From: Ihor Radchenko <yantar92@posteo.net>
To: "Dr. Arne Babenhauserheide" <arne_bab@web.de>
Cc: 58774@debbugs.gnu.org, Max Nikulin <manikulin@gmail.com>,
emacs-orgmode@gnu.org
Subject: bug#58774: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly
Date: Thu, 27 Oct 2022 23:20:08 +0000 [thread overview]
Message-ID: <87zgdgn9av.fsf__11849.0281443641$1666912944$gmane$org@localhost> (raw)
In-Reply-To: <87y1t0or6q.fsf@web.de>
"Dr. Arne Babenhauserheide" <arne_bab@web.de> writes:
> Max Nikulin <manikulin@gmail.com> writes:
>
>> How are you going to distinguish your personal files and arbitrary
>> files from non-trusted sources? By signing your files and maintaining
>> list of trusted certificates?
>
> One idea that could work well is to add an explicit allow-list
> trusted-sources-to-allow-unsafe-modes with entries of domain and
> path-prefix where people can add trusted sources.
>
> If for example my server were draketo.de,¹ I could set this list to
>
> '(("https://www.draketo.de" "/software"))
>
> and when I would then open a link like
>
> https://www.draketo.de/software/advent-of-wisp-code-2021.org
>
> with eww, it would directly switch to org-mode.
>
>
> If, however, I would open the link
>
> https://draketo.de.evil.attacks/software/advent-of-wisp-code-2021.org
>
> with eww, it would display it as plain text, because it would not be in
> the list of trusted sources.
I am a bit lost about the aim of this tread, but let me share some
existing remote resource controls we have employed on the latest Org:
(defun org--should-fetch-remote-resource-p (uri)
"Return non-nil if the URI should be fetched."
(defun org--safe-remote-resource-p (uri)
"Return non-nil if URI is considered safe.
This checks every pattern in `org-safe-remote-resources', and
returns non-nil if any of them match."
(defun org--confirm-resource-safe (uri)
"Ask the user if URI should be considered safe, returning non-nil if so."
You can check the implementation at
https://git.savannah.gnu.org/cgit/emacs/org-mode.git/tree/lisp/org.el#n4540
--
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>
next prev parent reply other threads:[~2022-10-27 23:20 UTC|newest]
Thread overview: 94+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-25 12:06 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly Jean Louis
2022-10-25 15:02 ` Dr. Arne Babenhauserheide
2022-10-25 19:56 ` bug#58774: " Jean Louis
2022-10-25 19:56 ` Jean Louis
2022-10-25 21:54 ` Dr. Arne Babenhauserheide
2022-10-26 7:57 ` bug#58774: " Jean Louis
2022-10-26 7:57 ` Jean Louis
2022-10-26 11:55 ` bug#58774: " Dr. Arne Babenhauserheide
2022-10-26 11:55 ` Dr. Arne Babenhauserheide
2022-10-26 12:20 ` Jean Louis
2022-10-26 12:45 ` bug#58774: " Andreas Schwab
2022-10-26 12:45 ` Andreas Schwab
2022-10-26 13:19 ` bug#58774: " Jean Louis
2022-10-26 13:19 ` Jean Louis
2022-10-26 13:55 ` Andreas Schwab
2022-10-26 13:55 ` Andreas Schwab
2022-10-26 17:36 ` Jean Louis
2022-10-27 7:58 ` Andreas Schwab
2022-10-27 7:58 ` Andreas Schwab
2022-10-27 8:40 ` Jean Louis
2022-10-27 8:40 ` Jean Louis
2022-10-27 11:22 ` Andreas Schwab
2022-10-27 11:22 ` Andreas Schwab
2022-10-27 11:23 ` Dr. Arne Babenhauserheide
2022-10-27 11:23 ` Dr. Arne Babenhauserheide
2022-10-26 17:36 ` Jean Louis
2022-10-26 7:59 ` Jean Louis
2022-10-26 7:59 ` Jean Louis
2022-10-25 23:03 ` Ihor Radchenko
2022-10-26 6:07 ` bug#58774: " Stefan Kangas
2022-10-26 6:52 ` Ihor Radchenko
2022-10-26 6:52 ` Ihor Radchenko
2022-10-26 8:24 ` Jean Louis
2022-10-26 8:24 ` Jean Louis
2022-10-26 20:22 ` indieterminacy
2022-10-26 20:22 ` indieterminacy
2022-10-26 11:30 ` Dr. Arne Babenhauserheide
2022-10-26 11:30 ` Dr. Arne Babenhauserheide
2022-10-26 21:41 ` Tim Cross
2022-10-27 10:43 ` Dr. Arne Babenhauserheide
2022-10-26 13:15 ` Stefan Kangas
2022-10-26 13:15 ` Stefan Kangas
2022-10-26 8:21 ` Jean Louis
2022-10-26 8:21 ` Jean Louis
2022-10-26 17:07 ` Max Nikulin
2022-10-26 17:07 ` Max Nikulin
2022-10-26 18:37 ` Jean Louis
2022-10-26 18:37 ` Jean Louis
2022-10-26 21:16 ` Dr. Arne Babenhauserheide
2022-10-26 21:16 ` Dr. Arne Babenhauserheide
2022-10-27 4:25 ` tomas
2022-10-27 11:10 ` Dr. Arne Babenhauserheide
2022-10-26 21:56 ` indieterminacy
2022-10-26 21:56 ` indieterminacy
2022-10-26 20:00 ` Tim Cross
2022-10-26 6:07 ` Stefan Kangas
2022-10-25 22:13 ` Ag Ibragimov
2022-10-26 8:28 ` Jean Louis
2022-10-26 13:00 ` Rudolf Adamkovič
2022-10-26 13:42 ` bug#58774: " Jean Louis
2022-10-26 13:42 ` Jean Louis
2022-10-27 4:55 ` Jean Louis
2022-10-27 4:55 ` Jean Louis
2022-10-27 11:13 ` bug#58774: " Dr. Arne Babenhauserheide
2022-10-27 11:13 ` Dr. Arne Babenhauserheide
2022-10-27 17:41 ` bug#58774: " Jean Louis
2022-10-27 17:41 ` Jean Louis
2022-10-27 21:43 ` bug#58774: " Dr. Arne Babenhauserheide
2022-10-27 21:43 ` Dr. Arne Babenhauserheide
2022-10-27 15:35 ` bug#58774: " Max Nikulin
2022-10-27 15:35 ` Max Nikulin
2022-10-27 17:58 ` Jean Louis
2022-10-27 17:58 ` Jean Louis
2022-10-27 21:49 ` Dr. Arne Babenhauserheide
2022-10-27 21:49 ` Dr. Arne Babenhauserheide
2022-10-27 18:25 ` Jean Louis
2022-10-27 18:25 ` Jean Louis
2022-10-27 19:53 ` Quiliro Ordóñez
2022-10-27 19:53 ` Quiliro Ordóñez
2022-10-27 19:58 ` Quiliro Ordóñez
2022-10-27 19:58 ` Quiliro Ordóñez
2022-10-27 21:57 ` Dr. Arne Babenhauserheide
2022-10-27 21:57 ` Dr. Arne Babenhauserheide
2022-10-27 22:18 ` Jean Louis
2022-10-27 23:14 ` Dr. Arne Babenhauserheide
2022-10-27 23:14 ` Dr. Arne Babenhauserheide
2022-10-27 22:18 ` Jean Louis
2022-10-27 23:20 ` Ihor Radchenko
2022-10-28 8:28 ` Dr. Arne Babenhauserheide
2022-10-28 8:28 ` Dr. Arne Babenhauserheide
2022-11-02 4:09 ` Ihor Radchenko
2022-11-02 4:09 ` Ihor Radchenko
2022-10-27 23:20 ` Ihor Radchenko [this message]
2023-09-02 8:53 ` Stefan Kangas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='87zgdgn9av.fsf__11849.0281443641$1666912944$gmane$org@localhost' \
--to=yantar92@posteo.net \
--cc=58774@debbugs.gnu.org \
--cc=arne_bab@web.de \
--cc=emacs-orgmode@gnu.org \
--cc=manikulin@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.