Files
stevenlee-oai b5866eebd6 Persist Cloudflare affinity cookies for MCP HTTP (#29516)
[Codex Thread
019ef1f9-36e2-7e91-9337-504f097b9dc1](https://codex-thread-link.openai.chatgpt-team.site/thread/019ef1f9-36e2-7e91-9337-504f097b9dc1)

## Why

Hosted plugin-service Streamable HTTP MCP traffic uses
`https://chatgpt.com/backend-api/ps/mcp` and depends on Cloudflare's
`__cflb` cookie for load-balancer affinity. The local and exec-server
`http/request` path built a fresh reqwest client for each request
without installing Codex's existing shared ChatGPT Cloudflare cookie
store, so affinity could be lost between calls.

This is an affinity-hardening change motivated by an incident
investigation. It does not establish the broader connector-cache
incident RCA or claim to fix that incident in full.

## What changed

- Install the existing process-local, strictly allowlisted ChatGPT
Cloudflare cookie store on the reqwest client used by
`ReqwestHttpClient`.
- Fresh clients now share allowed Cloudflare infrastructure cookies
within the process that originates the local or exec-server network
request.
- Keep the existing HTTPS ChatGPT-host and Cloudflare-cookie-name
restrictions. This does not introduce a general cookie jar or send
ChatGPT Cloudflare cookies to unrelated hosts.

## Test coverage

- `codex-client` unit coverage verifies that the existing strict store
accepts and returns `__cflb` for HTTPS ChatGPT URLs.
- The exec-server HTTPS integration test sends four independent
`http/request` calls through a local TLS-intercepting proxy and verifies
that:
- `Set-Cookie: __cflb=west` is sent on the next plugin-service request;
  - a later `Set-Cookie: __cflb=central` replaces the stored value;
  - non-Cloudflare session cookies are discarded;
  - no stored ChatGPT Cloudflare cookie is sent to a non-ChatGPT host.
- `just test -p codex-client` โ€” 38 passed.
- `just test -p codex-exec-server --test chatgpt_cloudflare_affinity` โ€”
1 passed.
- `just bazel-lock-check` โ€” passed.

## Non-goals

- No persistence of ChatGPT auth, account, session, residency, or
arbitrary cookies.
- No cookie persistence for third-party MCP servers.
- No special composition of caller-provided `Cookie` headers.
- No plugin-service, connector-cache, Habitat/habicache, routing,
redirect, or API-contract changes.
- No broader incident RCA conclusions.
b5866eebd6 ยท 2026-06-26 02:23:24 -04:00
History
..

codex-client

Generic transport layer that wraps HTTP requests, retries, and streaming primitives without any Codex/OpenAI awareness.

  • Defines HttpTransport and a default ReqwestTransport plus thin Request/Response types.
  • Provides retry utilities (RetryPolicy, RetryOn, run_with_retry, backoff) that callers plug into for unary and streaming calls.
  • Supplies the sse_stream helper to turn byte streams into raw SSE data: frames with idle timeouts and surfaced stream errors.
  • Consumed by higher-level crates like codex-api; it stays neutral on endpoints, headers, or API-specific error shapes.