Now that GH-227 has been merged, we need to implement some way of allowing the open in sail button to be injected into third-party GitHub enterprise or GitLab self-hosted instances.
Kyle and I had a meeting to discuss this, and the way we decided on was allowing the button to be injected into any site that appears to be GitHub or GitLab like we used to. When the user clicks on the button, the content script will send the "open in sail" request to the background script which will check the approved hosts list (stored in extension storage as approved_hosts). If the host is in the list, the request will be accepted, otherwise a popup will appear asking the user if they want to allow this site to access sail.
This solves the security issue, as any malicious clicks on a sail link would cause a popup to appear (unless the user has trusted that domain already).
The approved hosts list would allow for some sort of wildcard matching (.example.com would match *.example.com and example.com, for example). A configuration page for the extension would be required to remove hosts from the list or manually add them.
We considered storing the approved hosts list in the sail config file (which already exists), but it would be complex for sail to automatically update the approved hosts list if we wanted to add a popup. The extension method seems like a better way (in our opinion) from a UX perspective, and from an ease-of-implementation perspective.
CC: @lucacasonato, @roberthmiller, @kylecarbs
Now that GH-227 has been merged, we need to implement some way of allowing the open in sail button to be injected into third-party GitHub enterprise or GitLab self-hosted instances.
Kyle and I had a meeting to discuss this, and the way we decided on was allowing the button to be injected into any site that appears to be GitHub or GitLab like we used to. When the user clicks on the button, the content script will send the "open in sail" request to the background script which will check the approved hosts list (stored in extension storage as
approved_hosts). If the host is in the list, the request will be accepted, otherwise a popup will appear asking the user if they want to allow this site to access sail.This solves the security issue, as any malicious clicks on a sail link would cause a popup to appear (unless the user has trusted that domain already).
The approved hosts list would allow for some sort of wildcard matching (
.example.comwould match*.example.comandexample.com, for example). A configuration page for the extension would be required to remove hosts from the list or manually add them.We considered storing the approved hosts list in the sail config file (which already exists), but it would be complex for sail to automatically update the approved hosts list if we wanted to add a popup. The extension method seems like a better way (in our opinion) from a UX perspective, and from an ease-of-implementation perspective.
CC: @lucacasonato, @roberthmiller, @kylecarbs