From a7a4a49d57b73af47559e81fe16c764d2a67302d Mon Sep 17 00:00:00 2001
From: isc-tleavitt <73311181+isc-tleavitt@users.noreply.github.com>
Date: Tue, 24 Jan 2023 15:05:43 -0500
Subject: [PATCH] Improve non-https behavior

Even localhost has issues. This helps a lot.
---
 CHANGELOG.md                    |  1 +
 README.md                       |  3 +++
 cls/SourceControl/Git/Utils.cls | 22 ++++++++++++++++++----
 3 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7f8922db..bda429a0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Fixed
 - Link from WebUI to Settings page works properly (#230)
+- VSCode Web Views launch in external browser when connecting over unsecured connections (#227)
 
 ## [2.1.0] - 2023-01-23
 
diff --git a/README.md b/README.md
index 8d40f232..91a2cacf 100644
--- a/README.md
+++ b/README.md
@@ -51,6 +51,9 @@ This might look like:
 
 ### Security
 
+#### Unsecured (http) connections
+You really should be connecting to IRIS over a secured (https) connection. If you're not, web pages in this extension will launch in an external browser, because constraints around session cookies keep them from working properly in VSCode.
+
 #### Dubious Ownership
 Newer git versions may produce output like:
 ```
diff --git a/cls/SourceControl/Git/Utils.cls b/cls/SourceControl/Git/Utils.cls
index 4a4754f0..46df8898 100644
--- a/cls/SourceControl/Git/Utils.cls
+++ b/cls/SourceControl/Git/Utils.cls
@@ -148,9 +148,22 @@ ClassMethod UserAction(InternalName As %String, MenuName As %String, ByRef Targe
         set InternalName = "/" _ InternalName
     }
 
+    set externalBrowser = 0
+    set urlPrefix = ""
+    set urlPostfix = ""
+    if $IsObject($Get(%request)) && (%request.Application = "/api/atelier/") && '%request.Secure {
+        // In this case, won't work in an iframe. Need to launch in an external browser.
+        set externalBrowser = 1
+        set urlPrefix = "http://"_%request.CgiEnvs("HTTP_HOST")
+        set token = $Get(%session.Data("WebCSPToken"))
+        set token = ##class(%Atelier.v1.Utils.General).GetCSPToken("/isc/studio/usertemplates/dummy.csp",token)
+        set %session.Data("WebCSPToken") = token
+        set urlPostfix = "CSPCHD="_token
+    }
+
     if (menuItemName = "Settings") {
-        set Action = 2
-        set Target = "/isc/studio/usertemplates/gitsourcecontrol/gitprojectsettings.csp?NSpace="_$namespace_"&Username="_$username
+        set Action = 2 + externalBrowser
+        set Target = urlPrefix _ "/isc/studio/usertemplates/gitsourcecontrol/gitprojectsettings.csp?Namespace="_$namespace_"&Username="_$username_"&"_urlPostfix
     } elseif (menuItemName = "Init") {
         if ##class(%File).CreateDirectoryChain(..TempFolder()) {
             // cleanup items info
@@ -165,8 +178,8 @@ ClassMethod UserAction(InternalName As %String, MenuName As %String, ByRef Targe
             set ec = ..MakeError("Unable to create folder "_..TempFolder())
         }
     } elseif (menuItemName = "GitWebUI") {
-        set Action = 2
-        set Target = "/isc/studio/usertemplates/gitsourcecontrol/webuidriver.csp/"_$namespace_"/"_$zconvert(InternalName,"O","URL")
+        set Action = 2 + externalBrowser
+        set Target = urlPrefix _ "/isc/studio/usertemplates/gitsourcecontrol/webuidriver.csp/"_$namespace_"/"_$zconvert(InternalName,"O","URL")_"?"_urlPostfix
     } elseif (menuItemName = "Export") || (menuItemName = "ExportForce") {
         write !, "==export start==",!
         set ec = ..ExportAll($case(menuItemName="ExportForce",1:$$$Force,:0))
@@ -1881,3 +1894,4 @@ ClassMethod BuildCEInstallationPackage(ByRef destination As %String) As %Status
 }
 
 }
+