3 · Result
Awaiting artifact…
| Artifact size | — |
| Loads in iframe | — |
| Canvas present & sized | — |
| Frames actually paint | — |
| Runtime JS errors | — |
| CSP violations (strict origin) | — |
How to read this: the strict frame (sandbox=allow-scripts) runs your artifact in an
opaque origin — the harshest case ord may use, where same-origin recursive fetches are blocked. The
same-origin frame (allow-scripts allow-same-origin) lets the harness auto-click play and read the
canvas to confirm frames paint. CSP violations are captured server-side, so they're detected even in the
strict frame the page can't read into. A clean strict frame is the safe bet for mainnet.