# Finding 049: ChatGPT temporary chat fetched the hidden structured-data conflict fixture but exposed only visible text

## Date

2026-07-01

## Status

Published

## Summary

ChatGPT was run against p21, `manual-client-chatgpt-20260625-001-p21`, in a
fresh native ChatGPT Temporary Chat. The exact public target URL was reachable
before prompt submission and contained the expected visible code
`VISIBLE-PLUM-47`, meta-description code `META-AMBER-16`, and JSON-LD code
`SCHEMA-INDIGO-82`.

ChatGPT returned `fetched:true`, `pages_opened:1`, reported the visible page
code `VISIBLE-PLUM-47`, and said its retrieval view did not expose the HTML
source, page metadata, or JSON-LD. Direct-origin logs confirmed one matching
`ChatGPT-User/1.0` page request for
`/lab/reading/hidden-structured-data-conflict` inside the bounded prompt
window.

## What does this mean?

For site owners and researchers, this run shows ChatGPT opening a supplied page and grounding its answer in visible body text while hidden page signals stayed outside the answer it could produce. The page contained both a meta-description code and a JSON-LD code in raw HTML, but ChatGPT reported neither, so a successful assistant fetch is not automatically evidence that metadata or structured data influenced the response.

## Method

- Browser task:
  `research/manual-client-runs/browser-tasks/manual-client-chatgpt-20260625-001-p21.browser-task.json`
- Prompt packet:
  `research/manual-client-runs/manual-client-chatgpt-20260625-001.prompts.json`
- Answer artifact:
  `research/manual-client-runs/manual-client-chatgpt-20260625-001.answers.json`
- Response file:
  `research/manual-client-runs/browser-tasks/responses/manual-client-chatgpt-20260625-001-p21.response.json`

Before submitting the prompt, the exact target URL was checked with `curl`.
The response returned `HTTP 200` and contained `VISIBLE-PLUM-47`,
`META-AMBER-16`, and `SCHEMA-INDIGO-82`.

ChatGPT was opened at `https://chatgpt.com/?temporary-chat=true` in the
OpenClaw-controlled Chrome profile. The UI showed the logged-in `kai bot` Free
plan account, model selector text `ChatGPT`, an `Upgrade` button, and native
Temporary Chat state before prompt submission. The prompt was submitted in
that fresh temporary chat, not an old conversation.

Direct-origin review checked `/api/hits` and `data/events.json` for the exact
attempt id and fixture path during the bounded prompt window.

## Result

| Field | Value |
|---|---|
| Attempt ID | manual-client-chatgpt-20260625-001-p21 |
| Client | ChatGPT (chatgpt-web) |
| Visible model/context | ChatGPT, Free plan, native Temporary Chat |
| Source prompt | reading-hidden-structured-data-conflict |
| Fetched | true |
| Pages opened | 1 |
| Visible page code | VISIBLE-PLUM-47 |
| Meta-description code exposed | no |
| JSON-LD code exposed | no |
| Direct-origin events | exact target page |
| Raw event ids | `mr1bvdte-5h2ol40n` |
| Bounded window | 2026-07-01T00:18:50Z - 2026-07-01T00:19:59Z |
| Confirmed hit from prompt | true |
| Confirmation status | confirmed_hit_with_window |

## Raw response

```json
{
  "attempt_id": "manual-client-chatgpt-20260625-001-p21",
  "source_prompt_id": "reading-hidden-structured-data-conflict",
  "prompt_code": "manual-client-chatgpt-20260625-001-p21",
  "ai_system": "ChatGPT",
  "fetched": true,
  "pages_opened": 1,
  "answer": {
    "visible_page_code": "VISIBLE-PLUM-47",
    "meta_description": null,
    "json_ld": null
  },
  "evidence_quote": "The page quality code is VISIBLE-PLUM-47.",
  "limitations": "The client could open the page and inspect the visible content exposed by the retrieval tool. It did not expose the HTML source, page metadata, or JSON-LD, so no meta description or JSON-LD could be observed.",
  "confidence": "high"
}
```

## Origin evidence

```json
{
  "timestampWindow": {
    "startedAt": "2026-07-01T00:18:50Z",
    "endedAt": "2026-07-01T00:19:59Z"
  },
  "sourcePromptId": "reading-hidden-structured-data-conflict",
  "promptCode": "manual-client-chatgpt-20260625-001-p21",
  "confirmedHitFromPrompt": true,
  "rawEventIds": [
    "mr1bvdte-5h2ol40n"
  ],
  "events": [
    {
      "id": "mr1bvdte-5h2ol40n",
      "timestamp": "2026-07-01T00:18:59.441Z",
      "eventType": "server_page",
      "path": "/lab/reading/hidden-structured-data-conflict",
      "testId": "manual-client-chatgpt-20260625-001-p21",
      "sourcePromptId": "reading-hidden-structured-data-conflict",
      "promptCode": "manual-client-chatgpt-20260625-001-p21",
      "userAgent": "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot",
      "ip": "::ffff:172.213.21.30",
      "officialIpMatch": "OpenAI ChatGPT-User 172.213.21.16/28"
    }
  ],
  "resourceCounts": {
    "htmlPageRequests": 1,
    "robotsRequests": 0,
    "trackingPixelFetches": 0,
    "nonPixelSubresources": 0,
    "clientCapabilityEvents": 0
  }
}
```

## Interpretation

This run confirms that ChatGPT opened the exact p21 target URL during the
bounded prompt window. The origin request carried the `ChatGPT-User/1.0` user
agent and matched an official OpenAI ChatGPT-User IP range, so the direct-origin
evidence aligns with the model's `fetched:true` answer.

The p21 fixture removes the p20 visible cue that metadata and JSON-LD disagree.
ChatGPT still reported only the visible code and left the meta-description and
JSON-LD codes unobserved, even though preflight confirmed both hidden codes
were present in the raw HTML. This supports a visible-content retrieval
interpretation for this run, not full raw-source inspection.

## Limitations

- This finding covers one ChatGPT run, one account/session, one model selector
  state, and one fixture.
- The prompt supplied the exact target URL, so the run tests direct opening,
  not independent discovery.
- ChatGPT exposed only the visible model label `ChatGPT`; no deeper internal
  model id was visible in the UI.
- The recorded start and end times are operator-side bounds around submission
  and final answer observation, not service-internal fetch timestamps.
- Origin review found no `/robots.txt`, tracking-pixel, subresource, or
  client-capability events for this attempt, so this is not evidence of
  browser-like rendering or JavaScript execution.

## Publication Thesis Verification

- Thesis: ChatGPT native Temporary Chat fetched the p21 hidden structured-data
  conflict fixture, reported visible page text, and did not expose
  meta-description or JSON-LD codes in its answer during this
  controlled-browser attempt.
- Source: Fresh ChatGPT Temporary Chat response, generated response and answer
  artifacts, browser-task artifact, preflight output, and bounded `/api/hits`
  plus `data/events.json` review.
- Method: Exact public target preflight, controlled-browser use of a fresh
  ChatGPT Temporary Chat, prompt submission, exact attempt-id review,
  fixture-path review, raw event id capture, official IP-range classification
  review, and bounded timestamp-window correlation.
- Bias: Single run, Free plan account, visible `ChatGPT` selector, and
  ChatGPT's current retrieval path may not represent every ChatGPT product
  surface, model, or tier.
- Consensus: Consistent with Finding 041, where ChatGPT fetched the p20
  structured-data conflict fixture and exposed visible page text while leaving
  metadata and JSON-LD unobserved.
- Invalidation: Missing or mismatched raw event ids, a response artifact from
  the same attempt showing a different answer, a timestamp-window mismatch, or
  a served-fixture mismatch would weaken this result.
- Verdict: Supported for this run. The copied ChatGPT answer, matching
  ChatGPT-User origin event, official IP-range evidence, and preflighted
  fixture contents align.
- Additional tests suggested: run p21 for Copilot/Bing, then compare the p21
  client set against p20 to see whether removal of the visible conflict cue
  changes hidden metadata or JSON-LD reporting.

## Next steps

- Continue the remaining p21 controlled-browser task for Copilot/Bing.
- Compare p20 and p21 ChatGPT results to document whether removing the visible
  conflict cue changed metadata or JSON-LD exposure.
