Expand description
Opens URLs or allow-listed files in the OS default application.
Registered by crate::App::with_shell_open.
Two classes of target are accepted:
- URLs with scheme
http://,https://, ormailto:— passed to the OS opener as-is. - Absolute local file paths — must already be allow-listed via
allow_pathorallow_dirbeforeshell_openwill accept them.
Any other scheme (file://, javascript:, vbscript:, custom
schemes) is refused — the goal is to prevent a compromised frontend
from tricking the shell into running arbitrary handlers or reading
paths outside the sandbox.