From 2a06a446a94d6c56df1c4fc6d32790cffc3a6609 Mon Sep 17 00:00:00 2001 From: Max Stoiber Date: Thu, 5 Feb 2026 11:01:03 -0800 Subject: [PATCH] Change Host <> Sandbox communication protocol to "SHOULD" In ChatGPT, we have our own sandbox <> host communication protocol that doesn't match the names of the protocol enforced by the "MUST" in the spec. This changes that by marking the specific messages sent back and forth as a "SHOULD". --- specification/draft/apps.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/specification/draft/apps.mdx b/specification/draft/apps.mdx index fd431ae8..cb73cabe 100644 --- a/specification/draft/apps.mdx +++ b/specification/draft/apps.mdx @@ -491,8 +491,8 @@ If the Host is a web page, it MUST wrap the View and communicate with it through 1. The Host and the Sandbox MUST have different origins. 2. The Sandbox MUST have the following permissions: `allow-scripts`, `allow-same-origin`. -3. The Sandbox MUST send a `ui/notifications/sandbox-proxy-ready` notification to the host when it's ready to process an `ui/notifications/sandbox-resource-ready` notification. -4. Once the Sandbox is ready, the Host MUST send the raw HTML resource to load in a `ui/notifications/sandbox-resource-ready` notification. +3. The Sandbox SHOULD send a `ui/notifications/sandbox-proxy-ready` notification to the host when it's ready to process an `ui/notifications/sandbox-resource-ready` notification. +4. Once the Sandbox is ready, the Host SHOULD send the raw HTML resource to load in a `ui/notifications/sandbox-resource-ready` notification. 5. The Sandbox MUST load the raw HTML of the View with CSP settings that: - Enforce the domains declared in `ui.csp` metadata - If `frameDomains` is provided, allow nested iframes from declared origins; otherwise use `frame-src 'none'`