Chromium based browsers such as Google Chrome and Brave Browser require the user to confirm whether they want to allow a URI to open an external application, such as Skype, Zoom, DevonThink, the Apple App Store app, etc.
The prompt looks like this:
It has an “Always allow” checkbox, which works fine with for applications like Zoom, since it’s always the same URI domain that will be trying to open Zoom (it’s the URI you click on for a meeting link). But other applications like DevonThink, the application is launched when you click on the icon for the DevonThink browser extension, and the URI active in the browser at that moment could be absolutely anything. Once DevonThink launches it will take a copy of the current webpage, PDF document, etc. So any third party application (Zotero, for example) that you launch manually in order to do something with the current URI is going to have this same issue.
The issue being, it’s useless trying to whitelist the current URI.
Here’s the solution for DevonThink and for Zoom. It utilises a Chrome policy, which is easily modified via the macOS command line. You can apply this solution for any other application, so long as you can figure out what its application handler is, and its
com file name.
UPDATE: Since October 2020 (when version 86 of Chrome was rolled out) it’s been possible to use either
URLWhitelist (info here), or
URLAllowlist (info here). But as of Chrome version 100 and above, only
URLAllowlist works. Note that
URLWhitelist will work for older version of Chrome, from versions 15 to 100; and,
URLAllowList will work on version 86 and above. If you have a version of Chrome older than v86, please adjust the command accordingly (use
For Google Chrome (< version 100):
defaults write com.google.Chrome URLAllowlist -array-add 'x-devonthink://*' defaults write com.google.Chrome URLAllowlist -array-add 'zoommtg://*' // or you can add multiple in one command ... e.g. defaults write com.google.Chrome URLAllowlist -array-add 'x-devonthink://*' 'zoommtg://*' 'anotherprotocol://*'
For Brave Browser:
defaults write com.brave.Browser URLAllowlist -array-add 'x-devonthink://*' defaults write com.brave.Browser URLAllowlist -array-add 'zoommtg://*' // or you can add multiple in one command ... e.g. defaults write com.brave.Browser URLAllowlist -array-add 'x-devonthink://*' 'zoommtg://*' 'anotherprotocol://*'
Mozilla Firefox doesn’t currently have this issue. When you try to open a new (unregistered) external application for the first time, it will simply prompt for which application you want to open the particular protocol. You then select to always use that application. It is not specific to the domain in the URI at the time.
Is this doesn’t work for you, or even if it does work, please leave a comment below, and we’ll try to sort it out.
It seems ‘URLWhitelist’ was deprecated as of Chrome version 100 (https://chromeenterprise.google/policies/?policy=URLWhitelist), but substituting with the current ‘URLAllowlist’ policy worked like a charm to eliminate the prompt with the DEVONthink extension. Many thanks for helping me solve that issue.
Thanks Brent. I’ve updated the article accordingly. I’m glad to know there’s another happy DEVONthink user passing through this web site.