add all csp and permissions to host capabilities + update SEP

idosal · idosal · commit e038020b50c8 · 2025-12-18T22:31:00.000+02:00
diff --git a/examples/basic-host/package.json b/examples/basic-host/package.json
@@ -25,6 +25,7 @@
     "@vitejs/plugin-react": "^4.3.4",
     "concurrently": "^9.2.1",
     "cors": "^2.8.5",
+    "cross-env": "^10.1.0",
     "express": "^5.1.0",
     "prettier": "^3.6.2",
     "vite": "^6.0.0",
diff --git a/examples/basic-server-react/package.json b/examples/basic-server-react/package.json
@@ -26,6 +26,7 @@
     "@vitejs/plugin-react": "^4.3.4",
     "concurrently": "^9.2.1",
     "cors": "^2.8.5",
+    "cross-env": "^10.1.0",
     "express": "^5.1.0",
     "typescript": "^5.9.3",
     "vite": "^6.0.0",
diff --git a/examples/basic-server-vanillajs/package.json b/examples/basic-server-vanillajs/package.json
@@ -21,6 +21,7 @@
     "@types/node": "^22.0.0",
     "concurrently": "^9.2.1",
     "cors": "^2.8.5",
+    "cross-env": "^10.1.0",
     "express": "^5.1.0",
     "typescript": "^5.9.3",
     "vite": "^6.0.0",
diff --git a/examples/budget-allocator-server/package.json b/examples/budget-allocator-server/package.json
@@ -25,6 +25,7 @@
     "@types/node": "^22.0.0",
     "concurrently": "^9.2.1",
     "cors": "^2.8.5",
+    "cross-env": "^10.1.0",
     "express": "^5.1.0",
     "typescript": "^5.9.3",
     "vite": "^6.0.0",
diff --git a/examples/cohort-heatmap-server/package.json b/examples/cohort-heatmap-server/package.json
@@ -29,6 +29,7 @@
     "@vitejs/plugin-react": "^4.3.4",
     "concurrently": "^9.2.1",
     "cors": "^2.8.5",
+    "cross-env": "^10.1.0",
     "express": "^5.1.0",
     "typescript": "^5.9.3",
     "vite": "^6.0.0",
diff --git a/examples/customer-segmentation-server/package.json b/examples/customer-segmentation-server/package.json
@@ -25,6 +25,7 @@
     "@types/node": "^22.0.0",
     "concurrently": "^9.2.1",
     "cors": "^2.8.5",
+    "cross-env": "^10.1.0",
     "express": "^5.1.0",
     "typescript": "^5.9.3",
     "vite": "^6.0.0",
diff --git a/examples/scenario-modeler-server/package.json b/examples/scenario-modeler-server/package.json
@@ -30,6 +30,7 @@
     "@vitejs/plugin-react": "^4.3.4",
     "concurrently": "^9.2.1",
     "cors": "^2.8.5",
+    "cross-env": "^10.1.0",
     "express": "^5.1.0",
     "typescript": "^5.9.3",
     "vite": "^6.0.0",
diff --git a/examples/simple-host/sandbox.html b/examples/simple-host/sandbox.html
@@ -57,10 +57,21 @@
       inner.setAttribute('sandbox', 'allow-scripts allow-same-origin');
       document.body.appendChild(inner);
 
+      // Build iframe allow attribute from permissions
+      function buildAllowAttribute(permissions) {
+        if (!permissions) return '';
+        const allowList = [];
+        if (permissions.camera) allowList.push('camera');
+        if (permissions.microphone) allowList.push('microphone');
+        if (permissions.geolocation) allowList.push('geolocation');
+        return allowList.join('; ');
+      }
+
       window.addEventListener('message', async (event) => {
         if (event.source === window.parent) {
           if (event.data && event.data.method === 'ui/notifications/sandbox-resource-ready') {
-            const { html, sandbox } = event.data.params || {};
+            const { html, sandbox, permissions } = event.data.params || {};
+            // Note: csp is not extracted here - CSP is set via HTTP response headers in serve.ts
             if (typeof sandbox === 'string') {
               // Ensure allow-same-origin is present for document.write to work
               let finalSandbox = sandbox;
@@ -69,6 +80,11 @@
               }
               inner.setAttribute('sandbox', finalSandbox);
             }
+            // Set Permission Policy allow attribute if permissions are provided
+            const allowAttribute = buildAllowAttribute(permissions);
+            if (allowAttribute) {
+              inner.setAttribute('allow', allowAttribute);
+            }
             if (typeof html === 'string') {
               // Use document.write instead of srcdoc to avoid CSP base-uri issues
               // document.write allows the browser to resolve relative URLs correctly
diff --git a/examples/system-monitor-server/package.json b/examples/system-monitor-server/package.json
@@ -26,6 +26,7 @@
     "@types/node": "^22.0.0",
     "concurrently": "^9.2.1",
     "cors": "^2.8.5",
+    "cross-env": "^10.1.0",
     "express": "^5.1.0",
     "typescript": "^5.9.3",
     "vite": "^6.0.0",
diff --git a/examples/threejs-server/package.json b/examples/threejs-server/package.json
@@ -31,6 +31,7 @@
     "@vitejs/plugin-react": "^4.3.4",
     "concurrently": "^9.2.1",
     "cors": "^2.8.5",
+    "cross-env": "^10.1.0",
     "express": "^5.1.0",
     "typescript": "^5.9.3",
     "vite": "^6.0.0",
diff --git a/examples/wiki-explorer-server/package.json b/examples/wiki-explorer-server/package.json
@@ -25,6 +25,7 @@
     "@types/node": "^22.0.0",
     "concurrently": "^9.2.1",
     "cors": "^2.8.5",
+    "cross-env": "^10.1.0",
     "express": "^5.1.0",
     "force-graph": "^1.49.0",
     "typescript": "^5.9.3",
diff --git a/package-lock.json b/package-lock.json
diff --git a/specification/draft/apps.mdx b/specification/draft/apps.mdx
@@ -578,6 +578,52 @@ Example:
 }
 ```
 
+### Host Capabilities
+
+`HostCapabilities` are sent to the Guest UI as part of the response to `ui/initialize` (inside `McpUiInitializeResult`).
+They describe the features and capabilities that the Host supports.
+
+```typescript
+interface HostCapabilities {
+  /** Experimental features (structure TBD). */
+  experimental?: {};
+  /** Host supports opening external URLs. */
+  openLinks?: {};
+  /** Host can proxy tool calls to the MCP server. */
+  serverTools?: {
+    /** Host supports tools/list_changed notifications. */
+    listChanged?: boolean;
+  };
+  /** Host can proxy resource reads to the MCP server. */
+  serverResources?: {
+    /** Host supports resources/list_changed notifications. */
+    listChanged?: boolean;
+  };
+  /** Host accepts log messages. */
+  logging?: {};
+  /** Sandbox configuration applied by the host. */
+  sandbox?: {
+    /** Permissions granted by the host (camera, microphone, geolocation). */
+    permissions?: {
+      camera?: boolean;
+      microphone?: boolean;
+      geolocation?: boolean;
+    };
+    /** CSP domains approved by the host. */
+    csp?: {
+      /** Approved origins for network requests (fetch/XHR/WebSocket). */
+      connectDomains?: string[];
+      /** Approved origins for static resources (scripts, images, styles, fonts). */
+      resourceDomains?: string[];
+      /** Approved origins for nested iframes (frame-src directive). */
+      frameDomains?: string[];
+      /** Approved base URIs for the document (base-uri directive). */
+      baseUriDomains?: string[];
+    };
+  };
+}
+```
+
 ### Theming
 
 Hosts can optionally pass CSS custom properties via `HostContext.styles.variables` for visual cohesion with the host environment.
diff --git a/src/generated/schema.json b/src/generated/schema.json
diff --git a/src/generated/schema.test.ts b/src/generated/schema.test.ts
diff --git a/src/generated/schema.ts b/src/generated/schema.ts
diff --git a/src/spec.types.ts b/src/spec.types.ts
