specs(GH2164): browser pane for local previews and web lookup#12178
specs(GH2164): browser pane for local previews and web lookup#12178ashsidhu wants to merge 1 commit into
Conversation
Define the product behavior, platform-webview architecture, implementation sequencing, privacy boundaries, and validation plan for an in-app Browser Pane. Co-Authored-By: Codex <codex@openai.com>
|
Thank you for your pull request and welcome to our community. We require contributors to sign our Contributor License Agreement, and we don't seem to have the users @ashsidhu on file. In order for us to review and merge your code, each contributor must visit https://cla.warp.dev to read and agree to our CLA. Once you have done so, please comment |
|
Every PR must be linked to a same-repo issue before Oz can review it. Next step: open or find a same-repo issue describing this change, then link it to this PR by adding See the contribution guidelines for the full readiness model. Powered by Oz |
github-actions
Bot
added
the
external-contributor
![oz-for-oss[bot]](https://avatars.githubusercontent.com/in/3450139?s=60&v=4){kind=small}
There was a problem hiding this comment.
Every PR must be linked to a same-repo issue before Oz can review it.
Next step: open or find a same-repo issue describing this change, then link it to this PR by adding Closes #123 to the PR description (or using the "Development" sidebar on GitHub). A maintainer will mark the issue ready-to-spec when it is ready. Once it is marked, comment /oz-review to re-trigger review.
See the contribution guidelines for the full readiness model.
Powered by Oz
|
/oz-review |
|
I'm re-reviewing this spec-only pull request in response to a review request. You can view the conversation on Warp. I completed the review and no human review was requested for this pull request. Comment Powered by Oz |
There was a problem hiding this comment.
Overview
This PR adds product and technical specs for an in-app Browser Pane covering local previews, web lookup, pane lifecycle, restore, platform webview choices, telemetry, privacy, accessibility, and validation. The scope and architecture are mostly well-bounded for v1, but the embedded browser design still leaves security-sensitive permission and persistence behavior underspecified.
Concerns
- The spec needs an explicit default policy for webview permission prompts and privileged browser APIs before implementation.
- The disk-backed storage fallback needs crash/unclean-shutdown cleanup semantics so cookies/cache do not persist beyond the intended local session boundary.
- The default Google search path should disclose that raw search queries leave Warp for a third-party provider.
Security
- Permission prompts and privileged browser APIs need a default-deny, route-external, or user-gated policy.
- Browser Pane-specific disk storage needs crash-safe cleanup if an ephemeral/private webview mode is unavailable.
Verdict
Found: 0 critical, 2 important, 1 suggestions
Request changes
Comment /oz-review on this pull request to retrigger a review (up to 3 times on the same pull request).
Powered by Oz
|
|
||
| 17. The address/search field accepts a typed or pasted `http` or `https` URL and navigates the Browser Pane to that URL. | ||
|
|
||
| 18. If the address/search field input is not a URL, Browser Pane treats it as a search query and opens a search-results page. V1 uses Google search by default if Warp does not already expose a browser/search-engine setting. |
There was a problem hiding this comment.
💡 [SUGGESTION] [SECURITY] Calling Google the v1 default means raw search queries leave Warp for a third party. Add a privacy note or product-copy requirement so users understand this data flow, especially because query text is otherwise excluded from telemetry.
| - macOS should configure WKWebView with a nonpersistent `WKWebsiteDataStore`, which Apple documents as in-memory website data that is not written to disk. | ||
| - Windows should create Browser Pane webviews with a dedicated WebView2 profile/user-data scope and private mode when available; WebView2 exposes profile metadata including `IsInPrivateModeEnabled`, profile path, and browsing-data clearing APIs. | ||
| - Linux should use an ephemeral WebKitGTK context or website data manager when available; WebKitGTK documents ephemeral contexts/managers whose webviews do not store website data in client storage. | ||
| - If any supported platform cannot provide a private/ephemeral mode, the implementation must isolate Browser Pane data in a Browser Pane-specific user-data directory under Warp app data and clear cookies/cache/storage on pane close and app shutdown. It must not use the user's default external-browser profile. |
There was a problem hiding this comment.
| - Plain search query typed into toolbar or command palette. | ||
| - Local dev server not running or connection refused. | ||
| - TLS/certificate/security warning. | ||
| - Page blocks embedded browsing or requires an external auth/permission flow. |
There was a problem hiding this comment.
|
Can't wait to see this feature added!!! |
|
@cla-bot check |
|
The cla-bot has been summoned, and re-checked this pull request! |
2 participants
Description
Adds product and technical specs for an in-app Browser Pane addressing #2164.
The proposed v1 focuses on:
BrowserSurfaceabstraction.FeatureFlag::BrowserPane.Linked Issue
Closes #2164
ready-to-specorready-to-implement.Screenshots and videos are not applicable because this is a spec-only PR.
Testing
specs/GH2164/product.mdandspecs/GH2164/tech.md.git diff --check origin/master...HEAD -- specs/GH2164/product.md specs/GH2164/tech.md../script/runManual app testing is not applicable because this PR only adds documentation.
Agent Mode
Co-Authored-By: Codex codex@openai.com