I mean, the platform owner decides that web URLs shouldn't open other apps without an approval click--a pretty sensible security measure. Your response as a company probably shouldn't be, "let's bypass this by invisibly installing a server that's a potential security hole."

— Jason Snell (@jsnell) July 9, 2019