Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow more specific trusted domains rule #83731

Closed
kieferrm opened this issue Oct 31, 2019 · 3 comments
Closed

Allow more specific trusted domains rule #83731

kieferrm opened this issue Oct 31, 2019 · 3 comments
Assignees
@octref
Labels
feature-request Request for new features or functionality verification-needed Verification of issue is requested verified Verification succeeded workbench-link Link protection in workbench
Milestone
November 2019

Comments

@kieferrm
Copy link
Member

1.40.0-insider
31f577e
x64

At some point I had chosen "Trust all domain".
When I now edit the trusted domains using Manage Trusted Domains and remove the * from the list there is no effect. I can still access all domains without any problem.

In stable, this works as expected.
@kieferrm kieferrm added bug Issue identified by VS Code Team member as probable bug important Issue identified as high-priority labels Oct 31, 2019
@kieferrm kieferrm added this to the October 2019 milestone Oct 31, 2019
@octref
Copy link
Contributor

octref commented Oct 31, 2019

I'm on the same commit.

Version: 1.40.0-insider
Commit: 31f577e
Date: 2019-10-30T05:36:49.155Z
Electron: 6.1.2
Chrome: 76.0.3809.146
Node.js: 12.4.0
V8: 7.6.303.31-electron.0
OS: Darwin x64 18.7.0

And this does not reproduce for me.

What I tried:

  • Run Manage Trusted Domains
  • Open an untrusted link in markdown by Cmd+Click

Where in the workbench is the protected link? Also, did you run save in the "Manage Trusted Domains" tab? If not it won't persist the rules.

@octref octref added workbench-link Link protection in workbench and removed important Issue identified as high-priority labels Oct 31, 2019
@octref octref modified the milestones: October 2019, November 2019 Oct 31, 2019
@octref
Copy link
Contributor

octref commented Oct 31, 2019

What we learned after chatting:

  • Currently, a rule like https://foo.com/bar allows ALL links on https://foo.com
  • For next month, we should start allowing rules more specific than a domain, so https://foo.com/bar would make below accessible:
    • https://foo.com/bar
    • https://foo.com/bar/baz

@octref octref changed the title Cannot reenable trusted domain protection Allow more specific trusted domains rule Oct 31, 2019
@octref octref added feature-request Request for new features or functionality and removed bug Issue identified by VS Code Team member as probable bug labels Oct 31, 2019
@octref octref mentioned this issue Nov 6, 2019
Closed
@octref octref closed this as completed in 73d9d76 Nov 6, 2019
@octref octref added the verification-needed Verification of issue is requested label Nov 6, 2019
@octref
Copy link
Contributor

octref commented Nov 6, 2019

Verifier:

@kieferrm kieferrm mentioned this issue Nov 11, 2019
Closed
68 tasks
@RMacfarlane RMacfarlane added the verified Verification succeeded label Dec 3, 2019
@vscodebot vscodebot bot locked and limited conversation to collaborators Dec 21, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@octref octref

Labels
feature-request Request for new features or functionality verification-needed Verification of issue is requested verified Verification succeeded workbench-link Link protection in workbench
Projects
None yet
Milestone
November 2019
Development

No branches or pull requests
3 participants
@RMacfarlane @octref @kieferrm