The current guidance mentions Host behaviour should:
|
- Review HTML content for obvious malicious patterns |
Could we clarify whether there is a standardized guideline or recommended policy for what should be considered a “malicious pattern” in the context of hosted/embedded widgets?
Specifically:
-
Is there an existing standard list or definition of patterns that hosts are expected to scan for?
-
Are there recommended categories of suspicious content (for example, script injection, inline event handlers, javascript: URLs, unexpected iframe usage, etc.)?
-
Is the expectation that hosts implement:
- strict blocking,
- best-effort heuristic scanning,
- or logging/telemetry only?
Context
For third-party widgets/apps, full HTML sanitization is often not practical because it can break legitimate functionality. It would be helpful to understand whether there is a common baseline guideline that hosts should follow for detecting clearly malicious content without overly restricting valid widget behavior.
Goal
Align host implementations on a consistent security expectation while preserving compatibility for legitimate third-party widgets.
The current guidance mentions Host behaviour should:
ext-apps/specification/2026-01-26/apps.mdx
Line 1718 in 9a37ad7
Could we clarify whether there is a standardized guideline or recommended policy for what should be considered a “malicious pattern” in the context of hosted/embedded widgets?
Specifically:
Is there an existing standard list or definition of patterns that hosts are expected to scan for?
Are there recommended categories of suspicious content (for example, script injection, inline event handlers, javascript: URLs, unexpected iframe usage, etc.)?
Is the expectation that hosts implement:
Context
For third-party widgets/apps, full HTML sanitization is often not practical because it can break legitimate functionality. It would be helpful to understand whether there is a common baseline guideline that hosts should follow for detecting clearly malicious content without overly restricting valid widget behavior.
Goal
Align host implementations on a consistent security expectation while preserving compatibility for legitimate third-party widgets.