From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id MFNXKuelWmOW2gAAbAwnHQ (envelope-from ) for ; Thu, 27 Oct 2022 17:38:15 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id MGpoKuelWmPlJAEA9RJhRA (envelope-from ) for ; Thu, 27 Oct 2022 17:38:15 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 790343C030 for ; Thu, 27 Oct 2022 17:38:15 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oo4vp-0006xU-R3; Thu, 27 Oct 2022 11:36:37 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oo4vT-0006TV-S2 for emacs-orgmode@gnu.org; Thu, 27 Oct 2022 11:36:11 -0400 Received: from mail-lf1-x132.google.com ([2a00:1450:4864:20::132]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oo4vJ-0007jH-U1 for emacs-orgmode@gnu.org; Thu, 27 Oct 2022 11:36:11 -0400 Received: by mail-lf1-x132.google.com with SMTP id r14so3811614lfm.2 for ; Thu, 27 Oct 2022 08:36:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:in-reply-to:from:to:references :content-language:subject:user-agent:mime-version:date:message-id :sender:from:to:cc:subject:date:message-id:reply-to; bh=QAwJZJR904/4fSb54r+zRj41Zs9iCrcEA4p4sGJFX+M=; b=Z4QMTuoSdz5iRZ7c13/QMn2t3m0ulK8kN9SYrKaelTTwtvAL71IWweNHe6SSjJmo3k GmjvQOCqQr1yF6xZvhJP2Q9CoGIVgrHvybtdm/fIxUWStt5y9hkMk4nNeE72m2WC2/6W WM3+vM0O6w2WchMY/J1gj1/wEH+vEfyPJiV6Qn1aZyhDCMEtbUTWpuqEiE/e6YoCj/cG BlWivg4RKEU3ngiKCNp6WwNO2VNR+6z94N9oBJ2PXG3Z7ZWr74kAI+1gr+lOzkYfJWKS uy2XhrMNuaWJ8g9N28QNLNnaJ0en7D/orw96+uQ+zNGPLtCCN65hjfCCufzm5dvheOJ1 70Nw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:from:to:references :content-language:subject:user-agent:mime-version:date:message-id :sender:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=QAwJZJR904/4fSb54r+zRj41Zs9iCrcEA4p4sGJFX+M=; b=N90J6sTznCfS4eZA8CHinDoPGgDrBv1xSCm2H8ggckPA6WgepLZrPsKT5wkZ3Hycts 5SMSGm3Bt2yCf71imHQmV+T1RTMm7Ep4bGpZIdJY4kqI0VnPCWfdQZ/gxQrSjQTSeqyx +mWlm7LwKmXVbOMOuH1o5VIsfH7AqnDWhUifdJBySo9sYMKRsjrdm3aq0PIjT5gSuAgN 7Ns74WSu8CdG51B6Ba3iu9oIpBMb7pwzwj/bPTsFfs3UwelhKPG7pXKBNMyDIkkwPt6Q j/Wb0JgSRkxlXe79820w+ahly2pr4Ga4aHOJgfgfYx1pO1tK5ThOAycDwS22C6f1YWG6 cKDA== X-Gm-Message-State: ACrzQf2q2cfNhQQdGejb+yQMuc2OlSETdCUsBXOXHfUMHU1Shefd8WM9 CwNW4pKFH420AQOUJKCeFCcRdIYv0IUBFw== X-Google-Smtp-Source: AMsMyM4ZMsgHKKGvlTlexfp0RJcTvbm9eOlshMv4GCT0P5kF9pz13njeffOmuhoq7a4NB5gFh4JqQA== X-Received: by 2002:a05:6512:1287:b0:4a2:a7c3:641d with SMTP id u7-20020a056512128700b004a2a7c3641dmr20184463lfs.511.1666884959788; Thu, 27 Oct 2022 08:35:59 -0700 (PDT) Received: from [192.168.0.101] (nat-0-0.nsk.sibset.net. [5.44.169.188]) by smtp.googlemail.com with ESMTPSA id g1-20020a056512118100b00496693860dcsm220500lfr.232.2022.10.27.08.35.58 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 27 Oct 2022 08:35:59 -0700 (PDT) Message-ID: Date: Thu, 27 Oct 2022 22:35:57 +0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 Subject: Re: bug#58774: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly Content-Language: en-US References: <86bkq0qf8p.fsf@protected.rcdrun.com> To: 58774@debbugs.gnu.org, Org Mode List From: Max Nikulin In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Received-SPF: pass client-ip=2a00:1450:4864:20::132; envelope-from=manikulin@gmail.com; helo=mail-lf1-x132.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Emacs-orgmode" Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1666885095; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=QAwJZJR904/4fSb54r+zRj41Zs9iCrcEA4p4sGJFX+M=; b=YoNM7G3gHZdOkPso0Akjdeg+zq2V2tHXxJWMvepEIbb3XUpS8XM1/5lMognNF0MaqvHeoa lPixrSqLocIVRV3xOfkvl8VMbj9AAtQbdB8VqNNuMq7mpWiEI6h4PElpd64K8ezPXvruxI ieiIMA3ZoQYCZJSpRTNt44gXI7j156E49/lLD//NEM8KuHzFK6EPF01XJ3iYoU/lphcIaS 5xpadjvxTvdRz+qg0MUvT3Zn66ltaRbvlYli9eYd2Qx9QviRT8uM50jsGklOWLLlMmcR9G kSjzF9nwA2/ma5EcOQhb+Vcerj54DASK30yMGz1mwarL317QtDxx8O59+3W5+g== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1666885095; a=rsa-sha256; cv=none; b=D6XM+D8fAW9FWdWBvLCwD6cK0RNPPMFh/MPNq90hCer56umir0fq72z4CKFZGs9guBkCFZ YtLXSTWST1xJ8oK6ck7bKQMQfejHqQTK8JBa0y17ZF3NbEIyhCvDWNHMx2ytuXHlIGpoBc wp2/3Fwkd/Z5qBEXDD8Wiql94muoBY6uiNJoHJoQTzztF2QaxmzqsMbDEyd8CPNR5S62cy hLHHSmLCM4TdxidO3p0twOOcA9uMjlNQRxu01G6GNo69lQ1jp4kADX+v6rwoVmN7o+tJrF ZsgZFmIclI8YTl29yMqYGSW3Xq7ENybTnUpn/wClCLHeXDny99UqZag4lPnHjg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b=Z4QMTuoS; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: 7.48 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20210112 header.b=Z4QMTuoS; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 790343C030 X-Spam-Score: 7.48 X-Migadu-Scanner: scn0.migadu.com X-TUID: OYFwM+Fz89ve On 27/10/2022 11:55, Jean Louis wrote: > > Now is clear that main problem here is that Org advertises somewhere > to be "text" in MIME context, while it is not, it is by default > "application" and thus unsafe, see: ... > Text Media Types > https://datatracker.ietf.org/doc/html/rfc6838#section-4.2.1 I do not see any problem or any difference what MIME type you are going to associate with Org mode. I agree with Arne that text/... type is more appropriate for a format readable as text. I do not see any contradictions with that RFC. "Org Mode Your life in plain text" Chromium is able to display text/x-org internally just as text/plain and I like it as a way to preview and review file contents. I have not managed to configure Firefox to achieve the same behavior that allows to avoid an external application (certainly not Emacs at first). > We can't just speak of safety alone when we are in general > computing environment, we must also speak of usefulness. I do not mind to have org-view-mode that saves me from execution some code unintentionally. Since most of the code was written without having in mind such feature, I expect a lot of iterations before all possibilities to run code will be plumbed. I suspect that it is possible to ruin whole protection by a small piece of elisp code. I am unaware of sandboxing in Emacs. I expect that making Org mode safe enough will require a lot of efforts by developers. Your are pushing Org to rather hostile environment: highly automated attacks to distribute exploits, market of breached computers listening for remote commands. A running cryptominer would be rather innocent consequence, through the same backdoor you may receive an encryptor or various stuff searching for credentials and access tokens in your files. Emacs is protected mostly by its low popularity. A lot of efforts have been invested in browser making attacks more expensive, but still attractive due to possible benefits. I do not like to increase surface for attacks. Someone may create a plugin targeting Emacs users just because it would be easy enough. Consider converting Org files to HTML as an unpleasant tax for the sake of safety. > All I want is to access my personal read-only Org files by using WWW > and browse from one to the other by using links. How are you going to distinguish your personal files and arbitrary files from non-trusted sources? By signing your files and maintaining list of trusted certificates? For personal notes I would expect e.g. private instance of nextcloud file share (that is internally HTTP server), not accessing files directly through HTTP.