From: Eshel Yaron via "Bug reports for GNU Emacs, the Swiss army knife of text editors" <bug-gnu-emacs@gnu.org>
To: Stefan Kangas <stefankangas@gmail.com>
Cc: 74218@debbugs.gnu.org, Eli Zaretskii <eliz@gnu.org>,
Fabio Natali <me@fabionatali.com>
Subject: bug#74218: [PATCH] Ask confirmation before sending region to search engine.
Date: Thu, 07 Nov 2024 09:42:29 +0100 [thread overview]
Message-ID: <m1bjyr77uy.fsf@sp-byods-145-109-33-156.wireless.uva.nl> (raw)
In-Reply-To: <CADwFkm=gWETCL9w68vmtUsFyZHobsKPrXt5m5CeHX=AAwmX+vw@mail.gmail.com> (Stefan Kangas's message of "Wed, 6 Nov 2024 17:51:22 -0800")
Hi,
Stefan Kangas <stefankangas@gmail.com> writes:
> Fabio Natali writes:
>
>> From cdd17053befac8298a04d0cdfc4cafe5a410166b Mon Sep 17 00:00:00 2001
>> From: Fabio Natali <me@fabionatali.com>
>> Date: Tue, 5 Nov 2024 23:52:30 +0000
>> Subject: [PATCH v2] Ask confirmation before sending region to search engine
>>
>> With 'eww-search-words' (by default bound to 'M-s M-w') a user
>> can type in some search terms and get back the results of a web
>> search from a predefined search engine. If a region is selected,
>> 'eww-search-words' will use that for the web search instead of
>> prompting the user.
>>
>> In its current form, 'eww-search-words' presents a security and
>> usability problem. It is relatively too easy to mistakenly
>> launch the function and, if a region of text is selected, have
>> potentially sensitive data sent out to a third-party service.
>>
>> This commit changes the search function's default behaviour so
>> that explicit confirmation is required before a region is sent
>> to a search engine. The behaviour can be adjusted via the
>> newly-introduced 'eww-search-confirm-send-region' variable,
>> which is set to true by default.
>
> This is a good addition, thanks.
I too agree that it's a good idea to optionally require confirmation.
However, I suspect that a yes/no question is not the best interface in
this case. Instead, it's better to simply prepopulate the minibuffer
with the contents of the region. Then you confirm with RET and cancel
with C-g. In addition, this lets you examine and edit your input.
Namely, we can implement eww-search-words along the following lines:
--8<---------------cut here---------------start------------->8---
(defun eww-search-words ()
"..."
(interactive)
(eww (eww-read-url-or-search-string
(and (use-region-p)
(string-trim (buffer-substring-no-properties (point) (mark)))))))
--8<---------------cut here---------------end--------------->8---
Where eww-read-url-or-search-string is a new function extracted from the
interactive spec of eww:
--8<---------------cut here---------------start------------->8---
(defun eww-read-url-or-search-string (&optional initial-input)
(let ((uris (eww-suggested-uris)))
(completing-read (format-prompt "Enter URL or keywords" uris)
(seq-uniq (append eww-prompt-history uris))
nil nil initial-input 'eww-prompt-history uris)))
--8<---------------cut here---------------end--------------->8---
Just my 2c,
Eshel
next prev parent reply other threads:[~2024-11-07 8:42 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-06 0:46 bug#74218: [PATCH] Ask confirmation before sending region to search engine Fabio Natali via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-11-06 12:34 ` Eli Zaretskii
2024-11-06 13:18 ` Fabio Natali via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-11-06 13:38 ` Eli Zaretskii
2024-11-06 15:27 ` Fabio Natali via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-11-07 1:51 ` Stefan Kangas
2024-11-07 8:42 ` Eshel Yaron via Bug reports for GNU Emacs, the Swiss army knife of text editors [this message]
2024-11-07 8:53 ` Eli Zaretskii
2024-11-07 9:02 ` Robert Pluim
2024-11-07 10:49 ` Eli Zaretskii
2024-11-07 11:03 ` Robert Pluim
2024-11-07 11:05 ` Eli Zaretskii
2024-11-07 11:19 ` Robert Pluim
2024-11-07 11:29 ` Fabio Natali via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-11-07 11:56 ` Eli Zaretskii
2024-11-07 14:04 ` Fabio Natali via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-11-07 9:12 ` Eshel Yaron via Bug reports for GNU Emacs, the Swiss army knife of text editors
2024-11-07 10:52 ` Eli Zaretskii
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1bjyr77uy.fsf@sp-byods-145-109-33-156.wireless.uva.nl \
--to=bug-gnu-emacs@gnu.org \
--cc=74218@debbugs.gnu.org \
--cc=eliz@gnu.org \
--cc=me@eshelyaron.com \
--cc=me@fabionatali.com \
--cc=stefankangas@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).