Skip to content

Comments

revert: remove link cloaking restrictions (reverts #26292 and #26528)#27289

Merged
PeerRich merged 1 commit intomainfrom
devin/1769513343-revert-link-cloaking-restrictions
Jan 27, 2026
Merged

revert: remove link cloaking restrictions (reverts #26292 and #26528)#27289
PeerRich merged 1 commit intomainfrom
devin/1769513343-revert-link-cloaking-restrictions

Conversation

@PeerRich
Copy link
Member

@PeerRich PeerRich commented Jan 27, 2026

What does this PR do?

Reverts PR #26292 and PR #26528 to restore link cloaking functionality for all users in workflow emails.

Background: The original PRs restricted link cloaking (hiding URLs behind custom text like "Click here") to prevent potential phishing/spam. PR #26292 removed link cloaking entirely, and PR #26528 re-enabled it only for Organization accounts.

Why revert: The team plans to fight malicious links using Cloudflare URL Scanner instead of restricting the link cloaking feature.

Changes:

  • Remove replaceCloakedLinksInHtml function and all its usages
  • Remove isOrganization checks from email workflow processing
  • Restore the link toolbar item in the workflow editor for all users
  • Delete the replaceCloakedLinksInHtml test file

Mandatory Tasks (DO NOT REMOVE)

  • I have self-reviewed the code (A decent size PR without self-review might be rejected).
  • I have updated the developer docs in /docs if this PR makes changes that would require a documentation change. N/A - no documentation changes needed.
  • I confirm automated tests are in place that prove my fix is effective or that my feature works. N/A - this is a revert removing functionality and its associated tests.

How should this be tested?

  1. Create a workflow with an email action
  2. In the email body editor, verify the link toolbar button is available
  3. Add a link with custom text (e.g., "Click here" linking to https://example.com)
  4. Trigger the workflow and verify the email contains the cloaked link (text shows "Click here" but links to the URL)

Checklist

  • My code follows the style guidelines of this project
  • I have checked if my changes generate no new warnings
  • My PR is not too large

Human Review Checklist

  • Verify Cloudflare URL Scanner is configured/ready before merging this PR
  • Confirm all isOrganization references related to link cloaking have been removed
  • Verify the workflow editor UI correctly shows the link toolbar for all users (not just orgs)

Link to Devin run

https://app.devin.ai/sessions/db06a1bf83b643c7b47e40d0bea69250

Requested by

@PeerRich

@devin-ai-integration @PeerRich
revert: remove link cloaking restrictions (reverts #26292 and #26528)
bf877ab 
This reverts the changes from PR #26292 and PR #26528 to restore
link cloaking functionality for all users.

The plan is to fight malicious links with Cloudflare URL Scanner
instead of restricting link cloaking to Organization accounts only.

Changes:
- Remove replaceCloakedLinksInHtml function and its usage
- Restore link toolbar item for all users in workflow editor
- Remove isOrganization checks from email workflow processing
- Delete the replaceCloakedLinksInHtml test file

Co-Authored-By: peer@cal.com <peer@cal.com>
@devin-ai-integration
Copy link
Contributor

devin-ai-integration bot commented Jan 27, 2026

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR that start with 'DevinAI' or '@devin'.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

@PeerRich PeerRich marked this pull request as ready for review January 27, 2026 11:39
@PeerRich PeerRich enabled auto-merge (squash) January 27, 2026 11:40
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Jan 27, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 8 files

@keithwillcode keithwillcode added this to the v6.2 milestone Jan 27, 2026
@PeerRich PeerRich merged commit e3c0e11 into main Jan 27, 2026
83 of 84 checks passed
@PeerRich PeerRich deleted the devin/1769513343-revert-link-cloaking-restrictions branch January 27, 2026 12:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@keithwillcode keithwillcode keithwillcode approved these changes

Assignees

No one assigned

Labels

ready-for-e2e size/L

Projects

None yet

Milestone

v6.2

Development

Successfully merging this pull request may close these issues.

2 participants

@PeerRich @keithwillcode