fix(security): remove allow-same-origin from MCP Apps sandbox iframes

The Lit sample and shared sandbox proxy included allow-same-origin in
iframe sandbox attributes, violating the MCP Apps guide/spec:

- Lit outer iframe: removed sandbox attribute entirely (guide says
  don't sandbox the proxy iframe)
- Lit sendSandboxResourceReady: allow-scripts only (was allow-scripts
  allow-forms allow-popups allow-modals allow-same-origin)
- Shared sandbox.ts inner iframe default: allow-scripts only (was
  allow-scripts allow-same-origin allow-forms)

The Angular sample already correctly used sandbox: 'allow-scripts'.

Confirmed against MCP Apps spec (SEP-1865) and AppBridge SDK docs.

Fixes security discrepancy found by Gemini Code Assist review on #1062.

Author: zeroasterisk

samples/client/lit/custom-components-example/ui/custom-components/mcp-apps-component.ts

@@ -76,7 +76,6 @@ export class McpApp extends Root {
         <iframe
           id="mcp-sandbox"
           referrerpolicy="origin"
-          sandbox="allow-scripts allow-forms allow-popups allow-modals allow-same-origin"
         ></iframe>
       </div>
     `;
@@ -176,7 +175,7 @@ export class McpApp extends Root {
     // 4. Send the Inner HTML UI resource to the sandbox to spin up the actual app.
     await this.bridge.sendSandboxResourceReady({
       html: this.htmlContent,
-      sandbox: "allow-scripts allow-forms allow-popups allow-modals allow-same-origin"
+      sandbox: "allow-scripts"
     });
   }
 

samples/client/shared/mcp_apps_inner_iframe/sandbox.ts

@@ -63,7 +63,7 @@ if (!disableSelfTest) {
 // iframe on a separate origin. It creates an inner iframe for untrusted HTML content.
 const inner = document.createElement("iframe");
 inner.style.cssText = "width:100%; height:100%; border:none;";
-inner.setAttribute("sandbox", "allow-scripts allow-same-origin allow-forms");
+inner.setAttribute("sandbox", "allow-scripts");
 document.body.appendChild(inner);
 
 const RESOURCE_READY_NOTIFICATION: McpUiSandboxResourceReadyNotification["method"] =