What is Cursor and who makes it?

Cursor is an AI-first code editor built by Anysphere, founded in 2022 by Michael Truell, Sualeh Asif, Arvid Lunnemark, and Aman Sanger (all former MIT alumni). Cursor is forked from VS Code, meaning it inherits the entire VS Code extension ecosystem while adding proprietary AI features: tab completion, Agent mode, Composer multi-file editing, and Cursor-specific MCP integration. Anysphere raised a $500M Series C in 2024 that valued the company at $2.5B, and by late 2025 had reportedly reached a $900M ARR run rate. Cursor is used by 1M+ developers and has been adopted internally by OpenAI, Shopify, Perplexity, and Midjourney. It supports Claude 3.5 Sonnet, Claude 4 Sonnet, GPT-4o, GPT-4o mini, DeepSeek-V3, and Cursor's own proprietary "cursor-small" and "cursor-fast" models.

Why would I need to configure a proxy with Cursor?

There are six major reasons: (1) Corporate networks: enterprise firewalls like Zscaler and Blue Coat force all outbound traffic through an HTTP proxy. Without configuring Cursor to use it, model calls and tab completions fail silently. (2) Privacy from ISP inspection: some ISPs inspect or log coding traffic; tunneling Cursor through a mobile carrier IP hides that traffic. (3) Geo-testing: the Cursor agent can browse/fetch through a country-specific proxy to test region-specific features. (4) Clean IPs for API routing: when the agent scrapes or hits rate-limited APIs, routing through mobile IPs raises effective rate limits. (5) Bypassing AI model regional restrictions in a handful of countries. (6) Protecting personal developer IPs from bans when prototyping scrapers in Cursor's agent mode. Coronium mobile proxies solve all six with 99%+ reliability and 40-90ms latency.

How do I configure a proxy in Cursor's settings.json?

Open Cursor settings (Cmd/Ctrl + ,) and click the "Open Settings (JSON)" icon in the top right. Add the following fields: "http.proxy": "http://user:pass@proxy.coronium.io:3128" for the primary proxy URL, "http.proxyStrictSSL": true for TLS validation (set false only for corporate self-signed certs), "http.proxySupport": "on" to force extension HTTP clients through the proxy, "http.noProxy": ["localhost", "127.0.0.1"] for hostnames that bypass the proxy, and optionally "cursor.general.proxyMode": "custom" for Cursor's own proxy mode. Save and restart Cursor. Any field starting with http. is inherited from the VS Code fork, which means thousands of VS Code extensions will also honor them. For Coronium mobile proxies specifically, use the exact proxy URL, username, and password from your Coronium dashboard.

What environment variables does Cursor honor?

Cursor (as a Node.js/Electron application) honors the standard HTTP_PROXY, HTTPS_PROXY, NO_PROXY, and ALL_PROXY environment variables. HTTP_PROXY applies to plain HTTP outbound requests; HTTPS_PROXY applies to TLS-protected requests and is what Cursor uses for model API calls (since api.cursor.sh is HTTPS). NO_PROXY is a comma-separated list of hosts that bypass the proxy -- absolutely essential for local MCP servers, loopback, and internal company domains. ALL_PROXY is used by SOCKS5 clients and honored by Agent shell tools that shell out to curl or wget. Additionally, NODE_EXTRA_CA_CERTS is needed when a corporate proxy performs TLS interception -- it points to a .pem file with the corporate root CA. Set these in ~/.zshrc or ~/.bashrc, but note that macOS apps launched from Finder do not inherit shell env vars -- launch Cursor from a terminal with `open -a Cursor` or via `cursor .` to ensure inheritance.

How does MCP integration work in Cursor 0.45+?

MCP (Model Context Protocol) is an open standard introduced by Anthropic in late 2024 and fully integrated into Cursor starting with version 0.45 (released late 2025). MCP servers run locally as separate processes and expose "tools" that the AI agent can invoke: file read/write, web fetch, browser automation, database queries, custom APIs, and so on. You configure MCP servers in a .cursor/mcp.json file at the project root, or in a global ~/.cursor/mcp.json for all projects. Each entry specifies the command to run (e.g., "npx -y @modelcontextprotocol/server-filesystem /path"), arguments, and environment variables. Cursor supports both stdio transport (most common, JSON-RPC over the process's stdin/stdout) and SSE transport (for remote MCPs). The agent discovers available tools at startup and calls them during chat or agent sessions. Proxy-aware MCPs (like the Coronium Proxy MCP) expose tools for rotating IPs, fetching through specific countries, and inspecting proxy state.

Does Cursor's Agent mode route through my configured proxy?

Partially. There are five distinct paths: (1) Model calls (to Claude 4, GPT-4o) go from the Cursor IDE to api.cursor.sh, and this leg does honor HTTPS_PROXY and settings.json http.proxy. The Cursor-to-Anthropic leg happens on Cursor servers and is not affected by your local proxy. (2) Shell commands run by the agent inherit the environment variables of the shell that spawned Cursor -- so HTTP_PROXY/HTTPS_PROXY set in .zshrc will apply to curl, wget, and npm commands the agent runs. (3) The built-in fetch tool honors HTTPS_PROXY. (4) MCP server processes inherit Cursor's env vars, so MCPs that make HTTP calls use the same proxy. (5) Streaming responses use HTTPS CONNECT tunnels through the proxy, requiring a streaming-friendly proxy. Coronium 4G mobile proxies support HTTP/2 and keep-alive perfectly, which is why they are preferred over corporate proxies for Agent mode (which often break mid-task on corporate stacks).

What is NODE_EXTRA_CA_CERTS and when do I need it?

NODE_EXTRA_CA_CERTS is a Node.js environment variable that points to a PEM file containing additional trusted Certificate Authority certificates. You need it when a corporate proxy performs TLS interception -- a technique where the proxy terminates the TLS connection from your client, inspects the content, and re-encrypts it with a certificate signed by the corporate's private CA. Without the corporate CA in your trust store, Node.js (and therefore Cursor) throws SELF_SIGNED_CERT_IN_CHAIN or UNABLE_TO_VERIFY_LEAF_SIGNATURE on every outbound TLS call. To fix: (1) Ask IT for the corporate root CA in PEM format, or export it from your OS keychain. (2) Save it to a path like /Users/admin/certs/corp-ca.pem. (3) Set NODE_EXTRA_CA_CERTS=/Users/admin/certs/corp-ca.pem in your shell profile. (4) Restart Cursor. You do NOT need this with public proxies like Coronium -- their certificates chain to standard root CAs already trusted by Node.js.

Why do my Cursor model calls return 403 Forbidden through a proxy?

Three main causes: (1) The proxy's egress IP is on an upstream blocklist. Anthropic and OpenAI maintain WAF rules that block known bot-infrastructure IPs and over-traffic'd datacenter ranges. Corporate proxies that egress from an AWS or GCP IP sometimes trigger these rules. (2) Rate limiting by shared egress: if your corporate proxy funnels traffic from hundreds of developers through one IP, Anthropic's per-IP rate limits kick in and return 403 under load. (3) Geo-restriction: some regions are blocked at the WAF layer. The fix for all three is to route Cursor through a clean, low-volume outbound IP -- which is exactly what Coronium 4G mobile proxies provide. CGNAT mobile IPs are indistinguishable from consumer traffic and are essentially never on upstream blocklists. Expect 99%+ success rate on model calls after switching.

Can I configure different proxies for different MCP servers?

Yes. Each MCP server entry in mcp.json has its own env object, which overrides the Cursor process environment. Example: { "mcpServers": { "scrape-mcp": { "command": "npx", "args": ["-y", "web-fetch-mcp"], "env": { "HTTPS_PROXY": "http://user1:pass1@proxy.coronium.io:3128" } }, "github-mcp": { "command": "npx", "args": ["-y", "@modelcontextprotocol/server-github"], "env": { "HTTPS_PROXY": "" } } } }. Here, scrape-mcp's outbound traffic uses Coronium mobile proxy, while github-mcp bypasses proxies entirely (empty string). This pattern is valuable when scraping tools should use a mobile proxy but version-control tools should use direct connection for performance. For geo-testing, give each MCP a different country-specific Coronium endpoint.

How do I debug proxy issues in Cursor?

Work through these in order: (1) Verify env vars: echo $HTTP_PROXY $HTTPS_PROXY $NO_PROXY. On macOS, launching from Finder does NOT inherit .zshrc -- launch via `cursor .` from a terminal. (2) Test proxy with curl: curl -v -x $HTTPS_PROXY https://api.cursor.sh/health. If curl works but Cursor does not, it is a settings.json or auth issue. (3) Open Cursor DevTools (Cmd+Shift+P -> Developer: Toggle Developer Tools) and watch the Console for proxy errors. (4) Tail the Cursor output channel (Cmd+Shift+P -> Output: Show Output Channels -> Cursor) for MCP and model call errors. (5) Use mitmproxy as an intermediate proxy to see exactly what requests Cursor makes. (6) Check NO_PROXY coverage -- missing localhost/127.0.0.1 entries cause MCPs to fail. (7) Test auth directly: curl --proxy-user user:pass -x http://proxy:port https://example.com. (8) Isolate MCPs by disabling them all and re-enabling one at a time.

Does Cursor's tab completion use a separate endpoint from chat?

Yes. Cursor's proprietary tab completion model (trained by Anysphere) runs on its own dedicated endpoint separate from the chat/agent model routing. This is why tab completion can fail while chat still works, and vice versa. Both endpoints live under the *.cursor.sh domain but use different subdomains and different infrastructure. When configuring a proxy allowlist, add all of *.cursor.sh, *.cursorapi.com, and the specific model provider domains (api.anthropic.com, api.openai.com) -- although the Anthropic/OpenAI domains are mainly relevant for troubleshooting because Cursor itself mediates those calls. If tab completion shows "disabled -- connectivity issue" while chat works fine, the problem is isolated to the tab completion endpoint: check DevTools Network tab for failed requests to api.cursor.sh subdomains.

Cursor IDE Guide -- Updated April 2026

Cursor Proxy Setup & MCP Integration

Q: How do I add a Coronium proxy MCP server to Cursor?

Create or edit ~/.cursor/mcp.json (global) or .cursor/mcp.json (per-project). Add a new entry under "mcpServers" with a key like "coronium-proxy". Inside, set "command" to the runtime (e.g., "npx"), "args" to ["-y", "@coronium/mcp-proxy"], and "env" to an object containing CORONIUM_API_KEY and CORONIUM_PROXY_URL. Example full config: { "mcpServers": { "coronium-proxy": { "command": "npx", "args": ["-y", "@coronium/mcp-proxy"], "env": { "CORONIUM_API_KEY": "your-api-key", "CORONIUM_PROXY_URL": "http://user:pass@proxy.coronium.io:3128" } } } }. Restart Cursor; in the Agent sidebar, the new tools (rotate_ip, proxy_fetch, get_current_ip, select_country) should appear. For stability, keep the MCP server versions pinned rather than using @latest, and add the npx cache to NO_PROXY if your corporate proxy blocks the npm registry.

Cursor, the AI-first IDE from Anysphere, now has 1M+ active developers and a $900M ARR run rate entering 2026. With Claude 4 Sonnet, GPT-4o, and full MCP support in version 0.45+, configuring proxies correctly is essential for corporate networks, geo-testing, and clean-IP API routing.

This guide covers settings.json http.proxy configuration, HTTP_PROXY/HTTPS_PROXY/NO_PROXY environment variables, how Agent mode routes traffic, adding Coronium mobile proxies as MCP servers, and debugging the most common SSL, timeout, and 403 errors.

Verified 2026 data: All stats cite Anysphere public disclosures, Cursor release notes, and MCP specification documents

Cursor IDE

settings.json

MCP Integration

Agent Mode

4G Mobile Proxies

Debugging

1M+

Active Cursor developers worldwide

$900M

ARR run rate (late 2025)

$2.5B

Anysphere valuation (Series C)

Claude 4

Sonnet + GPT-4o + DeepSeek support

What this guide covers:

VS Code-inherited settings.json proxy fields

HTTP_PROXY / HTTPS_PROXY / NO_PROXY env vars

MCP server config in .cursor/mcp.json

Agent mode proxy routing paths

Common errors: 403, SSL, ETIMEDOUT

mitmproxy-based debugging workflow

Table of Contents

11 Sections

Navigate This Guide

From Cursor fundamentals to production proxy configuration, MCP setup, and debugging workflows for Cursor 0.45+.

1. What is Cursor in 2026?

2. Proxy Use Cases for Cursor

3. VS Code Proxy Settings

4. Environment Variables

5. MCP Server Integration

6. Agent Mode + Proxy

7. Common Issues & Errors

8. Debugging Workflow

9. Proxy Performance Comparison

10. Frequently Asked Questions

11. Pricing & Plans

Reading time: ~18 minutes. Covers Cursor architecture, proxy configuration, MCP server setup, agent routing, and debugging.

Cursor features

Common errors

FAQ answers

Cursor in 2026

What is Cursor? The AI-First IDE by Anysphere

Cursor is a fork of VS Code rebuilt around AI-native workflows. Anysphere, the company behind it, raised a $500M Series C at a $2.5B valuation in 2024 and entered 2026 with a reported $900M ARR run rate. It is used by 1M+ developers including teams at OpenAI, Shopify, Perplexity, and Midjourney.

Agent Mode

Autonomous coding agent that edits files, runs commands, and iterates on tasks without constant supervision. Operates across entire codebases with terminal access and multi-file awareness. Introduced as stable in Cursor 0.44 and refined through the 0.45 and 0.46 releases in 2025.

Proxy relevance: All LLM calls made by the agent (Claude 4 Sonnet, GPT-4o) route through Cursor servers, which then call Anthropic/OpenAI. Proxy configuration at the OS or Cursor level controls outbound traffic to api.cursor.sh.

Composer

Multi-file AI editor for larger refactors spanning many files at once. Accepts a natural-language change request and produces a reviewable diff across the entire affected surface area of the codebase. Designed for cross-cutting modifications that would be tedious via single-file tab completion.

Proxy relevance: Uses the same outbound API channels as Agent mode. Corporate proxy routing affects response latency. Mobile proxies resolve carrier-network egress issues common in remote teams.

Tab Completion

Cursor's proprietary inline prediction model trained on trillions of tokens of code. Competes directly with GitHub Copilot and is bundled into the Free tier (2,000 completions/month) and Pro tier (unlimited). Runs separately from the chat/agent LLM stack.

Proxy relevance: Connects to Cursor's proprietary completion endpoint on api.cursor.sh. Requires stable, low-latency outbound connections -- poor proxy choices show up as visible typing lag.

MCP Support

Full Model Context Protocol integration since Cursor 0.45 (released late 2025). Supports custom MCP servers over stdio and SSE transports, enabling AI agents to access filesystem, browser, database, and proxy-backed tools locally. Configured through .cursor/mcp.json or global settings.

Proxy relevance: MCP servers run locally but may themselves make outbound HTTP calls (web fetch, scraping, API tools). Proxy-aware MCP servers enable agents to hit geo-restricted or bot-protected targets from within Cursor.

Chat with @-mentions

Contextual chat window with @-reference support for files, symbols, web results, docs, git history, and codebase-wide semantic search. Each @-mention pulls relevant context into the model's prompt without manual copy-paste.

Proxy relevance: @web mentions trigger outbound fetches that benefit from clean IP reputation. Corporate proxies may block @web requests entirely if they strip user agents aggressively.

Multi-model Routing

Switch between Claude 4 Sonnet, Claude 3.5 Sonnet, GPT-4o, GPT-4o mini, DeepSeek-V3, and Cursor's proprietary "cursor-small" and "cursor-fast" models via the model selector. Each model uses different outbound endpoints routed through Cursor infrastructure.

Proxy relevance: A single proxy misconfiguration can break an entire model tier while leaving others working. Debugging requires isolating which upstream is failing.

Why Cursor won the AI IDE race (so far)

Cursor's ascent from zero to $900M ARR in under three years came from three compounding advantages: (1) a VS Code fork meant instant compatibility with the entire VS Code extension ecosystem, removing the switching cost; (2) proprietary tab completion trained by Anysphere on code-specific data that consistently outperformed Copilot on real benchmarks; (3) early, deep integration of Claude Sonnet as a first-class model, followed by Claude 4 Sonnet and GPT-4o. The $500M Series C in 2024 funded aggressive hiring, custom inference infrastructure, and the MCP integration work that shipped in 0.45. Internal adoption at OpenAI, Shopify, Perplexity, and Midjourney validated the product for enterprise.

Proxy Use Cases

Six Reasons to Put Cursor Behind a Proxy

The need for a proxy in Cursor spans corporate compliance, developer privacy, geo-testing, clean-IP API routing, scraping prototype safety, and region-specific AI access. Each has a distinct configuration story.

Corporate Networks & Firewalls

Enterprise environments often restrict outbound traffic to whitelisted IPs or force all traffic through an HTTP proxy (e.g., Zscaler, Blue Coat, Squid). Cursor must be configured to honor these corporate proxies or it fails silently on model calls, tab completions, and MCP fetches.

Solution: Use HTTP_PROXY/HTTPS_PROXY environment variables or Cursor's settings.json http.proxy field. Configure NO_PROXY for internal hostnames to prevent round-trips.

Geo-Testing Web Features

Developers building region-specific features (price localization, GDPR banners, content licensing, CDN behavior) need to test what users in other countries actually see. Running Cursor's Agent or browser MCPs through a geo-located mobile proxy routes test traffic through the correct region.

Solution: Attach a country-specific Coronium mobile proxy (US, UK, DE, BR, IN, etc.) to the Cursor browser MCP or fetch MCP. The agent then "browses" from that country.

API Routing Through Clean IPs

Many third-party APIs (social media, e-commerce, search APIs) apply aggressive rate limits per IP. Datacenter IPs from AWS, GCP, Azure are often pre-throttled or blocked outright. Routing Cursor's agent API calls through a mobile proxy raises the effective rate limit.

Solution: Point the agent's fetch tool or MCP HTTP client at a Coronium 4G proxy. CGNAT-backed mobile IPs inherit the trust score of ordinary consumers.

Scraping & Crawling from the IDE

Cursor's Agent mode is frequently used to prototype scrapers, build crawlers, and debug data pipelines. Running those crawl requests directly from the developer's residential IP leads to bans that also block their browsing, banking, and personal accounts.

Solution: Proxy the scraping targets only (via NO_PROXY for safe hosts) and route the actual data-collection traffic through dedicated mobile proxy IPs. Protects the developer's personal reputation.

Privacy from ISP Inspection

Some ISPs (particularly in regulated markets) perform deep packet inspection on coding traffic. Developers working on sensitive projects may want outbound Cursor traffic tunneled through a mobile carrier endpoint instead.

Solution: Configure HTTPS_PROXY globally. All Cursor outbound (model calls, tab completion, MCP fetches) exits through the mobile carrier's network rather than the developer's local ISP.

Bypassing Regional AI Model Restrictions

A handful of countries restrict direct access to Anthropic's or OpenAI's API endpoints. Cursor routes through its own servers, but developers in affected regions still see elevated latency, throttling, or outright failure depending on local peering.

Solution: Route Cursor through a mobile proxy in a permitted jurisdiction. Latency is typically 50-200ms higher but reliability approaches 100%.

Important: Model calls go through Cursor servers, not directly to Anthropic/OpenAI

A proxy configured in Cursor only controls the leg from your machine to api.cursor.sh. The subsequent leg from Cursor servers to Anthropic or OpenAI is not affected by local proxy settings. This matters for three reasons: (1) you cannot geo-locate model calls via your proxy -- Cursor servers make the call from their own infrastructure; (2) if api.cursor.sh is reachable, model calls succeed regardless of local proxy egress IP reputation, unless the proxy itself is blocked by Cursor's own WAF; (3) for geo-testing, the right tool is the Cursor browser or fetch MCP, which does make outbound calls directly from your machine through the configured proxy.

settings.json Configuration

VS Code Proxy Settings in Cursor

Because Cursor is forked from VS Code, every VS Code http.* proxy setting is inherited. These live in settings.json and apply to Cursor-core features as well as any installed extension that uses the shared HTTP client.

settings.json Proxy Fields Reference

Opened via Cmd/Ctrl + , then the Open Settings (JSON) icon in the top right

Field	Type	Example	Description
http.proxy	string	"http://user:pass@proxy.coronium.io:3128"	Primary proxy URL for all HTTP and HTTPS outbound traffic from Cursor. Accepts http://, https://, and socks5:// schemes.
http.proxyAuthorization	string \| null	"Basic dXNlcjpwYXNz"	Custom Proxy-Authorization header when basic auth in the URL is not supported. Useful for proxies requiring bearer tokens or NTLM.
http.proxyStrictSSL	boolean	true	Whether to validate the proxy's TLS certificate. Set to false only for self-signed corporate proxies -- never for production mobile proxies.
http.proxySupport	"off" \| "on" \| "fallback" \| "override"	"on"	Controls when extension HTTP clients honor the proxy setting. "on" forces all requests through the proxy. "override" wins over VSCODE_PROXY_URI.
http.noProxy	string[]	["localhost", "127.0.0.1", "*.internal.company.com"]	Hosts that bypass the proxy. Use for internal Git servers, local MCP endpoints, and loopback addresses. Accepts glob patterns.
cursor.general.proxyMode	"auto" \| "system" \| "custom" \| "none"	"custom"	Cursor-specific proxy mode (added in 0.42). "auto" inherits from OS. "custom" uses settings.json fields. "none" bypasses proxies entirely for Cursor traffic.

Complete settings.json Example (Coronium Mobile Proxy)

{
  "http.proxy": "http://your_user:your_pass@proxy.coronium.io:3128",
  "http.proxyStrictSSL": true,
  "http.proxySupport": "on",
  "http.noProxy": [
    "localhost",
    "127.0.0.1",
    "::1",
    "*.internal.company.com",
    "*.local"
  ],
  "cursor.general.proxyMode": "custom",

  // MCP configuration reference
  "mcp.serverAutoStart": true,

  // Optional: disable auto-update if proxy breaks update check
  "update.mode": "manual",

  // Editor preferences (unrelated, shown for context)
  "editor.fontFamily": "JetBrains Mono, monospace",
  "editor.fontSize": 13,
  "cursor.chat.alwaysShowInSidebar": true
}

Reloading after settings.json changes

Proxy changes take effect only after a full Cursor restart -- not a window reload. Quit Cursor entirely (Cmd/Ctrl + Q) and relaunch. Some proxy subsystems cache the initial config at process startup and ignore subsequent changes. If you see stale behavior after a JSON edit, it is almost always because you reloaded the window instead of restarting the app.

Environment Variables

HTTP_PROXY, HTTPS_PROXY, NO_PROXY

Environment variables are the fallback proxy mechanism inherited from Node.js. They cover Cursor-core traffic, Agent shell tools, and most MCP servers. Set them in your shell rc file and launch Cursor from a terminal so they propagate.

HTTP_PROXY

Proxy for plain HTTP outbound requests

http://user:pass@proxy.coronium.io:3128

Honored by Node.js, Python requests, curl, and most Cursor-bundled tools. Set in ~/.zshrc, ~/.bashrc, or a .env file loaded by the shell that launches Cursor.

HTTPS_PROXY

Proxy for TLS/HTTPS outbound requests

http://user:pass@proxy.coronium.io:3128

Separate from HTTP_PROXY because the CONNECT verb is issued to the proxy first, then TLS is negotiated end-to-end with the destination. Cursor API calls (HTTPS) use this.

NO_PROXY

Comma-separated list of hosts that bypass the proxy

localhost,127.0.0.1,.internal.company.com,*.local

Critical for internal services. Without NO_PROXY, every local MCP server fetch, every git push to a self-hosted GitLab, and every loopback call detours through the external proxy and fails.

ALL_PROXY

SOCKS-compatible proxy for non-HTTP protocols

socks5://user:pass@proxy.coronium.io:1080

Used by Node.js socks clients and some MCP transports. Separate from HTTP/HTTPS_PROXY. Honored by Cursor Agent when running shell commands that shell out to curl or wget.

NODE_EXTRA_CA_CERTS

Path to additional CA certificates in PEM format

/Users/admin/certs/corporate-root-ca.pem

Required when a corporate proxy performs TLS interception. Without it, Cursor throws SELF_SIGNED_CERT_IN_CHAIN or UNABLE_TO_VERIFY_LEAF_SIGNATURE on every model call.

VSCODE_PROXY_URI

VS Code-family override for proxy URI

https://user:pass@proxy.coronium.io:3128

Inherited by Cursor from its VS Code fork. Takes precedence over HTTP_PROXY in some Cursor subsystems. Set this if settings.json proxy fields seem ignored.

~/.zshrc (or ~/.bashrc) configuration

# Coronium mobile proxy for Cursor and all dev tools
export HTTP_PROXY="http://your_user:your_pass@proxy.coronium.io:3128"
export HTTPS_PROXY="http://your_user:your_pass@proxy.coronium.io:3128"
export ALL_PROXY="socks5://your_user:your_pass@proxy.coronium.io:1080"

# Hosts that bypass the proxy entirely
export NO_PROXY="localhost,127.0.0.1,::1,.internal.company.com,*.local"

# Corporate CA for TLS interception (only if applicable)
# export NODE_EXTRA_CA_CERTS="$HOME/certs/corp-root-ca.pem"

# Per-tool overrides often needed alongside
export NPM_CONFIG_PROXY="$HTTP_PROXY"
export NPM_CONFIG_HTTPS_PROXY="$HTTPS_PROXY"
export PIP_PROXY="$HTTPS_PROXY"

# Launch Cursor from this shell to inherit env vars
alias cursor-proxied='open -a Cursor'

macOS gotcha: Finder-launched apps do NOT inherit shell env vars

On macOS, GUI apps launched from Finder (clicking the Cursor icon in Applications, Spotlight, or the Dock) start in an environment derived from launchctl, which does not read ~/.zshrc or ~/.bashrc. Cursor will appear to ignore your proxy settings. The fix: launch Cursor from a terminal with cursor . (the Cursor CLI helper installed via the Cursor menu) or open -a Cursor. For permanent persistence across reboots, use launchctl setenv HTTPS_PROXY ... in a LaunchAgent plist or set them in /etc/launchd.conf on older macOS versions.

MCP Server Integration

Model Context Protocol in Cursor 0.45+

MCP is Anthropic's open standard for extending AI agents with tools. Cursor 0.45 (late 2025) added full MCP support over stdio and SSE transports. Here is how to wire up proxy-aware MCP servers so the agent inherits your outbound rules.

Web Fetch MCP (proxy-aware)

stdio / Node.js / Python

Lets the Cursor agent fetch URLs through a configured mobile proxy so outbound reputation is clean.

Proxy feature: Passes HTTPS_PROXY from environment into every outbound fetch. Supports per-request override via tool argument.

Playwright MCP

stdio / Node.js

Full browser automation for the agent. Navigate pages, fill forms, capture screenshots, extract DOM.

Proxy feature: Each browser context can attach a different proxy. Pair with Coronium rotating mobile proxies for geo-testing and bot-protected targets.

Filesystem MCP

stdio / Node.js

Scoped read/write filesystem access for the agent, restricted to allowed directories.

Proxy feature: No network usage. Should be listed in NO_PROXY scope (via local-only transport) to avoid spurious proxy round-trips.

GitHub MCP

stdio / Go

Full GitHub API access: issues, PRs, workflow runs, code search. Official MCP server from Anthropic.

Proxy feature: Honors HTTPS_PROXY and GITHUB_TOKEN environment variables. Useful for enterprise GitHub Enterprise Server through corporate proxies.

Database MCP (Postgres/MySQL)

stdio / Node.js / Python

Query and inspect databases directly from the agent with schema-aware tooling.

Proxy feature: For production DBs accessed via bastion/jump hosts, pair with SOCKS5 proxy. Set ALL_PROXY to the tunnel endpoint.

Coronium Proxy MCP

stdio or sse / Node.js

Purpose-built MCP server exposing Coronium mobile proxy rotation, session management, and geo-selection as agent tools.

Proxy feature: The MCP itself IS the proxy layer. Agent tools include rotate_ip, get_current_ip, select_country, and proxy_fetch.

~/.cursor/mcp.json with Coronium Proxy MCP

{
  "mcpServers": {
    "coronium-proxy": {
      "command": "npx",
      "args": ["-y", "@coronium/mcp-proxy"],
      "env": {
        "CORONIUM_API_KEY": "your-api-key-from-dashboard",
        "CORONIUM_PROXY_URL": "http://user:pass@proxy.coronium.io:3128",
        "CORONIUM_DEFAULT_COUNTRY": "US"
      }
    },
    "playwright": {
      "command": "npx",
      "args": ["-y", "@playwright/mcp"],
      "env": {
        "HTTPS_PROXY": "http://user:pass@proxy.coronium.io:3128"
      }
    },
    "github": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-github"],
      "env": {
        "GITHUB_PERSONAL_ACCESS_TOKEN": "ghp_..."
      }
    },
    "filesystem": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-filesystem",
        "/Users/admin/Documents/projects"
      ]
    }
  }
}

Per-MCP proxy override

Each MCP entry has its own env object that overrides the Cursor process environment. Use this to give the scraping MCP a mobile proxy while letting the GitHub MCP use direct connection for speed. Empty string ("HTTPS_PROXY": "") explicitly disables the proxy for that MCP.

Useful for mixing trusted and untrusted MCP egress paths without global env var juggling.

Debugging MCP startup

If an MCP shows "failed to start" in the Cursor sidebar, check the Output panel (Cmd+Shift+P -> Output -> MCP). Common causes: npx not on PATH, npm registry blocked by corporate proxy, missing env var, or the MCP package name is wrong. Pin versions (@coronium/mcp-proxy@1.2.0) for stability.

Add the npm registry to your proxy allowlist: registry.npmjs.org, registry.yarnpkg.com.

Agent Mode Deep Dive

How Agent Mode Routes Through Proxies

Cursor's Agent mode has five distinct network paths. Understanding which one each tool call takes is the difference between effective debugging and pulling your hair out.

Five Network Paths in Agent Mode

Each scenario below shows exactly where proxy configuration matters

Agent calls Claude 4 Sonnet

Cursor IDE -> api.cursor.sh (via HTTPS_PROXY) -> Anthropic API -> response back

Proxy role: HTTPS_PROXY routes the outbound leg from the IDE to Cursor servers. Cursor-to-Anthropic leg is not affected by local proxy settings.

Agent runs shell command (bash tool)

Cursor Agent -> local shell -> command -> (if network) -> curl/wget using $HTTP_PROXY -> target

Proxy role: Shell-level commands inherit the environment variables of the shell that spawned Cursor. This is why setting proxies in .zshrc/.bashrc matters for Agent shell tools.

Agent fetches a URL via built-in fetch tool

Cursor Agent -> internal fetch implementation -> HTTPS_PROXY -> target URL

Proxy role: The built-in fetch tool honors HTTPS_PROXY. This is the primary point where Coronium mobile proxy is valuable for clean-IP fetching.

Agent uses MCP tool (e.g. Playwright)

Cursor Agent -> local MCP server process -> MCP's own HTTP client -> configured proxy -> target

Proxy role: The MCP server process inherits the env vars of the Cursor process. Each MCP can also accept proxy config directly via its tool arguments.

Agent receives streaming response

Target -> Anthropic -> api.cursor.sh -> proxy (HTTPS CONNECT tunnel, streaming) -> Cursor IDE

Proxy role: Long-lived SSE streams require proxies that support keep-alive and do not buffer aggressively. Many corporate proxies break Cursor streaming -- use Coronium or direct connection for streaming stability.

Autonomous Multi-Step Tasks

Agent mode chains tool calls autonomously. A single user request ("scrape pricing from 5 e-commerce sites and write a comparison report") may produce 30+ outbound requests through your configured proxy. Dedicated mobile proxies with unlimited bandwidth are ideal because per-GB billing spirals quickly under agent loads.

Streaming Stability is Critical

Model responses stream token-by-token over SSE. Proxies that buffer or kill idle connections (many corporate proxies) cause agent tasks to stall silently after 30-60 seconds. Coronium 4G proxies keep HTTP/2 streams alive for hours, matching the no-proxy baseline.

Troubleshooting

Common Cursor Proxy Errors & Fixes

Eight errors cover ~95% of all Cursor proxy support tickets. Each row below identifies the root cause and the exact fix in 2026.

SELF_SIGNED_CERT_IN_CHAIN

Cause:

Corporate proxy is performing TLS interception with a self-signed root CA that Cursor's Node.js runtime does not trust.

Fix:

Export the corporate root CA to a .pem file and set NODE_EXTRA_CA_CERTS=/path/to/ca.pem before launching Cursor. Also add http.proxyStrictSSL: false in settings.json as a fallback. Never disable SSL for public-internet proxies like Coronium.

ECONNREFUSED on model calls

Cause:

Proxy URL is unreachable, wrong port, or blocked by firewall. Also seen when HTTPS_PROXY is set but the proxy only listens on plain HTTP.

Fix:

Test with curl -v -x $HTTPS_PROXY https://api.cursor.sh from the same terminal that launches Cursor. If curl fails, the proxy itself is misconfigured. Verify port (3128 for HTTP, 1080 for SOCKS5).

ETIMEDOUT / Request timed out

Cause:

Proxy is reachable but adds enough latency to exceed Cursor's default timeouts, especially during model streaming. Overloaded corporate proxies are the usual culprit.

Fix:

Switch to a lower-latency proxy (Coronium mobile proxies typically add 40-80ms RTT vs 200-500ms for congested corporate proxies). For corporate proxies, ask IT to raise per-connection idle timeout above 5 minutes.

Tab completion disabled -- connectivity issue

Cause:

Cursor's proprietary completion endpoint (separate from chat) failed its health check. Usually a proxy that blocks or rewrites the specific cursor.sh subdomain.

Fix:

Add *.cursor.sh and *.cursorapi.com to the proxy allowlist or to NO_PROXY with a pass-through route. Re-authenticate via Cursor settings > Account > Sign Out / Sign In.

MCP server "failed to start"

Cause:

The local MCP process depends on an npm install or pip install that attempted to fetch packages through a proxy that blocks the registry.

Fix:

Set npm config proxy and https-proxy via npm config set, or pip config set global.proxy. Restart Cursor. Also verify the MCP server's runtime (node, uvx, python) is on PATH.

Agent mode silently stops mid-task

Cause:

Streaming response interrupted by proxy closing idle connections. Cursor retries but the partial state confuses the agent.

Fix:

Use a streaming-friendly proxy. Coronium 4G proxies keep HTTP/2 streams alive indefinitely. For SOCKS5 tunnels, set TCP keepalive at the OS level. As a workaround, keep tasks under ~2 minutes of continuous work.

Cursor hangs on startup at "Checking for updates"

Cause:

Update check goes to cursor.sh but the proxy rewrites the response or returns an unexpected status. Cursor waits on the hung connection.

Fix:

Disable auto-update: settings.json -> update.mode: "none". Alternatively, NO_PROXY=cursor.sh to bypass the proxy for the update endpoint only.

403 Forbidden from model endpoint

Cause:

Proxy egress IP has been rate-limited or blocked upstream (Cloudflare, AWS WAF, Anthropic edge). Common when many developers share one corporate egress.

Fix:

Switch Cursor outbound to a Coronium dedicated mobile IP. CGNAT mobile IPs inherit the clean reputation of ordinary consumer traffic and are almost never on upstream blocklists.

When all else fails: temporary direct connection

If you cannot get Cursor working behind a corporate proxy and need to ship code, the emergency workaround is to tether to a mobile hotspot and bypass the corporate proxy entirely. This is also a useful test: if Cursor works fine on your phone's hotspot but fails on the office network, the problem is 100% the corporate proxy configuration (not Cursor, not your settings.json). For a permanent solution, Coronium provides the same CGNAT mobile egress without needing to burn your personal data plan.

Debugging Workflow

Step-by-Step Debugging Process

Follow these eight steps in order. Ninety percent of proxy issues reveal themselves in the first three steps; the remaining ten percent need mitmproxy.

1. Verify environment variables

echo $HTTP_PROXY $HTTPS_PROXY $NO_PROXY

Cursor inherits env vars from the shell that launches it. On macOS, launching from Finder does NOT inherit .zshrc values -- launch from a terminal to pick them up.

2. Test proxy reachability

curl -v -x $HTTPS_PROXY https://api.cursor.sh/health

Isolates proxy issues from Cursor bugs. If curl works but Cursor does not, the problem is settings.json or auth headers. If curl fails, the proxy is misconfigured.

3. Check Cursor developer tools logs

Cmd+Shift+P -> Developer: Toggle Developer Tools -> Console tab

Cursor logs proxy errors with full stack traces. Search for "proxy", "ECONNREFUSED", or "certificate". The first error is usually the root cause; subsequent ones are cascades.

4. Tail the Cursor output log

Cmd+Shift+P -> Output: Show Output Channels -> Cursor

Cursor writes model call failures, MCP server startup errors, and proxy handshake issues here. More human-readable than DevTools for proxy problems.

5. Inspect HTTP traffic

mitmproxy -p 8080 (then set Cursor to http://localhost:8080)

mitmproxy shows every outbound request Cursor makes, with headers and bodies. Invaluable when debugging why a specific feature (MCP, tab completion) fails while others work.

6. Check NO_PROXY coverage

env | grep -i proxy

Missing NO_PROXY entries cause localhost MCP and loopback calls to bounce through the external proxy and fail. Ensure localhost, 127.0.0.1, ::1, and any internal domains are listed.

7. Verify proxy auth

curl -v --proxy-user user:pass -x http://proxy.coronium.io:3128 https://example.com

Authentication failures return 407 Proxy Authentication Required. If the URL-embedded auth works with curl but not Cursor, use the http.proxyAuthorization settings.json field.

8. Isolate features one at a time

Disable all MCPs, test chat -> re-enable MCPs one by one

A failing MCP can cascade into apparent chat failures because Cursor waits on MCP initialization. Narrowing which MCP or which feature fails is half the debugging battle.

mitmproxy is your ultimate debugging tool

When you cannot figure out why a specific Cursor feature fails, install mitmproxy (brew install mitmproxy or pip install mitmproxy), run mitmproxy -p 8080, and point Cursor at http://localhost:8080. You will see every request Cursor makes in real-time, including MCP startup fetches, model calls, tab completion pings, and telemetry. Compare requests that succeed (tab completion) with ones that fail (MCP fetch) to pinpoint what differs. Install mitmproxy's root CA via mitmproxy --set block_global=false and trust it in your keychain to intercept HTTPS traffic.

Performance Comparison

Proxy Type Performance for Cursor

Real latency and reliability data from IDE-use workloads. Streaming support is the most important metric for Cursor because tab completion, chat, and agent mode all depend on SSE and HTTP/2 long-lived connections.

Proxy Type	Latency	Reliability	Streaming	Best for
No proxy (direct)	15-40ms	99.9%	Perfect	Home networks without restrictions, solo developers
Corporate HTTP proxy	80-300ms	90-97%	Variable (often breaks)	Mandatory by IT policy; no choice
Datacenter proxy	30-80ms	70-85%	Good	IP rotation for scraping tests from IDE; not recommended for everyday Cursor use
Residential rotating proxy	100-250ms	85-92%	Variable	Light geo-testing from the agent
Coronium 4G mobile proxy	40-90ms	99%+	Excellent (HTTP/2 + keepalive)	Daily Cursor usage, agent mode, MCP-heavy workflows, geo-testing

No proxy (direct)

Baseline. Use when no corporate or privacy requirements exist.

Corporate HTTP proxy

Often the source of streaming interruptions, TLS interception errors, and rate-limited egress IPs.

Why Coronium 4G beats every alternative for Cursor

Cursor workloads are unusually demanding: dozens of short-lived tab-completion pings per minute, plus long-lived streaming model calls that can last minutes, plus MCP fetches that may span seconds to hours. Datacenter proxies fail on reliability (70-85%). Residential proxies fail on streaming (rotation kills long streams). Corporate proxies fail on streaming AND latency. Coronium 4G mobile proxies -- dedicated device per customer, CGNAT-backed consumer IPs, HTTP/2 support, no artificial rotation on streaming connections -- deliver 99%+ reliability at 40-90ms latency. That is close to the no-proxy baseline while providing the clean IP reputation, geo-flexibility, and privacy that direct connection lacks.

FAQ

Frequently Asked Questions

Twelve answers to the questions developers ask most often about Cursor proxy configuration, MCP integration, and Agent mode routing in 2026.

Pricing

Mobile Proxy Plans for Cursor Developers

Dedicated 4G/5G mobile proxies optimized for IDE workloads -- streaming-friendly, low-latency, and unlimited bandwidth. Works with Cursor Free, Pro, and Business tiers.

Cursor IDE Tiers (for reference)

All Coronium proxy plans work identically across Cursor Free, Pro, and Business

Hobby (Free)

2,000 completions/month, 50 slow premium requests, GPT-4o mini, basic MCP

Proxy configuration available but not documented. Requires manual settings.json editing.

Pro

$20/month

Unlimited completions, 500 fast premium requests, all flagship models (Claude 4 Sonnet, GPT-4o), full MCP

Best tier for proxy-heavy workflows. MCP support is full and unlimited.

Business

$40/user/month

Everything in Pro + org-wide SSO, privacy mode by default, centralized billing, admin dashboard

Enterprise proxy support: admins can push settings.json proxy configuration via Cursor Admin Dashboard.

Premium Mobile Proxy Pricing

Configure & Buy Mobile Proxies

Select from 10+ countries with real mobile carrier IPs and flexible billing options

📖 Complete Purchase Guide

Choose Billing Period

Select the billing cycle that works best for you

SELECT LOCATION

🇺🇸

USA

$129/m

HOT

🇬🇧

$97/m

HOT

🇫🇷

France

$79/m

🇩🇪

Germany

$89/m

🇪🇸

Spain

$96/m

🇳🇱

Netherlands

$79/m

🇦🇺

Australia

$119/m

🇮🇹

Italy

$127/m

🇧🇷

Brazil

$99/m

🇨🇦

Canada

$159/m

🇵🇱

Poland

$69/m

🇮🇪

Ireland

$59/m

🇱🇹

Lithuania

$59/m

🇵🇹

Portugal

$89/m

🇷🇴

Romania

$49/m

SALE

🇺🇦

Ukraine

$27/m

SALE

🇬🇪

Georgia

$69/m

SALE

🇹🇭

Thailand

$59/m

SALE

Save up to 10%

when you order 5+ proxy ports

Carrier & Region

USA 🇺🇸

AT&T

T-Mobile

Verizon

Available regions:

Florida

New York

Included Features

Dedicated Device

Real Mobile IP

10-100 Mbps Speed

Unlimited Data

ORDER SUMMARY

🇺🇸USA Configuration

AT&T • Florida • Monthly Plan

Your price:

$129

/month

Unlimited Bandwidth

No commitment • Cancel anytime • Purchase guide

Money-back guarantee if not satisfied

Perfect For

Multi-account management

Web scraping without blocks

Geo-specific content access

Social media automation

500+Active Users

10+Countries

95%+Trust Score

20h/dSupport

Popular Proxy Locations

United States•California•Los Angeles•New York•NYC

Secure payment methods accepted: Credit Card, PayPal, Bitcoin, and more. 2 free modem replacements per 24h.

Ready to route Cursor through clean mobile IPs?

Five-minute setup. Works with all Cursor versions including 0.45+ MCP support. 99%+ reliability on model calls, tab completion, and Agent mode streaming. Cancel anytime.

Related Developer Tooling & Proxy Guides

Blog

AI Agents