Skip to content

Add linkTrustedDomains view property#690

Open
fredericbarthelet wants to merge 5 commits into
modelcontextprotocol:mainfrom
alpic-ai:link-trusted-domains
Open

Add linkTrustedDomains view property#690
fredericbarthelet wants to merge 5 commits into
modelcontextprotocol:mainfrom
alpic-ai:link-trusted-domains

Conversation

@fredericbarthelet

@fredericbarthelet fredericbarthelet commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

Fixes #678

Motivation and Context

Provide an app controlled way to advertise in-view links that host MAY allow user to navigate to with minimal user friction (removing confirmation modal on redirection).

How Has This Been Tested?

In the basic host implementation

Breaking Changes

None, only added linkTrustedDomains as an optional property

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation update

Checklist

  • I have read the MCP Documentation
  • My code follows the repository's style guidelines
  • New and existing tests pass locally
  • I have added appropriate error handling
  • I have added or updated documentation as needed

Additional context

Removed the @types/nodes override from root package.json in order to be able to up to @types/nodes@24 in basic-host exemple and use the recent URLPattern class to implement link URL testing against trusted domains.

@pkg-pr-new

pkg-pr-new Bot commented Jun 17, 2026

Copy link
Copy Markdown

Open in StackBlitz

@modelcontextprotocol/ext-apps

npm i https://pkg.pr.new/@modelcontextprotocol/ext-apps@690

@modelcontextprotocol/server-basic-preact

npm i https://pkg.pr.new/@modelcontextprotocol/server-basic-preact@690

@modelcontextprotocol/server-basic-react

npm i https://pkg.pr.new/@modelcontextprotocol/server-basic-react@690

@modelcontextprotocol/server-basic-solid

npm i https://pkg.pr.new/@modelcontextprotocol/server-basic-solid@690

@modelcontextprotocol/server-basic-svelte

npm i https://pkg.pr.new/@modelcontextprotocol/server-basic-svelte@690

@modelcontextprotocol/server-basic-vanillajs

npm i https://pkg.pr.new/@modelcontextprotocol/server-basic-vanillajs@690

@modelcontextprotocol/server-basic-vue

npm i https://pkg.pr.new/@modelcontextprotocol/server-basic-vue@690

@modelcontextprotocol/server-budget-allocator

npm i https://pkg.pr.new/@modelcontextprotocol/server-budget-allocator@690

@modelcontextprotocol/server-cohort-heatmap

npm i https://pkg.pr.new/@modelcontextprotocol/server-cohort-heatmap@690

@modelcontextprotocol/server-customer-segmentation

npm i https://pkg.pr.new/@modelcontextprotocol/server-customer-segmentation@690

@modelcontextprotocol/server-debug

npm i https://pkg.pr.new/@modelcontextprotocol/server-debug@690

@modelcontextprotocol/server-lazy-auth

npm i https://pkg.pr.new/@modelcontextprotocol/server-lazy-auth@690

@modelcontextprotocol/server-map

npm i https://pkg.pr.new/@modelcontextprotocol/server-map@690

@modelcontextprotocol/server-pdf

npm i https://pkg.pr.new/@modelcontextprotocol/server-pdf@690

@modelcontextprotocol/server-scenario-modeler

npm i https://pkg.pr.new/@modelcontextprotocol/server-scenario-modeler@690

@modelcontextprotocol/server-shadertoy

npm i https://pkg.pr.new/@modelcontextprotocol/server-shadertoy@690

@modelcontextprotocol/server-sheet-music

npm i https://pkg.pr.new/@modelcontextprotocol/server-sheet-music@690

@modelcontextprotocol/server-system-monitor

npm i https://pkg.pr.new/@modelcontextprotocol/server-system-monitor@690

@modelcontextprotocol/server-threejs

npm i https://pkg.pr.new/@modelcontextprotocol/server-threejs@690

@modelcontextprotocol/server-transcript

npm i https://pkg.pr.new/@modelcontextprotocol/server-transcript@690

@modelcontextprotocol/server-video-resource

npm i https://pkg.pr.new/@modelcontextprotocol/server-video-resource@690

@modelcontextprotocol/server-wiki-explorer

npm i https://pkg.pr.new/@modelcontextprotocol/server-wiki-explorer@690

commit: 689e769

@fredericbarthelet fredericbarthelet marked this pull request as ready for review July 1, 2026 14:15
Comment on lines +240 to +242
* This is a UX hint, NOT an authorization mechanism. Hosts retain full
* authority, MUST still apply their own allowlist/blocklist, and SHOULD NOT
* treat a declared origin as proof that a destination is safe.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@domfarolino, you paid special attention in the corresponding issue on making sure hosts understand this feature is in no way a trust mechanism. Could you review this last part and confirm wether you deem this explanation sufficient to ensure nobody uses linkTrustedDomains as safe?

@fredericbarthelet

Copy link
Copy Markdown
Contributor Author

@idosal @liady ready for a first review following our last working group discussion :)
@mstoiber-oai since you opened the issue initially, your review would be well appreciated too.

Thanks 🙏

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new UI resource metadata field, linkTrustedDomains, allowing servers to advertise trusted external link destinations so hosts may optionally skip ui/open-link confirmation prompts while retaining full host policy control.

Changes:

  • Extend the UI resource meta type/spec and generated schemas to include optional _meta.ui.linkTrustedDomains.
  • Update AppBridge documentation/examples and the basic-host example to plumb linkTrustedDomains through to the open-link handler.
  • Adjust workspace dependency pinning to allow examples/basic-host to use newer @types/node (for URLPattern usage in the example).

Reviewed changes

Copilot reviewed 9 out of 12 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
src/spec.types.ts Adds linkTrustedDomains?: string[] to McpUiResourceMeta with detailed semantics and security guidance.
src/generated/schema.ts Adds linkTrustedDomains to McpUiResourceMetaSchema (Zod).
src/generated/schema.json Reflects the new linkTrustedDomains field in the published JSON schema.
src/app-bridge.ts Updates onopenlink JSDoc to mention skipping confirmation and demonstrates trusted-domain handling.
src/app-bridge.examples.ts Updates the onopenlink example to accept and use linkTrustedDomains.
specification/draft/apps.mdx Documents linkTrustedDomains in the UI resource format and ui/open-link host behavior.
package.json Removes the root @types/node override while keeping other overrides.
package-lock.json Updates the lockfile to reflect @types/node bump within examples/basic-host dependency graph.
examples/basic-host/src/index.tsx Plumbs linkTrustedDomains from fetched UI resource meta into newAppBridge(...).
examples/basic-host/src/implementation.ts Implements basic-host behavior: host denylist + app-declared trusted destinations to skip confirmation.
examples/basic-host/package.json Bumps @types/node devDependency for the basic-host workspace.
docs/migrate_from_openai_apps.md Documents mapping from OpenAI redirect_domains to MCP _meta.ui.linkTrustedDomains.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread examples/basic-host/src/implementation.ts Outdated
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Support configuring approved redirect domains for ui/open-link

2 participants