mirror of
https://github.com/coder/coder.git
synced 2025-07-12 00:14:10 +00:00
0374af23b2
This commit disables path-based app sharing by default. It is possible for a workspace app on a path (not a subdomain) to make API requests to the Coder API. When accessing your own workspace, this is not much of a problem. When accessing a shared workspace app, the workspace owner could include malicious javascript in the page that makes requests to the Coder API on behalf of the visitor. This vulnerability does not affect subdomain apps. - Disables path-based app sharing by default. Previous behavior can be restored using the `--dangerous-allow-path-app-sharing` flag which is not recommended. - Disables users with the site "owner" role from accessing path-based apps from workspaces they do not own. Previous behavior can be restored using the `--dangerous-allow-path-app-site-owner-access` flag which is not recommended. - Adds a flag `--disable-path-apps` which can be used by security-conscious admins to disable all path-based apps across the entire deployment. This check is enforced at app-access time, not at template-ingest time.
25 KiB
25 KiB
General
API root handler
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/ \
-H 'Accept: application/json'
GET /
Example responses
200 Response
{
"detail": "string",
"message": "string",
"validations": [
{
"detail": "string",
"field": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.Response |
Build info
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/buildinfo \
-H 'Accept: application/json'
GET /buildinfo
Example responses
200 Response
{
"external_url": "string",
"version": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.BuildInfoResponse |
Get deployment config
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/config/deployment \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /config/deployment
Example responses
200 Response
{
"access_url": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"address": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"agent_fallback_troubleshooting_url": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"agent_stat_refresh_interval": {
"default": 0,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": 0
},
"audit_logging": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"autobuild_poll_interval": {
"default": 0,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": 0
},
"browser_only": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"cache_directory": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"dangerous": {
"allow_path_app_sharing": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"allow_path_app_site_owner_access": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
}
},
"derp": {
"config": {
"path": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"url": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
}
},
"server": {
"enable": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"region_code": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"region_id": {
"default": 0,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": 0
},
"region_name": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"relay_url": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"stun_addresses": {
"default": ["string"],
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": ["string"]
}
}
},
"disable_path_apps": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"experimental": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"experiments": {
"default": ["string"],
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": ["string"]
},
"gitauth": {
"default": [
{
"auth_url": "string",
"client_id": "string",
"id": "string",
"no_refresh": true,
"regex": "string",
"scopes": ["string"],
"token_url": "string",
"type": "string",
"validate_url": "string"
}
],
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": [
{
"auth_url": "string",
"client_id": "string",
"id": "string",
"no_refresh": true,
"regex": "string",
"scopes": ["string"],
"token_url": "string",
"type": "string",
"validate_url": "string"
}
]
},
"http_address": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"in_memory_database": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"logging": {
"human": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"json": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"stackdriver": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
}
},
"max_token_lifetime": {
"default": 0,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": 0
},
"metrics_cache_refresh_interval": {
"default": 0,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": 0
},
"oauth2": {
"github": {
"allow_everyone": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"allow_signups": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"allowed_orgs": {
"default": ["string"],
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": ["string"]
},
"allowed_teams": {
"default": ["string"],
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": ["string"]
},
"client_id": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"client_secret": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"enterprise_base_url": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
}
}
},
"oidc": {
"allow_signups": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"client_id": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"client_secret": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"email_domain": {
"default": ["string"],
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": ["string"]
},
"ignore_email_verified": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"issuer_url": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"scopes": {
"default": ["string"],
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": ["string"]
},
"username_field": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
}
},
"pg_connection_url": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"pprof": {
"address": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"enable": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
}
},
"prometheus": {
"address": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"enable": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
}
},
"provisioner": {
"daemon_poll_interval": {
"default": 0,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": 0
},
"daemon_poll_jitter": {
"default": 0,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": 0
},
"daemons": {
"default": 0,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": 0
},
"force_cancel_interval": {
"default": 0,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": 0
}
},
"proxy_trusted_headers": {
"default": ["string"],
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": ["string"]
},
"proxy_trusted_origins": {
"default": ["string"],
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": ["string"]
},
"rate_limit": {
"api": {
"default": 0,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": 0
},
"disable_all": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
}
},
"scim_api_key": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"secure_auth_cookie": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"ssh_keygen_algorithm": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"swagger": {
"enable": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
}
},
"telemetry": {
"enable": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"trace": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"url": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
}
},
"tls": {
"address": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"cert_file": {
"default": ["string"],
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": ["string"]
},
"client_auth": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"client_ca_file": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"client_cert_file": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"client_key_file": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"enable": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"key_file": {
"default": ["string"],
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": ["string"]
},
"min_version": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
},
"redirect_http": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
}
},
"trace": {
"capture_logs": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"enable": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"honeycomb_api_key": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
}
},
"update_check": {
"default": true,
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": true
},
"wildcard_access_url": {
"default": "string",
"enterprise": true,
"flag": "string",
"hidden": true,
"name": "string",
"secret": true,
"shorthand": "string",
"usage": "string",
"value": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.DeploymentConfig |
To perform this operation, you must be authenticated. Learn more.
Report CSP violations
Code samples
# Example request using curl
curl -X POST http://coder-server:8080/api/v2/csp/reports \
-H 'Content-Type: application/json' \
-H 'Coder-Session-Token: API_KEY'
POST /csp/reports
Body parameter
{
"csp-report": {}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
body |
body | coderd.cspViolation | true | Violation report |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK |
To perform this operation, you must be authenticated. Learn more.
Get experiments
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/experiments \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /experiments
Example responses
200 Response
["vscode_local"]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.Experiment |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false |
To perform this operation, you must be authenticated. Learn more.
Update check
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/updatecheck \
-H 'Accept: application/json'
GET /updatecheck
Example responses
200 Response
{
"current": true,
"url": "string",
"version": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.UpdateCheckResponse |