# code-server | Coder | Knowledge Base | Instagit VS Code in the browser GitHub Stars: 76.4k Repository: https://github.com/coder/code-server --- ## Articles ### [How the `--abs-proxy-base-path` Mechanism Works for absproxy Requests in code-server](/coder/code-server/whats-the-mechanism-for-the-abs-proxy-base-path-prefix-in-absproxy-requests) Understand how code server's --abs-proxy-base-path flag simplifies absproxy requests. Ensure correct links for proxied applications running under subpaths. - Tags: internals - Published: 2026-03-01 ### [How code-server Handles GitHub Authentication via `--github-auth`](/coder/code-server/how-does-code-server-handle-github-authentication-via-github-auth-token) Learn how code-server secures GitHub authentication using the GITHUB_TOKEN environment variable or config file not direct CLI arguments to prevent credential leaks. - Tags: internals - Published: 2026-03-01 ### [How --disable-telemetry Controls VS Code Data Collection in code-server](/coder/code-server/what-are-the-implications-of-disable-telemetry-for-vs-code-data-collection) Learn how the --disable-telemetry flag stops code-server data collection. Prevent outbound HTTP requests and halt all anonymous usage data gathering for enhanced privacy. - Tags: deep-dive - Published: 2026-03-01 ### [How code-server --reuse-window and --new-window Flags Interact with Existing Instances](/coder/code-server/how-do-reuse-window-and-new-window-flags-interact-with-existing-instances) Learn how code-server --reuse-window and --new-window flags interact with existing instances. Discover how these flags forward requests to running servers instead of starting new processes. - Tags: how-to-guide - Published: 2026-03-01 ### [How the wsRouter Manages WebSocket Connections Separately from HTTP in code-server](/coder/code-server/how-does-the-wsrouter-manage-websocket-connections-separately-from-http) Discover how code-server's wsRouter separates WebSocket connections from HTTP traffic using Express to isolate TCP socket handling and streamline middleware. - Tags: internals - Published: 2026-03-01 ### [Understanding the vsRootPath Mechanism: How code-server Locates VS Code Binaries](/coder/code-server/whats-the-vsrootpath-mechanism-and-how-does-code-server-locate-vs-code-binaries) Discover how code-server uses the vsRootPath mechanism and runtime path resolution to find VS Code binaries and initialize its web server. Learn the inner workings of this dynamic import. - Tags: internals - Published: 2026-03-01 ### [Best Practices for Configuring code-server Behind a Reverse Proxy](/coder/code-server/what-are-the-best-practices-for-configuring-code-server-behind-a-reverse-proxy) Securely expose code-server with a reverse proxy. Learn best practices for TLS, Host headers, WebSockets, and port routing with code-server's proxy module for optimal internet access. - Tags: best-practices - Published: 2026-03-01 ### [How the `--link-protection-trusted-domains` Flag Controls External Link Security in code-server](/coder/code-server/how-does-link-protection-trusted-domains-control-external-link-security) Learn how the --link-protection-trusted-domains flag in code-server enhances external link security by letting you whitelist trusted domains, bypassing confirmation prompts for specified URLs. - Tags: how-to-guide - Published: 2026-03-01 ### [How the editorSessionManagerServer Enables Multi-Session Handling in code-server](/coder/code-server/whats-the-architecture-of-the-editorsessionmanagerserver-for-multi-session-handling) Discover how the editorSessionManagerServer manages multiple code-server sessions. Learn about its architecture for routing requests and maintaining active editor instances. - Tags: architecture - Published: 2026-03-01 ### [How --trusted-origins Bypasses Authentication Origin Checks in code-server](/coder/code-server/how-does-trusted-origins-bypass-authentication-origin-checks) Learn how the --trusted-origins flag bypasses authentication origin checks in code-server by injecting a whitelist into origin-checking middleware to skip host-origin validation. - Tags: internals - Published: 2026-03-01 ### [How the Wrapper Process Spawns and Manages the VS Code Child Process in code-server](/coder/code-server/how-does-the-wrapper-process-spawn-and-manage-the-vs-code-child-process) Discover how the code-server wrapper spawns VS Code child processes using IPC and manages their lifecycle with automatic relaunch. Learn about this dual-process architecture today. - Tags: internals - Published: 2026-03-01 ### [How `--user-data-dir` and `--extensions-dir` Work Together in code-server](/coder/code-server/whats-the-relationship-between-user-data-dir-and-extensions-dir-configuration) Understand how code-server's --user-data-dir and --extensions-dir interact. Learn to manage extensions independently and customize their storage location. - Tags: internals - Published: 2026-03-01 ### [How the code-server Route System Handles Login, VS Code, Health, and Error Endpoints](/coder/code-server/how-does-the-route-system-handle-login-vscode-health-and-error-endpoints) Explore the code-server route system and how it manages login, VS Code proxying, health checks, and error endpoints efficiently within its central registry for robust backend operations. - Tags: internals - Published: 2026-03-01 ### [Security Implications of --disable-file-downloads and --disable-file-uploads in code-server](/coder/code-server/what-are-the-security-implications-of-disable-file-downloads-and-disable-file-uploads) Secure your code-server by understanding the security implications of --disable-file-downloads and --disable-file-uploads. Learn how to block these attack vectors. - Tags: security - Published: 2026-03-01 ### [How the Cookie Suffix Prevents Authentication Cookie Collisions in Multi-Instance code-server Deployments](/coder/code-server/how-does-the-cookie-suffix-prevent-authentication-cookie-collisions-in-multi-instance-deployments) Learn how the cookie suffix prevents authentication cookie collisions in multi-instance code-server. Discover how unique session cookies ensure separate tokens for each deployment. Read now. - Tags: internals - Published: 2026-03-01 ### [How TLS Certificates Are Generated and Managed in code-server: Self-Signed vs Custom](/coder/code-server/how-are-tls-certificates-generated-and-managed-self-signed-versus-custom-certificates) Learn how code-server manages TLS certificates. Discover the difference between self-signed and custom certificates for secure remote development environments. - Tags: how-to-guide - Published: 2026-03-01 ### [code-server Environment Variables: Complete Configuration Guide Beyond CLI Arguments](/coder/code-server/what-environment-variables-control-code-server-behavior-beyond-cli-arguments) Explore code-server environment variables to customize authentication, networking, logging, and feature toggles. Learn how to configure your instance beyond CLI arguments for ultimate control. - Tags: documentation - Published: 2026-03-01 ### [How the code-server Idle Timeout Feature Works: Automatic Shutdown Explained](/coder/code-server/how-does-the-idle-timeout-feature-work-and-what-triggers-automatic-shutdown) Understand the code server idle timeout feature. Learn how inactivity triggers automatic shutdown after 60 seconds and your configured duration. - Tags: internals - Published: 2026-03-01 ### [`----proxy-domain` vs `--disable-proxy` in code-server: Key Differences Explained](/coder/code-server/whats-the-difference-between-proxy-domain-and-disable-proxy-configuration-flags) Understand the key differences between --proxy-domain and --disable-proxy in code-server. Learn how to manage proxy routes effectively for your specific needs. - Tags: deep-dive - Published: 2026-03-01 ### [How code-server Integrates with VS Code's IPC Mechanism via the Session Socket](/coder/code-server/how-does-code-server-integrate-with-vs-codes-ipc-mechanism-via-the-session-socket) Discover how code-server integrates with VS Code IPC using the session socket. Learn how it finds and reuses VS Code instances for native compatibility. - Tags: internals - Published: 2026-03-01 ### [Code-Server Authentication Flow: Password vs. Hashed Password Options Explained](/coder/code-server/how-does-the-authentication-flow-work-with-password-versus-hashed-password-options) Explore code-server authentication flows. Understand plain vs hashed password validation, including Argon2 and SHA-256 methods. Secure your setup. - Tags: deep-dive - Published: 2026-03-01 ### [Architecture of code-server's Proxy System for Domain and Path Routing](/coder/code-server/whats-the-architecture-of-the-proxy-system-for-domain-and-path-routing-in-code-server) Explore code-servers dual-mode proxy architecture for domain and path routing. Learn how it handles HTTP and WebSocket traffic with shared authentication and CORS support. - Tags: architecture - Published: 2026-03-01 ### [How code-server Handles WebSocket Connections for Real-Time Editor Communication](/coder/code-server/how-does-code-server-handle-websocket-connections-for-real-time-editor-communication) Discover how code-server manages WebSocket connections for real-time editor sync. Learn about its routing, TLS proxying, and VS Code integration. - Tags: internals - Published: 2026-03-01