate-limit": "^8.0.1"
},
"overrides": {
"@types/express": "^5.0.0",
This fix introduces these dependencies
Package Version Security advisories
express-rate-limit (npm) 8.0.1 None
Copilot is powered by AI and may make mistakes. Always verify output.
@jerome3o-anthropic jerome3o-anthropic committed this autofix suggestion 2 months ago.
@jerome3o-anthropic @claude
Update package-lock.json dependencies
0e50f08 
Refreshed package dependencies to ensure clean installation. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
@jerome3o-anthropic jerome3o-anthropic merged commit 4254bf3 into main Aug 27, 2025
3 of 4 checks passed
@bhosmer-ant bhosmer-ant mentioned this pull request Sep 24, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants

@jerome3o-anthropic