allow users to restrict URL suggestions to workspace; unwanted and wildly incorrect URL suggestions

[g-thomasr]

Is there an existing issue for this?

• I have searched the tracker for existing similar issues and I know that duplicates will be closed

Describe the Issue

this is somewhere between a bug report and a feature request.

feature: allow users to restrict URL suggestions to workspace; do not search public workspaces

bug: postman is suggesting random URLs from public workspaces. for example, my google cloud function running on us-central1-xxxxx-999999.cloudfunctions.net, postman might will suggest some URLs from the cisco meraki public workspace. what.

additionally, the suggestions are really aggressive, eventually getting 429 too many requests. sure wish i could do something about that.

related, because they're the same endpoints, #13615 - Postman leaks all URLs to Postman servers, disregarding privacy settings.

details

proxy request made by postman:

- method: POST
  request:
    method: POST
    path: /recommend
    service: search
    body:
      clientTraceId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
      domain: public
      from: 0
      queryContext:
        isRecommendation: true
        method: POST
        resolvedRequestUrl: http://foobar.cloudfunctions.net/example-request
      queryIndex: runtime.request
      queryText: http://foobar.cloudfunctions.net/example-request
      requestOrigin: urlBarRelatedRequests
      size: 4

and its response:

response:
  data:
  - document:
      collection:
        id: 897512-58211ef8-3266-49e2-b86b-3afa697592e3
        name: Meraki Public Utilities
      description: Generate a Meraki API Postman Collection using the v1 GA streaming
        feed (may contain GA endpoints that have not been officially released and
        documented)
      id: 897512-ef281c19-55da-40ea-b0b5-a8810c87ba20
      isPublic: true
      isPublisherVerified: true
      method: POST
      name: Generate Collection - streaming
      postmanRequest:
        body: # ...
        description: # ...
        header: []
        method: POST
        url:
          host:
          - us-central1-meraki-micro-services
          - cloudfunctions
          - net
          path:
          - merakiPostmanTransformer
          protocol: https
          raw: https://us-central1-meraki-micro-services.cloudfunctions.net/merakiPostmanTransformer

      workspaceId: d14bb47a-881b-4021-8c80-df026b0ec8e2
      workspaceName: Cisco Meraki's Public Workspace
      workspaceSlug: cisco-meraki-s-public-workspace
      workspaceVisibilityStatus: public
      workspaces: # ...

workarounds:

• block launchdarkly.com in your system hosts file. use with caution. breaks other webapps.
• run postman in a browser. install and configure an addon (umatrix) to block third party requests from postman to launchdarkly.com.
• run postman in a browser. write a userscript (greasemonkey/tampermonkey) to hook window.fetch and detect and block any proxy requests to the search service. use with caution.

Steps To Reproduce

1. create a new request
2. write http://foobar.cloudfunctions.net/example-request in the request's URL
3. observe postman suggestion functions from some unrelated workspace
4. select one at random
5. note the URL was replaced with a completely different domain

Screenshots or Videos

No response

Operating System

Windows

Postman Version

11.75.4

Postman Platform

Postman App

User Account Type

Signed In User

Additional Context?

No response