I always get a “Check this link is safe” dialog when clicking on links rendered by my ChatGPT app. Is this because the app hasn’t been approved yet?
I am seeing the same thing.
I see this is not happening for external links on existing production apps.
hoping for clarification
use widgetCsp connect_domains in resource meta to allow links without getting the warning modal
"openai/widgetCSP": {
connect_domains: ["https://chatgpt.com"], // example external link domain
resource_domains: ["https://*.oaistatic.com"], // example CDN allowlist
},
2 Likes
You also need to whitelist the domains that your links lead to, so if your links open google.com, you also need to add https://google.com and https://wwww.google.com in connect_domains and resource_domains.
1 Like
@Zeke_Bergida @elieobeid have you actually seen a difference after adding the "openai/widgetCSP" meta to the resource’s contents? On my end, it seems to be ignored as I keep getting the “Check this link is safe” modal (even though the target domain has been whitelisted in both connect_domains and resource_domains).
yes, i can confirm that this fixed the issue in my case. make sure you are adding to the resource meta and not the tool meta. my only other suggestion is to make sure you are redirecting with the documented window.openai.openExternal({ href: targetUrl }). but i am not sure if that would be a blocker here or not
Hey @Zeke_Bergida thanks for the help! However, I can confirm that:
- the
openai/widgetCSPthingy is at the resourcemetalevel - it contains the domain of the website I’m taking people to
- I’m using
openai.openExternalto open the external link
If you have any other ideas, I’m happy to hear about them 
Okay, I owe you an apology there. I was defining the metas in meta, instead of the expected _meta 
Read the docs, they say!
1 Like