Do not include cloud agent metadata on passive suggestions requests#11400
Open
bnavetta wants to merge 1 commit into
Open
Do not include cloud agent metadata on passive suggestions requests#11400bnavetta wants to merge 1 commit into
bnavetta wants to merge 1 commit into
Conversation
Contributor
|
I'm starting a first review of this pull request. You can view the conversation on Warp. I completed the review and no human review was requested for this pull request. Comment Powered by Oz |
![oz-for-oss[bot]](https://avatars.githubusercontent.com/in/3450139?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Overview
This PR omits cloud-agent metadata from passive suggestion request params and skips sending the ambient workload token for passive suggestion HTTP requests, with a regression test covering the controller-level request params.
Concerns
- This is a user-facing behavioral change intended to prevent 403s while viewing shared cloud agent sessions, but the PR description does not include screenshots or a short recording demonstrating the scenario working end to end. Please attach visual evidence from a local desktop run or an environment with computer-use support.
Verdict
Found: 0 critical, 1 important, 0 suggestions
Request changes
Comment /oz-review on this pull request to retrigger a review (up to 3 times on the same pull request).
Powered by Oz
bnavetta
force-pushed
the
ben/remote-1728-cloud-agent-viewer-can-hit-403-not-allowed-to-use-the
branch
from
1080b5f to
42d387a
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
We got a few reports of
not allowed to use the provided cloud agent403 errors while viewing cloud agents. Based on some agent investigation, this is most likely due to MAA passive suggestion requests.Those requests included cloud agent metadata, but they're issued as the user viewing the session, not the user or agent executing the conversation. With warpdotdev/warp-server#11192, this is an error, since we want to ensure that clients viewing a cloud agent session can't accidentally modify its conversation state.
Issuing passive MAA suggestion requests while viewing a shared session is fine, and generally seems useful, but we don't need to falsely mark these as cloud agent requests.
I also considered:
Both seem like a strictly worse user experience.
Testing
./script/runThis is nontrivial to reproduce, since it requires triggering a passive suggestion while viewing someone else's cloud agent session.
Agent Mode