You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
VS Code is not reliably working in-app for OpenHands Cloud conversations.
Current code path:
useUnifiedVSCodeUrl() reads the Cloud sandbox exposed_urls entry named VSCODE.
src/routes/vscode-tab.tsx iframes the URL unless VSCODE_IN_NEW_TAB() is enabled or the URL protocol differs from the current page protocol.
That means a Cloud VS Code URL with the same https: protocol but a different origin is treated as iframe-safe. In practice, the Cloud VS Code endpoint can fail to render in the embedded tab due to cross-origin/frame/auth constraints, leaving the in-app VS Code experience broken.
Existing #401 is related but focused on showing VS Code for local agent servers and local availability guidance. This issue tracks the Cloud in-app rendering failure/fallback.
Expected behavior
The Cloud VS Code tab should either:
render correctly inside Agent Canvas, or
reliably detect that embedding is not supported and present a clear "Open VS Code in a new tab" fallback.
The user should not be left with a broken/blank in-app VS Code pane.
Acceptance criteria
Cloud VS Code URLs are not assumed iframe-safe merely because the protocol matches.
If Cloud VS Code cannot be embedded, the tab shows a clear open-in-new-tab action by default.
If in-app embedding is intended, the required sandbox/CSP/auth behavior is verified and covered by a regression test.
Problem
VS Code is not reliably working in-app for OpenHands Cloud conversations.
Current code path:
useUnifiedVSCodeUrl()reads the Cloud sandboxexposed_urlsentry namedVSCODE.src/routes/vscode-tab.tsxiframes the URL unlessVSCODE_IN_NEW_TAB()is enabled or the URL protocol differs from the current page protocol.That means a Cloud VS Code URL with the same
https:protocol but a different origin is treated as iframe-safe. In practice, the Cloud VS Code endpoint can fail to render in the embedded tab due to cross-origin/frame/auth constraints, leaving the in-app VS Code experience broken.Existing #401 is related but focused on showing VS Code for local agent servers and local availability guidance. This issue tracks the Cloud in-app rendering failure/fallback.
Expected behavior
The Cloud VS Code tab should either:
The user should not be left with a broken/blank in-app VS Code pane.
Acceptance criteria
This issue was created by an AI agent (OpenHands) on behalf of the user.