Skip to content

Add frameDomains and baseUriDomains CSP support for MCP Apps #6399

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
aharvard merged 1 commit into from
Jan 9, 2026
Merged

Add frameDomains and baseUriDomains CSP support for MCP Apps #6399

aharvard merged 1 commit into from
Jan 9, 2026

Conversation

@aharvard
Copy link
Collaborator

@aharvard aharvard commented Jan 8, 2026
edited
Loading

Summary

Implements early support for proposed CSP extensions to the MCP Apps specification:

  • frameDomains: Controls the frame-src CSP directive for nested iframes

    • Empty/omitted → frame-src 'none' (no nested iframes allowed)
    • With values → frame-src <origins>

  • baseUriDomains: Controls the base-uri CSP directive

    • Empty/omitted → base-uri 'self'
    • With values → base-uri 'self' <domains>

Context

This PR anticipates changes proposed in the MCP Apps spec:
modelcontextprotocol/ext-apps#158

⚠️ Note: The upstream spec PR is not yet merged. We're implementing early to validate the approach and ensure it works well for Goose users. The final implementation may need adjustments once the spec is finalized.

Why?

Enables MCP App experiences like this Svelte playground, where the app injects an iframe into itself.

  1. Add this MCP server in goose https://mcp-git-mcp-apps-playground-link-svelte.vercel.app/mcp
  2. Ask to create a playground link with a simple svelte 5 counter component
image

Changes

  • crates/goose-server/src/routes/mcp_app_proxy.rs: Added frame_domains and base_uri_domains query parameters and CSP generation logic
  • ui/desktop/src/components/McpApps/utils.ts: Added frameDomains and baseUriDomains to the CSP type and URL builder

@aharvard
Add frameDomains and baseUriDomains CSP support for MCP Apps
8a11b37 
Implements early support for proposed CSP extensions to the MCP Apps spec:
- frameDomains: Controls frame-src directive for nested iframes
- baseUriDomains: Controls base-uri directive

This anticipates changes proposed in:
modelcontextprotocol/ext-apps#158

Note: The upstream spec PR is not yet merged, but we're implementing
early to validate the approach.
@aharvard aharvard mentioned this pull request Jan 8, 2026
Merged
@aharvard aharvard marked this pull request as ready for review January 8, 2026 15:25
Copilot AI review requested due to automatic review settings January 8, 2026 15:25
Copilot AI reviewed Jan 8, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR implements early support for two proposed CSP extensions to the MCP Apps specification: frameDomains and baseUriDomains. These additions allow MCP apps to control iframe nesting and base URI policies through CSP directives.

Key changes:

  • Added frameDomains parameter controlling frame-src CSP directive (defaults to blocking nested iframes)
  • Added baseUriDomains parameter controlling base-uri CSP directive (defaults to 'self' only)

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
crates/goose-server/src/routes/mcp_app_proxy.rs Adds query parameters and CSP generation logic for frame-src and base-uri directives
ui/desktop/src/components/McpApps/utils.ts Extends CSP type definition and URL builder with frameDomains and baseUriDomains support

@aharvard aharvard merged commit 070b2ee into main Jan 9, 2026
25 checks passed
@aharvard aharvard deleted the aharvard/mcp-apps-csp-frame-base-uri branch January 9, 2026 14:12
DOsinga
DOsinga reviewed Jan 9, 2026
View reviewed changes
Copy link
Collaborator

@DOsinga DOsinga left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm all for moving fast, but let's make sure that the relevant people look at the PRs before we merge them? this utils.ts is getting a bit out of hand I would say in this case

wpfleger96 added a commit that referenced this pull request Jan 9, 2026
@wpfleger96
Merge branch 'main' into wpfleger/fork-session
b4105b9 
* main: (89 commits)
  fix(google): treat signed text as regular content in streaming (#6400)
  Add frameDomains and baseUriDomains CSP support for MCP Apps (#6399)
  fix(ci): add missing dependencies to openapi-schema-check job (#6367)
  feat: http proxy support
  Add support for changing working dir and extensions in same window/session (#6057)
  Sort keys in canonical models (#6403)
  added validation and debug for invalid call tool result (#6368)
  Update MCP apps tutorial: fix _meta structure and version prereq (#6404)
  Fixed fonts (#6389)
  Update confidence levels prompt injection detection to reduce false positive rates (#6390)
  Add ML-based prompt injection detection  (#5623)
  docs: update custom extensions tutorial (#6388)
  fix ResultsFormat error when loading old sessions (#6385)
  docs: add MCP Apps tutorial and documentation updates (#6384)
  changed z-index to make sure the search highlighter does not appear on modal overlay (#6386)
  Handling special claude model response in github copilot provider (#6369)
  fix: prevent duplicate rendering when tool returns both mcp-ui and mcp-apps resources (#6378)
  fix: update MCP Apps _meta.ui.resourceUri to use nested format (SEP-1865) (#6372)
  feat(providers): add streaming support for Google Gemini provider (#6191)
  Blog: edit links in mcp apps post (#6371)
  ...
wpfleger96 added a commit that referenced this pull request Jan 9, 2026
@wpfleger96
Merge branch 'main' into wpfleger/fork-session
1b9cf6f 
* main: (89 commits)
  fix(google): treat signed text as regular content in streaming (#6400)
  Add frameDomains and baseUriDomains CSP support for MCP Apps (#6399)
  fix(ci): add missing dependencies to openapi-schema-check job (#6367)
  feat: http proxy support
  Add support for changing working dir and extensions in same window/session (#6057)
  Sort keys in canonical models (#6403)
  added validation and debug for invalid call tool result (#6368)
  Update MCP apps tutorial: fix _meta structure and version prereq (#6404)
  Fixed fonts (#6389)
  Update confidence levels prompt injection detection to reduce false positive rates (#6390)
  Add ML-based prompt injection detection  (#5623)
  docs: update custom extensions tutorial (#6388)
  fix ResultsFormat error when loading old sessions (#6385)
  docs: add MCP Apps tutorial and documentation updates (#6384)
  changed z-index to make sure the search highlighter does not appear on modal overlay (#6386)
  Handling special claude model response in github copilot provider (#6369)
  fix: prevent duplicate rendering when tool returns both mcp-ui and mcp-apps resources (#6378)
  fix: update MCP Apps _meta.ui.resourceUri to use nested format (SEP-1865) (#6372)
  feat(providers): add streaming support for Google Gemini provider (#6191)
  Blog: edit links in mcp apps post (#6371)
  ...
@github-actions github-actions bot mentioned this pull request Jan 13, 2026
Merged
fbalicchia pushed a commit to fbalicchia/goose that referenced this pull request Jan 13, 2026
@aharvard @fbalicchia
Add frameDomains and baseUriDomains CSP support for MCP Apps (block#6399
3465d31 
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DOsinga DOsinga DOsinga left review comments

Copilot code review Copilot Copilot left review comments

@alexhancock alexhancock alexhancock approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@aharvard @alexhancock @DOsinga