Question: `_meta` placement in `resources/read` response

[qchuchu]

Hey! I've been implementing MCP Apps support and ran into some confusion about where _meta should be placed in the resources/read response.

The ambiguity

In the spec, there are two different examples that suggest different placements:

1. JSON example in "UI Resource Format" section

Shows _meta inside the contents array item:

{
  "contents": [{
    "uri": "ui://weather-server/dashboard-template",
    "mimeType": "text/html;profile=mcp-app",
    "text": "<!DOCTYPE html>...",
    "_meta": {
      "ui": {
        "csp": {
          "connectDomains": ["https://api.openweathermap.org"],
          "resourceDomains": ["https://cdn.jsdelivr.net"]
        }
      }
    }
  }]
}

2. Code example in "4. Content Security Policy Enforcement" section

Uses resource._meta?.ui?.csp which is ambiguous - resource could refer to either the response or the content item:

const csp = resource._meta?.ui?.csp;

Real-world impact

This caused VSCode to implement it as resourceResult._meta?.ui (at the response level), while with Skybridge, our MCP server returns it inside contents[0]._meta.ui (following the JSON example).

Result: CSP domains aren't being read, so scripts/styles from resourceDomains get blocked.

Question

Which is the correct placement?

• Response level: { _meta: { ui: {...} }, contents: [...] }
• Content level: { contents: [{ _meta: { ui: {...} }, ... }] }

I feel that the interface is defining the rule, so it should be at content level, but I guess we need to also adapt the spec too.

---

Related links:

• Spec section: https://github.com/modelcontextprotocol/ext-apps/blob/main/specification/draft/apps.mdx#ui-resource-format
• CSP section: https://github.com/modelcontextprotocol/ext-apps/blob/main/specification/draft/apps.mdx#4-content-security-policy-enforcement