fix(mobile): deeplink, disable by default

[fufesou]

#14576

2.3 Zero-Click Password Overwrite via Deep Link and 2.6 Zero-Click Infrastructure Hijack (rustdesk://config/) in https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub

CVE-2026-30793

CVE-2026-30797

CVE-2026-30791

Summary by CodeRabbit

• New Features
  • Added runtime controls to restrict deep links for server configuration and password settings on Android/iOS platforms. These can now be enabled or disabled based on preferences.

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1365e502-6546-4dec-83ac-df096d37c0ab

📥 Commits

Reviewing files that changed from the base of the PR and between 9f81771 and f81d8ae.

📒 Files selected for processing (3)

• flutter/lib/common.dart
• flutter/lib/consts.dart
• libs/hbb_common

---

📝 Walkthrough

Walkthrough

Added runtime gating for deep links on Android/iOS by checking configuration options kOptionAllowDeepLinkPassword and kOptionAllowDeepLinkServerSettings. When disabled, handlers display failure toast and return null. When enabled, existing behavior continues unchanged. Also defined two new configuration constants and updated a submodule reference.

Changes

Cohort / File(s)	Summary
Deep Link Gating flutter/lib/common.dart	Added conditional checks for kOptionAllowDeepLinkServerSettings and kOptionAllowDeepLinkPassword in deep link handlers for rustdesk://config and rustdesk://password. When disabled, logs debug message and shows failure toast after 1 second delay before returning null. When enabled, proceeds with existing import/password-setting logic.
Configuration Constants flutter/lib/consts.dart	Added two new string constants: kOptionAllowDeepLinkPassword ("allow-deep-link-password") and kOptionAllowDeepLinkServerSettings ("allow-deep-link-server-settings")
Submodule Update libs/hbb_common	Updated submodule reference from commit 618922b2a77f7be44fc7b86e41f6cfba87d62193 to 87b11a795964b00deded250657a63626f2c1efa0

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 Deep links gated with care today,
Config options guard the way,
Failed requests hop back with grace,
Security wears a rabbit's face! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix(mobile): deeplink, disable by default' directly and clearly summarizes the main change: adding runtime gating to disable deep links by default on mobile platforms.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR mitigates reported mobile deep link CVEs by disabling sensitive rustdesk:// deep link actions (server config import and permanent password overwrite) by default, only allowing them when explicitly enabled via built-in options.

Changes:

• Added new built-in option keys to control whether deep links can modify server settings or permanent password.
• Gated handling of rustdesk://config/... and rustdesk://password/... on Android/iOS behind those options, rejecting and showing a generic failure toast when disabled.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
flutter/lib/consts.dart	Introduces built-in option keys for deep link enablement.
flutter/lib/common.dart	Enforces mobile deep link allowlist checks for config and password authorities with rejection behavior when disabled.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.