refactor: Remove permissions support (defer to PR #158)

Keep this PR focused on CSP security fixes only.
Permissions (camera, microphone, geolocation) will be
handled in #158.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: ochafik

examples/basic-host/src/implementation.ts

@@ -48,11 +48,6 @@ interface UiResourceData {
     frameDomains?: string[];
     baseUriDomains?: string[];
   };
-  permissions?: {
-    camera?: boolean;
-    microphone?: boolean;
-    geolocation?: boolean;
-  };
 }
 
 export interface ToolCallInfo {
@@ -115,16 +110,15 @@ async function getUiResource(serverInfo: ServerInfo, uri: string): Promise<UiRes
 
   const html = "blob" in content ? atob(content.blob) : content.text;
 
-  // Extract CSP and permissions metadata from resource content._meta.ui (or content.meta for Python SDK)
+  // Extract CSP metadata from resource content._meta.ui.csp (or content.meta for Python SDK)
   log.info("Resource content keys:", Object.keys(content));
   log.info("Resource content._meta:", (content as any)._meta);
 
   // Try both _meta (spec) and meta (Python SDK quirk)
   const contentMeta = (content as any)._meta || (content as any).meta;
   const csp = contentMeta?.ui?.csp;
-  const permissions = contentMeta?.ui?.permissions;
 
-  return { html, csp, permissions };
+  return { html, csp };
 }
 
 
@@ -179,10 +173,10 @@ export async function initializeApp(
     new PostMessageTransport(iframe.contentWindow!, iframe.contentWindow!),
   );
 
-  // Load inner iframe HTML with CSP and permissions metadata
-  const { html, csp, permissions } = await appResourcePromise;
-  log.info("Sending UI resource HTML to MCP App", csp ? `(CSP: ${JSON.stringify(csp)})` : "", permissions ? `(Permissions: ${JSON.stringify(permissions)})` : "");
-  await appBridge.sendSandboxResourceReady({ html, csp, permissions });
+  // Load inner iframe HTML with CSP metadata
+  const { html, csp } = await appResourcePromise;
+  log.info("Sending UI resource HTML to MCP App", csp ? `(CSP: ${JSON.stringify(csp)})` : "");
+  await appBridge.sendSandboxResourceReady({ html, csp });
 
   // Wait for inner iframe to be ready
   log.info("Waiting for MCP App to initialize...");

examples/basic-host/src/sandbox.ts

@@ -66,22 +66,6 @@ const PROXY_READY_NOTIFICATION: McpUiSandboxProxyReadyNotification["method"] =
 // Security: CSP is enforced via HTTP headers on sandbox.html (set by serve.ts
 // based on ?csp= query param). This is tamper-proof unlike meta tags.
 
-// Build iframe allow attribute from permissions (camera, microphone, geolocation)
-function buildAllowAttribute(permissions?: {
-  camera?: boolean;
-  microphone?: boolean;
-  geolocation?: boolean;
-}): string {
-  if (!permissions) return "";
-
-  const allowList: string[] = [];
-  if (permissions.camera) allowList.push("camera");
-  if (permissions.microphone) allowList.push("microphone");
-  if (permissions.geolocation) allowList.push("geolocation");
-
-  return allowList.join("; ");
-}
-
 window.addEventListener("message", async (event) => {
   if (event.source === window.parent) {
     // Validate that messages from parent come from the expected host origin.
@@ -97,16 +81,10 @@ window.addEventListener("message", async (event) => {
     }
 
     if (event.data && event.data.method === RESOURCE_READY_NOTIFICATION) {
-      const { html, sandbox, permissions } = event.data.params;
+      const { html, sandbox } = event.data.params;
       if (typeof sandbox === "string") {
         inner.setAttribute("sandbox", sandbox);
       }
-      // Set Permission Policy allow attribute if permissions are requested
-      const allowAttribute = buildAllowAttribute(permissions);
-      if (allowAttribute) {
-        console.log("[Sandbox] Setting allow attribute:", allowAttribute);
-        inner.setAttribute("allow", allowAttribute);
-      }
       if (typeof html === "string") {
         // Use document.write instead of srcdoc for WebGL compatibility.
         // srcdoc creates an opaque origin which prevents WebGL canvas updates