From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Yuri Khan Newsgroups: gmane.emacs.devel Subject: Re: Never send user email address in HTTP requests Date: Sun, 17 Dec 2023 21:05:00 +0700 Message-ID: References: <8734ybkqf4.fsf@disroot.org> <87sf54q2t8.fsf@posteo.net> <87o7etlzx7.fsf@posteo.net> <83v88xjipo.fsf@gnu.org> <83il4xj9cc.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="27080"; mail-complaints-to="usenet@ciao.gmane.io" Cc: Stefan Kangas , rms@gnu.org, philipk@posteo.net, akib@disroot.org, emacs-devel@gnu.org, monnier@iro.umontreal.ca To: Eli Zaretskii Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Sun Dec 17 15:06:17 2023 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1rErmb-0006n6-5c for ged-emacs-devel@m.gmane-mx.org; Sun, 17 Dec 2023 15:06:17 +0100 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rErln-0007M6-I9; Sun, 17 Dec 2023 09:05:27 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rErlc-0007L1-Iw for emacs-devel@gnu.org; Sun, 17 Dec 2023 09:05:18 -0500 Original-Received: from mail-vs1-xe30.google.com ([2607:f8b0:4864:20::e30]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rErla-0006Di-Rz; Sun, 17 Dec 2023 09:05:16 -0500 Original-Received: by mail-vs1-xe30.google.com with SMTP id ada2fe7eead31-4668e67a868so311144137.1; Sun, 17 Dec 2023 06:05:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1702821912; x=1703426712; darn=gnu.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=3IbNSZv7KROQTbCIS1f1atCBKrsGgMNcgZ8eEv7S0Cc=; b=Bjx4fKnsWqsOkS9FCOp1VI4p2iFNZuVjg5DcUkd1xInwy2nfQtAy8jiuaxM4c9hMZj UX/jMkwmROLgoPYxzwN27hNxEcRNpslDb6FMICnVktQCVIr9n56fQg6/p4PhZJ3nAAYH 0UIdVLShpSpiDiqgIUsf9XRfBVNHQ+qesUd1joPCG30kYfI4y3AZUJfn9HDoVx8nqX73 YTkr0GffQSnVBmv2P325qWOl/fbrKc+azRBWueKgcfsqtUKJ1XDWp3aUkEFIPIm/wD6H 8Po6O68NKvt2ZvObp3/iH9LeAUVgsKwWECjjpb+YYYF4/rDZQr/NmGo+TZx7tvS+7+++ 26Rg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702821912; x=1703426712; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3IbNSZv7KROQTbCIS1f1atCBKrsGgMNcgZ8eEv7S0Cc=; b=S9guPUXpOWXNfWOzkDRIYSLU9gr+49uvOCR8D7IxxJGlxDja7PFajYJgUFYlb2bjoq fLw2mn59bK24r7vUStvkXWhfLcLSDK000P1DxF3wrM9htlUpj88e86pHz9rcVgzu9kMI LbPzM7Q/Xh1u+DT0StR6wjweYfjp7phDDHMGhS+og8BbUbPV8nmsB09wHIso70PjG+9F tHBlxsDTpZC4DTnpSFWrKg9IHKpr52TnQUvNaOrldasynCzakd362rue8gHeUBMkJ1Lm qgz8+gV0403gXVzzENHzbCkmAZ9v1q71Z5wnvKBd/Aj4IIz6yqZzvdpvN4FLqD+QlDmQ A4/g== X-Gm-Message-State: AOJu0YyZkklYd2qRpWoc86ouHHs5WyuKru0fA4NgYrvugQyTWAuSCKO8 NGfStf+eWzhweHMu38xlS2Gq08N32eFS82omR3i/BUHF4nc= X-Google-Smtp-Source: AGHT+IE76OZyaeL0qBqOElX0zRDJtSc8M60/FI8k747yWyx8xgcxzt7rZNHFtuzQkegws9+sVdpJWcEOVtdghKtVavo= X-Received: by 2002:a67:f8c2:0:b0:466:8542:3a7 with SMTP id c2-20020a67f8c2000000b00466854203a7mr1108511vsp.13.1702821912462; Sun, 17 Dec 2023 06:05:12 -0800 (PST) In-Reply-To: <83il4xj9cc.fsf@gnu.org> Received-SPF: pass client-ip=2607:f8b0:4864:20::e30; envelope-from=yurivkhan@gmail.com; helo=mail-vs1-xe30.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.devel:313927 Archived-At: On Sun, 17 Dec 2023 at 19:36, Eli Zaretskii wrote: > Sorry, but I disagree. Emacs should not second-guess the users, and > should certainly NOT force them into what we consider to be the secure > environment. It is okay to behave securely by default, but if someone > wants to be insecure, for whatever reasons, we should let them have > the old, insecure behavior. Certainly when we first change the > default, since there's a possibility that something will break for > someone due to this change, and we need to let users have a fire > escape in those cases, until we get our act together in the next > release. The header in question, From, is governed by RFC 9110 =C2=A7 10.1.2[0], whi= ch says: The From header field is rarely sent by non-robotic user agents. A user agent SHOULD NOT send a From header field without explicit configuration by the user, since that might conflict with the user's privacy interests or their site's security policy. A robotic user agent SHOULD send a valid From header field so that the person responsible for running the robot can be contacted if problems occur on servers, such as if the robot is sending excessive, unwanted, or invalid request= s. [0]: https://www.rfc-editor.org/rfc/rfc9110.html#section-10.1.2 That is, it=E2=80=99s not intended for web browsers or interactive applications acting on the user=E2=80=99s behalf. It=E2=80=99s for spiders = and other automation. Surely a user who is writing a spider in Elisp can take the extra conscious step of filling out the general fire escape, =E2=80=98url-request-extra-headers=E2=80=99, and deciding which email addre= ss to expose. It is good that the default value of =E2=80=98url-privacy-level=E2=80=99 is= (email), preventing the leak by default, but there is no reason to make it possible to configure url.el to leak it with every request made from Emacs. If you=E2=80=99re running a spider and also just browsing the Web wi= th EWW, you probably only want requests from your spider to be attributed to you as the spider maintainer.