Add linkTrustedDomains view property#690
Conversation
@modelcontextprotocol/ext-apps
@modelcontextprotocol/server-basic-preact
@modelcontextprotocol/server-basic-react
@modelcontextprotocol/server-basic-solid
@modelcontextprotocol/server-basic-svelte
@modelcontextprotocol/server-basic-vanillajs
@modelcontextprotocol/server-basic-vue
@modelcontextprotocol/server-budget-allocator
@modelcontextprotocol/server-cohort-heatmap
@modelcontextprotocol/server-customer-segmentation
@modelcontextprotocol/server-debug
@modelcontextprotocol/server-lazy-auth
@modelcontextprotocol/server-map
@modelcontextprotocol/server-pdf
@modelcontextprotocol/server-scenario-modeler
@modelcontextprotocol/server-shadertoy
@modelcontextprotocol/server-sheet-music
@modelcontextprotocol/server-system-monitor
@modelcontextprotocol/server-threejs
@modelcontextprotocol/server-transcript
@modelcontextprotocol/server-video-resource
@modelcontextprotocol/server-wiki-explorer
commit: |
c9bdb3d to
a3af1c7
Compare
b369e71 to
6b16ff5
Compare
6b16ff5 to
0d70095
Compare
| * This is a UX hint, NOT an authorization mechanism. Hosts retain full | ||
| * authority, MUST still apply their own allowlist/blocklist, and SHOULD NOT | ||
| * treat a declared origin as proof that a destination is safe. |
There was a problem hiding this comment.
@domfarolino, you paid special attention in the corresponding issue on making sure hosts understand this feature is in no way a trust mechanism. Could you review this last part and confirm wether you deem this explanation sufficient to ensure nobody uses linkTrustedDomains as safe?
|
@idosal @liady ready for a first review following our last working group discussion :) Thanks 🙏 |
There was a problem hiding this comment.
Pull request overview
Adds a new UI resource metadata field, linkTrustedDomains, allowing servers to advertise trusted external link destinations so hosts may optionally skip ui/open-link confirmation prompts while retaining full host policy control.
Changes:
- Extend the UI resource meta type/spec and generated schemas to include optional
_meta.ui.linkTrustedDomains. - Update AppBridge documentation/examples and the basic-host example to plumb
linkTrustedDomainsthrough to the open-link handler. - Adjust workspace dependency pinning to allow
examples/basic-hostto use newer@types/node(forURLPatternusage in the example).
Reviewed changes
Copilot reviewed 9 out of 12 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| src/spec.types.ts | Adds linkTrustedDomains?: string[] to McpUiResourceMeta with detailed semantics and security guidance. |
| src/generated/schema.ts | Adds linkTrustedDomains to McpUiResourceMetaSchema (Zod). |
| src/generated/schema.json | Reflects the new linkTrustedDomains field in the published JSON schema. |
| src/app-bridge.ts | Updates onopenlink JSDoc to mention skipping confirmation and demonstrates trusted-domain handling. |
| src/app-bridge.examples.ts | Updates the onopenlink example to accept and use linkTrustedDomains. |
| specification/draft/apps.mdx | Documents linkTrustedDomains in the UI resource format and ui/open-link host behavior. |
| package.json | Removes the root @types/node override while keeping other overrides. |
| package-lock.json | Updates the lockfile to reflect @types/node bump within examples/basic-host dependency graph. |
| examples/basic-host/src/index.tsx | Plumbs linkTrustedDomains from fetched UI resource meta into newAppBridge(...). |
| examples/basic-host/src/implementation.ts | Implements basic-host behavior: host denylist + app-declared trusted destinations to skip confirmation. |
| examples/basic-host/package.json | Bumps @types/node devDependency for the basic-host workspace. |
| docs/migrate_from_openai_apps.md | Documents mapping from OpenAI redirect_domains to MCP _meta.ui.linkTrustedDomains. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Fixes #678
Motivation and Context
Provide an app controlled way to advertise in-view links that host MAY allow user to navigate to with minimal user friction (removing confirmation modal on redirection).
How Has This Been Tested?
In the basic host implementation
Breaking Changes
None, only added
linkTrustedDomainsas an optional propertyTypes of changes
Checklist
Additional context
Removed the
@types/nodesoverride from rootpackage.jsonin order to be able to up to@types/nodes@24in basic-host exemple and use the recentURLPatternclass to implement link URL testing against trusted domains.