Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Google Vulnerability Report: insecure URI handling scheme #6155

Closed
osy opened this issue Feb 26, 2024 · 4 comments
Closed

Google Vulnerability Report: insecure URI handling scheme #6155

osy opened this issue Feb 26, 2024 · 4 comments
Milestone
v4.5

Comments

@osy
Copy link
Contributor

osy commented Feb 26, 2024

Remove the URI scheme for performing VM operations because they can be triggered from the web browser.
@osy osy added this to the v4.5 milestone Feb 26, 2024
@osy osy closed this as completed in 4d88c35 Mar 30, 2024
@conath
Copy link
Contributor

conath commented Apr 1, 2024

Kind of unfortunate to see this removed, given there's no AppleScript on iOS. This also breaks some of my Shortcuts which control UTM using the URL scheme. Maybe I can look into adding Shortcuts-API-based automation.

@osy
Copy link
Contributor Author

osy commented Apr 1, 2024

Maybe we should implement a new API in iOS just for shortcuts. You want to open a new issue for that? The problem with the URL scheme is there's no way to authenticate the actions.

@conath conath mentioned this issue Apr 3, 2024
Closed
@conath
Copy link
Contributor

conath commented Apr 3, 2024

I opened #6245 about Shortcuts support.

@ylluminate
Copy link

This is upsetting.

@osy osy mentioned this issue May 12, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v4.5
Development

No branches or pull requests
3 participants
@ylluminate @conath @osy