Can we allow `isTrusted` configuration for MarkdownString?

[MangelMaxime]

In VSCode MarkdownString can have a property isTrusted set to true in order to:

Indicates that this markdown string is from a trusted source. Only trusted markdown supports links that execute commands, e.g. Run it.

Currently, it seems that we don't have an option to configure it. Source

Would it be possible to add a way to configure isTrusted property?

My use case would be to allow people to click on a type definition inside a tooltip and see the documentation of that types in a documentation panel. This is already something we are doing from inside that documentation panel.

Demo

Use case

The user could click on string to see that type documentation.

[rcjsuen]

@MangelMaxime

1. Are you suggesting to only configure this for Visual Studio Code or are you suggesting an addition to the language server protocol?
2. As a server, when would I ever want to set isTrusted to false? Is this the difference between the server generating the documentation themselves and the server farming out to a third-party service for calculating the URL so it might not be trustworthy?

[MangelMaxime]

Are you suggesting to only configure this for Visual Studio Code or are you suggesting an addition to the language server protocol?

If I understand correctly the server protocol is expecting a string or markdown string and it will sanitize it.

Hover documentation

However, Visual Studio Code is adding an extra layer of protection by not allowing by default the execution of command URL.

If I pass the following markdown:

[string](command:fsharp.showDocumentation)


[https://google.com](https://google.com)

I get this result:

The https://google.com link is working but string link has been protected.

So for me this should be an addition to vscode-languageserver-node API as it's the layer responsible for converting the markdown into a MarkdownString instance.

Others language server (for others IDE) don't know about this security feature as it's specific to VSCode implementation.

2\. As a server, when would I ever want to set `isTrusted` to `false`? Is this the difference between the server generating the documentation themselves and the server farming out to a third-party service for calculating the URL so it might not be trustworthy?

I would say you never want to set isTrusted to false unless you are not trusting your dependencies or third party service.

But because this is a security layer I proposed to make to configurable by the maintainer decision. We could also decide to always set it to true.

[MangelMaxime]

Hello @rcjsuen ,

I give a second think about this issue and your questions.

I think we should simply just set isTrusted to true all the time.

Would you accept a PR doing that?

[octref]

I'm looking at the same thing and you can see the isTrusted design rationale in microsoft/vscode#29076 and microsoft/vscode#33577.

It would make sense to me to add an option/method for LanguageClient to always enable isTrusted.

[rcjsuen]

@MangelMaxime I don’t work for Microsoft so I can’t speak to your question about a PR but I agree with what @octref has proposed in any case.

[dbaeumer]

@octref agree that this should be an option on the client side. It should be off by default

@MangelMaxime I would accept a PR.

Should be added to the client options here: https://github.com/Microsoft/vscode-languageserver-node/blob/master/client/src/client.ts#L460

Something like markdown: { isTrused: boolean }

[manav-a]

I would also like to see this be possible. Is there any update on this issue? I don't mind submitting the PR if need be.

[dbaeumer]

Here is what I did to address this:

• client options can now specify a markdown: { isTrused: boolean }.
• ensured that clients can tweak that in the middleware

I decided to not add this as a concept to LSP since this is very VS Code specific.