You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@octref it looks like you added support for showing a dialog to the user whenever we open a URL externally into IOpenerService. I think this makes sense for the case of the workbench, but the way it works now, it will also trigger a dialog in the standalone editor (I am not even sure we have support for dialogs there). To make matters worse, we store the result into the storage service, which as far as I know is just implemented in-memory in the standalone editor case. So anytime a link opens, the user would get asked again after a reload of the page.
Also, I see some layering issues in the code: You seem to reference workbench.action.configureTrustedDomains from vs/editor which is not good.
Here is my suggestion:
remove this logic from the opener service in vs/editor/browser/services
move this logic, including the code that contributes the workbench.action.configureTrustedDomains into a single workbench contribution (url.contribution.ts for example)
leverage the IOpenerService.registerOpener() method from the workbench layer to participate in the opening and do the dialog + storage logic from there
On top of that: I recently added IOpenerService#openExternal() which is the code that gets triggered, e.g. when an extension calls vscode.env.openExternal(). I wonder: should we show the same dialog on that case for trusted domains? I would think so, but keep in mind that one of the URLs may have the vscode:// scheme which we should always trust.
The text was updated successfully, but these errors were encountered:
@octref after working on #79453 today I think here is a path forward:
introduce a similar concept as we have today where you can register Openerto participate in the opening but call it Validator or similar that can signal with a boolean value if the opening should continue
contribute this validator for opening from your existing url.contribution.ts
move all the code that deals with picker, storage etc into there
revert the existing opener service to how it worked before
I would think it is fine to have these validators run before the opening handlers have a chance to get access. Your validator will only take care of URIs with schemes that we open external (mailto, http, https). This means that an extension that opens a link (via vscode.env.openExternal) will also benefit from your logic.
@bpasero Good suggestion, I went with this interface. PR at #79538.
I didn't realize I broke standalone editor (it'd error out with no product service). After the PR standalone editor is not covered by the link protection mechanism.
exportinterfaceIValidator{shouldOpen(resource: URI): Promise<boolean>;}exportinterfaceIOpenerService{/** * Register a participant that can validate if the URI resource should be opened. * validators are run before openers. */registerValidator(uriScheme: string,validator: IValidator): IDisposable;}
Adding @alexandrudima for standalone editor.
@octref it looks like you added support for showing a dialog to the user whenever we open a URL externally into
IOpenerService
. I think this makes sense for the case of the workbench, but the way it works now, it will also trigger a dialog in the standalone editor (I am not even sure we have support for dialogs there). To make matters worse, we store the result into the storage service, which as far as I know is just implemented in-memory in the standalone editor case. So anytime a link opens, the user would get asked again after a reload of the page.Also, I see some layering issues in the code: You seem to reference
workbench.action.configureTrustedDomains
fromvs/editor
which is not good.Here is my suggestion:
vs/editor/browser/services
workbench.action.configureTrustedDomains
into a single workbench contribution (url.contribution.ts
for example)IOpenerService.registerOpener()
method from the workbench layer to participate in the opening and do the dialog + storage logic from thereOn top of that: I recently added
IOpenerService#openExternal()
which is the code that gets triggered, e.g. when an extension callsvscode.env.openExternal()
. I wonder: should we show the same dialog on that case for trusted domains? I would think so, but keep in mind that one of the URLs may have thevscode://
scheme which we should always trust.The text was updated successfully, but these errors were encountered: