Skip to content

chore: add kiro: protocol to external app whitelist #18884

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 15, 2025
Merged

chore: add kiro: protocol to external app whitelist #18884

merged 1 commit into from
Jul 15, 2025

Conversation

blink-so[bot]
Copy link
Contributor

@blink-so blink-so bot commented Jul 15, 2025

Summary

Adds kiro: to the ALLOWED_EXTERNAL_APP_PROTOCOLS whitelist to enable session token injection for kiro.dev URIs when opened from the workspace page.

Changes

  • Added "kiro:" to the ALLOWED_EXTERNAL_APP_PROTOCOLS array in site/src/modules/apps/apps.ts

Why

This change allows kiro.dev applications to receive the user's session token for authentication when launched via kiro:// protocol links from the Coder workspace page, following the same pattern as other supported IDE protocols like vscode:, cursor:, windsurf:, and jetbrains:.

Testing

This is a simple whitelist addition that follows the existing pattern. The change enables:

  1. Session token injection for kiro:// URIs containing $SESSION_TOKEN placeholder
  2. Secure handling of kiro.dev protocol links from the workspace page

Security

The whitelist approach ensures that only approved protocols can receive session tokens, maintaining security while enabling kiro.dev integration.

@blink-so @matifali
feat: add kiro: protocol to external app whitelist
de02f1a 
Adds 'kiro:' to ALLOWED_EXTERNAL_APP_PROTOCOLS to enable session token
injection for kiro.dev URIs when opened from the workspace page.

This allows kiro.dev applications to receive the user's session token
for authentication when launched via kiro:// protocol links.

Co-authored-by: matifali <10648092+matifali@users.noreply.github.com>
@matifali matifali changed the title feat: add kiro: protocol to external app whitelist chore: add kiro: protocol to external app whitelist Jul 15, 2025
@matifali
Copy link
Member

/cherry-pick release/2.24

@matifali matifali enabled auto-merge (squash) July 15, 2025 18:40
@matifali matifali merged commit e76115c into main Jul 15, 2025
33 of 35 checks passed
@matifali matifali deleted the feat/add-kiro-protocol-whitelist branch July 15, 2025 18:45
gcp-cherry-pick-bot bot pushed a commit that referenced this pull request Jul 15, 2025
@blink-so @matifali
chore: add kiro: protocol to external app whitelist (#18884)
af75068 
Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
Co-authored-by: matifali <10648092+matifali@users.noreply.github.com>
@github-actions github-actions bot locked and limited conversation to collaborators Jul 15, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@matifali matifali matifali approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@matifali