fix!: require eventSource in PostMessageTransport + add security tests #208
+433
−2
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adds comprehensive E2E tests to verify security boundaries: 1. Sandbox Security - Verifies sandbox proxy rejects messages from unexpected origins - Verifies host correctly validates sandbox source - Tests app-to-host communication through secure channel - Checks iframe sandbox attributes are properly configured 2. Host Resilience - Tests host continues working when servers fail to connect - Verifies failed connections are logged as warnings 3. CSP and Content Security - Verifies sandbox injects CSP meta tag into app HTML - Tests CSP logging 4. Origin Validation Details - Tests sandbox extracts host origin from referrer - Verifies messages use specific origin (not wildcard) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Adds comprehensive E2E tests to verify security infrastructure: 1. Sandbox Security - Verifies valid messages are not rejected (asserts on rejection logs) - Verifies host does not log unknown source warnings - Tests app-to-host message reception - Checks iframe sandbox attributes on both outer and inner iframes 2. Host Resilience - Tests host UI loads with servers - Verifies server count display 3. Origin Validation Infrastructure - Tests CSP logging is active - Verifies round-trip app communication - Checks iframe isolation via sandbox attributes 4. Security Self-Test - Verifies sandbox security self-test passes (window.top inaccessible) - Confirms referrer validation allows localhost Note: True cross-origin attack testing would require a multi-origin test setup. These tests verify the security infrastructure is in place and functioning correctly for valid communication paths. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
commit: |
![github-code-quality[bot]](https://avatars.githubusercontent.com/u/9919?s=60&v=4){kind=small}
The host logs "[HOST] Message from MCP App:" not "message callback". 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Adds tests for the attack vector where a malicious app tries to inject messages into another app via: window.parent.parent.frames[i].frames[0].postMessage(fakeResponse, "*") The protection (added in PR #207) is that PostMessageTransport validates event.source matches the expected source (window.parent for apps), so messages from other apps are rejected. Tests added: 1. "app rejects messages from sources other than its parent" - Simulates injection attempt from page context - Verifies app remains functional after attack attempt 2. "PostMessageTransport is configured with source validation" - Verifies valid parent->app communication still works - Confirms source validation doesn't break legitimate messages 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
ochafik
force-pushed
the
ochafik/security-tests
branch
from
65c782d to
1a94ba4
Compare
ochafik
changed the title
Replaced the vacuous 'sandbox logs indicate origin validation is active' test (which had an assertion that always passed: length >= 0) with a proper test that: 1. Injects a message from the wrong source (page context, not parent) 2. Verifies that PostMessageTransport logs 'Ignoring message from unknown source' This actually tests that the source validation in PostMessageTransport is working correctly.
Collaborator
Author
|
@claude review this PR thoroughly and critically |
The previous test tried to inject messages into the inner iframe, but this fails silently because the sandbox creates a cross-origin boundary that prevents access to contentDocument. Changed the test to verify the actual security mechanism: - Sandbox creates cross-origin boundary (contentDocument is null) - contentWindow still exists (for postMessage communication) - This is what actually prevents cross-app attacks
antonpk1
approved these changes
Jan 7, 2026
Merged
ochafik
added a commit
that referenced
this pull request
Jan 9, 2026
Merge latest changes from main including: - Vue, Svelte, Preact, and Solid basic server examples (#141) - safeAreaInsets support (#202) - E2E test fixes (#206) - npm publishing for examples (#184) - ui.resourceUri optional (#210) - Method names as consts (#192) - toolInfo.id optional (#216) - PostMessageTransport security fixes (#207, #208) - Server-utils.ts refactoring
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Makes
eventSourceparameter required inPostMessageTransportconstructor to enforce source validation (fix useApp, follow up to #207 ), preventing cross-app message injection attacks. Also adds comprehensive E2E security tests.Breaking Changes
PostMessageTransportconstructor: TheeventSourceparameter is now required (was optional)Fixes
useApphook: Fixed to pass both arguments toPostMessageTransportSecurity Tests Added (14 tests)
Sandbox Security (5 tests)
Cross-App Message Injection Protection (2 tests)
Host Resilience (2 tests)
Origin Validation Infrastructure (3 tests)
Security Self-Test (2 tests)
Test plan
🤖 Generated with Claude Code