Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.codezero.io/llms.txt

Use this file to discover all available pages before exploring further.

Model Context Protocol (MCP) servers can use cordon to make authenticated API calls without holding credentials directly.

Node.js MCP servers

If you run cordon setup claude-code, Claude Code writes the proxy, CA bundle, and Node bootstrap env vars to its settings file. MCP servers launched by Claude Code inherit those values automatically. For manual per-server config, copy the proxy and CA vars from cordon env into the server’s env block. Node.js MCP servers also need the bootstrap loader from SDK Compatibility: 
{
  "mcpServers": {
    "my-server": {
      "command": "npx",
      "args": ["-y", "@some/mcp-server"],
      "env": {
        "HTTPS_PROXY": "http://127.0.0.1:<PORT>",
        "NODE_EXTRA_CA_CERTS": "/path/to/ca-cert.pem",
        "NODE_OPTIONS": "--import \"/absolute/path/to/@codezero-io/cordon/register.mjs\""
      }
    }
  }
}
Prefer cordon setup claude-code when possible. It writes an absolute register.mjs path automatically, so MCP servers do not depend on Node package resolution.

Python MCP servers

Python MCP servers using requests or httpx respect HTTPS_PROXY and HTTP_PROXY automatically. For HTTPS interception, copy the combined CA bundle vars emitted by cordon env: 
{
  "mcpServers": {
    "my-python-server": {
      "command": "python",
      "args": ["-m", "my_mcp_server"],
      "env": {
        "HTTPS_PROXY": "http://127.0.0.1:6790",
        "SSL_CERT_FILE": "/path/to/combined-ca.pem",
        "REQUESTS_CA_BUNDLE": "/path/to/combined-ca.pem"
      }
    }
  }
}
See Any tool (generic) for the full env-var contract, including lowercase proxy vars and CURL_CA_BUNDLE.

Other languages

Most HTTP clients in Go, Rust, and other languages respect the standard HTTPS_PROXY environment variable. Set the proxy env vars in the MCP server’s environment and ensure the CA certificate is trusted, either through cordon trust or a language-specific CA bundle variable.
Some languages require additional setup beyond setting environment variables. See the SDK Compatibility guide for a full compatibility matrix — notably Ruby’s net/http, Java’s java.net.http, and PHP’s curl_init() do not read proxy env vars by default.