LibreChat/packages/api
Dustin Healy de28930ddf fix(mcp): resolve Codex review on the app-bridge follow-ups
Validates open-link schemes before opening. A sandboxed app could send
ui/open-link with any string; onmessage now opens only http and https URLs and
ignores other schemes and malformed URLs, so apps cannot launch javascript: or
data: targets from the host page.

Decodes blob-backed app resources. resources/read may return HTML as a base64
blob rather than text per the MCP Apps spec, so fetchMCPResourceHtml decodes the
blob when text is absent instead of rendering a blank iframe.

Disambiguates embedded ui:// resource ids by payload. The embedded resource id
was hashed from only the template text or URI, so the same template returned by
multiple calls with different structuredContent collided and the conversation
resource map overwrote earlier entries. The id now mixes in the structured
content and tool arguments, matching the synthetic-resource path.

Allows a dedicated sandbox origin to be framed by the host. The MCP Apps spec
requires the host and sandbox to have different origins for web hosts, but the
sandbox route hardcoded same-origin framing. Framing stays same-origin by
default and an operator can list allowed host origins via
MCP_SANDBOX_FRAME_ANCESTORS for a cross-origin sandbox deployment.
2026-06-23 23:29:16 -07:00
..
src fix(mcp): resolve Codex review on the app-bridge follow-ups 2026-06-23 23:29:16 -07:00
types
.gitignore
babel.config.cjs
jest.config.mjs fix(ci): add @modelcontextprotocol/ext-apps to jest transformIgnorePatterns and fix import sort 2026-06-23 15:46:38 -07:00
jest.setup.cjs
package.json fix(mcp): address second round of Codex review findings 2026-06-23 18:18:51 -07:00
tsconfig-paths-bootstrap.mjs
tsconfig.build.json
tsconfig.json
tsconfig.spec.json
tsdown.config.mjs 🪟 fix: Cross-Platform Absolute-Path Check in tsdown neverBundle Predicates (#13700) 2026-06-13 11:04:46 -04:00