Allow desktop markdown links to open local files and editor schemes

[hhharryyyyy]

Summary

• allow the desktop app to open local file targets instead of rejecting everything except http(s)
• keep custom editor/app schemes like zed://, obsidian://, vscode://, cursor://, and windsurf://
• cover the new target-resolution helper with focused desktop unit tests

Problem

The Electron main process currently only accepts http: and https: URLs for both desktop:open-external and setWindowOpenHandler. That blocks markdown file links and custom editor links before macOS can route them to the user's default app.

Verification

• bun fmt
• bun lint
• bun typecheck
• cd apps/desktop && bun run test src/openTarget.test.ts

---

Note

Medium Risk
Moderate risk because it changes which URLs/paths the Electron main process will open (including local filesystem paths) and alters the sanitization/validation logic guarding shell.openExternal/shell.openPath. Scope is limited and covered by new unit tests, but incorrect parsing could still enable unintended target opens.

Overview
Desktop link opening is expanded beyond http(s) by introducing getSafeOpenTarget to resolve a URL/string into either a local path (including file:// and ~/… with :line/#… suffix stripping) or an external URL restricted to an allowlist of schemes (e.g. vscode://, zed://, obsidian://, cursor://, windsurf://).

The main process now routes both desktop:open-external IPC requests and setWindowOpenHandler popups through a shared openSafeTarget helper that uses shell.openPath for local paths, shell.openExternal for allowed external schemes, and adds structured success/failure logging.

^{Written by Cursor Bugbot for commit c049c60. This will update automatically on new commits. Configure here.}

Note

Allow desktop markdown links to open local files and editor scheme URLs

• Introduces a DesktopOpenTarget discriminated union and getSafeOpenTarget in openTarget.ts to classify user-provided strings as either local filesystem paths (shell.openPath) or external URLs (shell.openExternal).
• Extends the allowed external protocols beyond http/https to include editor and app schemes: vscode:, vscode-insiders:, cursor:, windsurf:, zed:, and obsidian:.
• Adds stripLocationSuffixFromLocalPath to normalize paths by expanding ~, stripping hash/query fragments, and removing :line[:col] suffixes when the base path exists.
• Updates the OPEN_EXTERNAL_CHANNEL IPC handler and setWindowOpenHandler in main.ts to use the new routing logic, replacing the previous http/https-only getSafeExternalUrl approach.
• Behavioral Change: local paths and file:// URLs now open via shell.openPath instead of being rejected; the protocol allowlist now includes non-web schemes.

^{Macroscope summarized c049c60.}

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 6f8273e3-7576-457b-9eee-7cbc776d28b9

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[macroscopeapp]

Approvability

Verdict: Needs human review

This PR expands the desktop app's ability to open links from markdown content - adding support for local file paths, file:// URLs, and editor protocol schemes (vscode, zed, obsidian, etc.). While the implementation includes an allowlist and validation, expanding what protocols and paths can be opened has security implications that warrant human review.

^{You can customize Macroscope's approvability policy. Learn more.}