mirror of
https://github.com/danny-avila/LibreChat.git
synced 2026-07-02 12:22:22 +00:00
The previous approach derived trustedOrigin from document.referrer at startup and fell back to '*' when referrer was empty, with a lazy-set from the first incoming message as a further fallback. Both paths leave a window where notifyReady broadcasts to all frames or the origin can be set by an untrusted first message. The sandbox is always served same-origin with LibreChat (/api/mcp/sandbox), so window.location.origin is always the exact parent origin. This replaces the referrer parse and lazy-set entirely: trustedOrigin is a const set at parse time, notifyReady uses it directly, and the message handler rejects any message whose origin does not match without fallback. |
||
|---|---|---|
| .. | ||
| assets | ||
| fonts | ||
| mcp-sandbox.html | ||
| robots.txt | ||