diff --git a/client/public/mcp-sandbox.html b/client/public/mcp-sandbox.html
index 2326af4cae..db62a6d8ee 100644
--- a/client/public/mcp-sandbox.html
+++ b/client/public/mcp-sandbox.html
@@ -18,26 +18,21 @@
let readyInterval = null;
const SANDBOX_PREFIX = 'ui/notifications/sandbox-';
- // Derive the trusted origin from the referrer at startup.
- // The sandbox is always served same-origin, so document.referrer is the LibreChat page URL.
- let trustedOrigin = null;
- try {
- if (document.referrer) {
- trustedOrigin = new URL(document.referrer).origin;
- }
- } catch {}
+ // The sandbox is always served same-origin with LibreChat, so window.location.origin
+ // is the exact expected parent origin. No referrer fallback or lazy-set needed.
+ const trustedOrigin = window.location.origin;
function notifyReady() {
window.parent.postMessage(
{ jsonrpc: '2.0', method: 'ui/notifications/sandbox-proxy-ready', params: {} },
- trustedOrigin || '*'
+ trustedOrigin
);
if (!readyInterval) {
readyInterval = setInterval(() => {
if (!innerFrame) {
window.parent.postMessage(
{ jsonrpc: '2.0', method: 'ui/notifications/sandbox-proxy-ready', params: {} },
- trustedOrigin || '*'
+ trustedOrigin
);
}
}, 500);
@@ -54,9 +49,7 @@
if (!msg || msg.jsonrpc !== '2.0') return;
if (event.source === window.parent) {
- if (!trustedOrigin) {
- trustedOrigin = event.origin;
- } else if (event.origin !== trustedOrigin) {
+ if (event.origin !== trustedOrigin) {
return;
}
@@ -76,9 +69,7 @@
if (msg.method && msg.method.startsWith(SANDBOX_PREFIX)) {
return;
}
- if (trustedOrigin) {
- window.parent.postMessage(msg, trustedOrigin);
- }
+ window.parent.postMessage(msg, trustedOrigin);
}
});