robmoffat
commented
1 year ago what's the use case behind this @nkolba?
Closed nkolba closed 1 year ago
robmoffat
commented
1 year ago what's the use case behind this @nkolba?
robmoffat
commented
1 year ago ok, just saw Pierre's email - I get it now
By default, Sail restricts apps from opening windows in new origins. Apps that used OAuth redirects or launched other apps or URLs would get blocked and fail silently. There was a mechanism in place for adding trusted origins - but this was within the security-restrictions.ts file (in main)- which meant the list essentially had to be hard coded in.
This PR adds a new property to the SailManifest for apps in the App Directory that can list any number of trusted origins for the app (note : this assumes the directory can be trusted). The App is then allowed to launch these origins and/or redirect to them.
Also, if a non-trusted origin is now launched by an app, it will now open in the default browser (instead of just failing).