Skip to content

feat: enhance sandbox capability negotiation #158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
idosal wants to merge 4 commits into
base: main
Choose a base branch
from
Open

feat: enhance sandbox capability negotiation #158

idosal wants to merge 4 commits into from

Conversation

@idosal
Copy link
Collaborator

@idosal idosal commented Dec 15, 2025

Proposal to tackle #58 -

  1. Add frameDomains and baseUriDomains overrides to Resource Metadata's ui/csp attribute
  2. Add a permissions attribute(ui/permissions) to the Resource Metadata. Currently, it supports camera, microphone, and geolocation. There are many other permissions, but I think we should only add fields as they're needed. @alexi-openai could you please share what OpenAI allows?
  3. Add csp to Host<>App capability negotiation (since it's non-trivial for the app to detect at runtime)

If it's acceptable, I'll add an E2E test before merging.

Thoughts?

@pkg-pr-new
Copy link

pkg-pr-new bot commented Dec 15, 2025
edited
Loading

Open in StackBlitz

npm i https://pkg.pr.new/modelcontextprotocol/ext-apps/@modelcontextprotocol/ext-apps@158

commit: e038020

Copilot AI reviewed Dec 15, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR enhances the MCP Apps sandbox capability negotiation by adding support for additional CSP directives and permissions policies. The changes enable apps to request nested iframe support, custom base URI configuration, and browser permissions (camera, microphone, geolocation) through resource metadata.

Key changes:

  • Added frameDomains and baseUriDomains fields to CSP configuration for controlling nested iframes and base URI directives
  • Introduced permissions metadata for requesting camera, microphone, and geolocation access via Permission Policy
  • Extended host capability negotiation to include CSP support indicators (frameDomains and baseUriDomains)

Reviewed changes

Copilot reviewed 6 out of 9 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
src/types.ts Added exports for new McpUiResourcePermissions type and schema
src/spec.types.ts Defined new interfaces for permissions and extended CSP configuration with frame/baseUri domains
src/generated/schema.ts Added Zod schemas for permissions and extended CSP schemas with new domain fields
src/generated/schema.test.ts Updated type inference tests to include new permissions schema
src/generated/schema.json Generated JSON schemas for new permissions and CSP extensions
specification/draft/apps.mdx Documented new CSP fields and permissions with examples and security guidance
examples/simple-host/sandbox.html Added new sandbox proxy HTML implementation (missing CSP/permissions handling)
examples/basic-host/src/sandbox.ts Implemented CSP meta tag building and iframe allow attribute for permissions
examples/basic-host/src/implementation.ts Extended resource data extraction to include new CSP and permissions metadata

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

ochafik
ochafik requested changes Dec 16, 2025
View reviewed changes
Copy link
Collaborator

@ochafik ochafik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Ido!

examples/basic-host/src/implementation.ts
baseUriDomains?: string[];
};
permissions?: {
camera?: boolean;
Copy link
Collaborator

@ochafik ochafik Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's make these objects (as in capabilities) for future extensions?
e.g. what if one day there's fine-grained vers. coarse geolocation, or front vs. back camera permission, etc.

Copy link
Collaborator Author

@idosal idosal Dec 18, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Like CSP, Permissions are coupled to the browser spec (Permissions Policy). I don't think we should diverge at this point. WDYT?

ochafik
ochafik reviewed Dec 17, 2025
View reviewed changes
Copy link
Collaborator

@ochafik ochafik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should tell app what permissions were granted (and potentially which domains were allowed)

@idosal idosal requested a review from ochafik December 18, 2025 20:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@liady liady Awaiting requested review from liady

@antonpk1 antonpk1 Awaiting requested review from antonpk1

@alexi-openai alexi-openai Awaiting requested review from alexi-openai

@ochafik ochafik Awaiting requested review from ochafik

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@idosal @ochafik