Ihor Radchenko writes: > "Dr. Arne Babenhauserheide" writes: > >> One idea that could work well is to add an explicit allow-list >> trusted-sources-to-allow-unsafe-modes with entries of domain and >> path-prefix where people can add trusted sources. >> >> If for example my server were draketo.de,¹ I could set this list to >> >> '(("https://www.draketo.de" "/software")) >> >> and when I would then open a link like >> >> https://www.draketo.de/software/advent-of-wisp-code-2021.org >> >> with eww, it would directly switch to org-mode. > > I am a bit lost about the aim of this tread, but let me share some > existing remote resource controls we have employed on the latest Org: > (defun org--safe-remote-resource-p (uri) > "Return non-nil if URI is considered safe. > This checks every pattern in `org-safe-remote-resources', and > returns non-nil if any of them match." > You can check the implementation at > https://git.savannah.gnu.org/cgit/emacs/org-mode.git/tree/lisp/org.el#n4540 That’s pretty awesome! Thank you! So we could have companywide shared setupfiles without granting ssh-access to machines … … and to the topic: this may be something that could be re-used in eww. Though I would prefer having a less-intrusive notification than a y-n question; maybe just a message in the echo area that with a specific command this uri could be marked as safe and then get interpreted as org right away. Best wishes, Arne -- Unpolitisch sein heißt politisch sein, ohne es zu merken. draketo.de