From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id QDreOO2UW2MIbAEAbAwnHQ (envelope-from ) for ; Fri, 28 Oct 2022 10:38:06 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id 8F/SN+2UW2PfhQAAG6o9tA (envelope-from ) for ; Fri, 28 Oct 2022 10:38:05 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 96A9A3E488 for ; Fri, 28 Oct 2022 10:38:05 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ooKrd-0001NS-Hl; Fri, 28 Oct 2022 04:37:17 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ooKrc-0001Jf-8H for emacs-orgmode@gnu.org; Fri, 28 Oct 2022 04:37:16 -0400 Received: from mout.web.de ([212.227.17.11]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ooKrO-0008P7-D9 for emacs-orgmode@gnu.org; Fri, 28 Oct 2022 04:37:16 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=web.de; s=s29768273; t=1666946206; bh=vaObvij+MAOBRkTZFn0tAjwh0ZY0nP1+I82/k/Kafr4=; h=X-UI-Sender-Class:References:From:To:Cc:Subject:Date:In-reply-to; b=fUhCgOLtUwcHsqmvPdbYt7H1KDh7GdNhl6GjA6ouuEr6z+aHLf2KszPy3WmMlrZUB RE3KlyUhEFkrc2tltZigAzPukL6/bR6aeSfgvu/CiM41jPLiT+/GiOAYogSDdBrS65 SEd6Q8hmX0mcxS3d8XAmj9dl6nzt7TsjyjDtgRJyHRa7dBDdHzWVS5mROzG3wEoRhc +wNXx28lmmUCT8XZYS7Vm+MF68wn7ZeB/JBVwAU5H6Pjpt9k2mAry9Aj3pshCLZmeO cXhQ0b3ZooSzCnM1tL812gl8apa4gMW+YVk/F6I9YTdvwFGxSUSMdHL/yIqg+u24BM xWE4fSt8e/RTw== X-UI-Sender-Class: 814a7b36-bfc1-4dae-8640-3722d8ec6cd6 Received: from fluss ([84.165.20.127]) by smtp.web.de (mrweb105 [213.165.67.124]) with ESMTPSA (Nemesis) id 1MG994-1oremA2uA0-00GwKX; Fri, 28 Oct 2022 10:36:46 +0200 References: <86bkq0qf8p.fsf@protected.rcdrun.com> <87y1t0or6q.fsf@web.de> <87zgdgn9av.fsf@localhost> User-agent: mu4e 1.8.9; emacs 28.1 From: "Dr. Arne Babenhauserheide" To: Ihor Radchenko Cc: Max Nikulin , 58774@debbugs.gnu.org, emacs-orgmode@gnu.org Subject: Re: bug#58774: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly Date: Fri, 28 Oct 2022 10:28:33 +0200 In-reply-to: <87zgdgn9av.fsf@localhost> Message-ID: <87h6zony3p.fsf@web.de> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Provags-ID: V03:K1:qlWTXxAeSZjRq4UQt3btxVcAmS63elqvQFCq+UVmuYpWXAlz1HT 9pdypnCvSIs5ASd/vdM7BLPg1PuDBlVvi8ZnMLqWTCzkPOc9ewJTR3NbTceXBD86bVJZ8Ha rENKRzBMq6pjL/C1Jc95rfsY2DxRiUfId+SKEleNv/J+qnaBRD7a0M7urNya4IaJdzCTFxy nOYH3+Az8sNfyVCepFmkw== UI-OutboundReport: notjunk:1;M01:P0:0CnE9T5XQjo=;zy/lT4lpifFd2Rz1Kf0gURaID+y Kv+RaDRMFJQdQBlHEelxkDmsrD5s4M/VEdH/UGCuKBk6+kW/9o2WovfSmhFyn/oGHJ5ExVvsN 2YVkoKmxSQN4FP6z8fm+JYN+nwEx7EKP9sAhaaTM9uIlKyOpbhN83wKtuRYeBfJ3N5qOsoe87 JypI3i/RytS1U9TXJ9/WXyGDGcqtR73fQnK3f0EcQtYDhhZNzk7TtIylOYf8CAsi4sTUTswG1 dMw95r2HXATds5tmg6P9YjSDzeso0GExFAcMo5VioJlVFuKEIbqqgdJ4rTw7e950IzW5+ZyJd IO2sMNA5iuvuQ3IN7TzpFbXllCY5NSpwb8UmEqYgmy4w2FTfrSObpJV5QrPHgPQIO3DxtJPKx fJjBGDoS46rUQ0X/xRoJSZMsjldJ7lpM5OK5rgzjLuNpHlHF5QZvn3H7M5X3GRO4gULuEnfjJ 4rtE5VDfTofus2GqbsRpGNZ01tue3W4PRVGrH2KFLfwPk7gC61DhDLrPsQ2rr96i0pAKMUt55 EMhrsn4RWlr833JHWLHiYJ209mb1Y1OEDCWbypa+JeJ0dg3yhhhsi4NLtvWt7hcOiNrw7rKRr CmuUMp57VIivZaEQviWYZdz5llgUugO/nK55Dtbv60zhrqprpwPqttWfYSmqMcmSpFT0G7FkE FMPfSAwgc5DNdhesNmBrN5A6LChj28e1hUGc3mWbj5eS0BS8N2HX7F7i6yktElYw6fokkPomd 6+JQ+VmuRhF+SdHK0u3Iuqq54zhroiSaWtVEfapfPIphaw3kwwwUIfuKsYwmw5jLz5BGNg04T /b6A2ngfDH6W75FoK/FcGrO3054sTR9/YQPwV/CN2pDWFy97uTjQQ5GuXdoLaOPweNzfLwc/G oVDy5PeInVKXFV0rHF70WvvGjUaEVxgugKkVnaFcB/NRsZtAEb9P71+plT13mVAIhZTCpIR6P /Ga2Vw== Received-SPF: pass client-ip=212.227.17.11; envelope-from=arne_bab@web.de; helo=mout.web.de X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, T_SPF_TEMPERROR=0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Emacs-orgmode" Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1666946285; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=ErW2hFbO8FxcaL21mzPeiBNM2ZYf85oD0Jxtr090Ezs=; b=ONSrerq76q7xCquo3Dbd7paOfrakhvzUCLCMDx4n9qPKKj2xXOR3SvTjmkiuwm0y/VJrvu P9v8KBke0HzCCk3tCjF7xoi9Ih1BFXpTSUUxzFOqldxwiyxE4x7C7olFbHYnp+fjFA41H3 SlA650N0jFJwI0lhe5yOrGWoXq4w5B1aiF/4LqZu9RDfUtaPJ8QDkJDbmNmQ/eLUinxSTQ srTt2arVUwYjXfZbPSiZykwmXOCPJrQvMFhGk7IOULkyNFsKKZPEEzQ1L6Lh8AXszjr56n AAzHJY2uFFL3eAq2Zaf3G6QZvFzT/vxkxEIft8cHbX82dH/SmxX2MQ77VeNk9w== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1666946285; a=rsa-sha256; cv=none; b=ooD42+OYbGPtNUCmy0V6M6BOGX7leiEo7kqk/D5DkMKSkKkCNu45uWg6FBcv38BSpc+io+ u9i12wke3SKRVIHje3GC0/v0Ovk7QmRvq5UG+MOraba7lEddyPkXCjjXVfRlhGQJtOL8Df eAu1TyzcEpGpfwDsT38OLE/AglmiJ15zVhN+ylQPjwuuEgwQ/siMQ35mdU59Hdz7afbEk1 I5/Jp4uFauERal2fiEjHKTmC74mlxHtK9ahSPYk0kGnT+hXKYIZZgjQw8z/bWVGsmH7x46 8eSAA3Er0hEz2GCkDjIh4HAYtoL24Yjp/4ImKU8AeG1L9SWuhhu5jMb0qzncVA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=web.de header.s=s29768273 header.b=fUhCgOLt; dmarc=pass (policy=none) header.from=web.de; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -6.01 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=web.de header.s=s29768273 header.b=fUhCgOLt; dmarc=pass (policy=none) header.from=web.de; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 96A9A3E488 X-Spam-Score: -6.01 X-Migadu-Scanner: scn1.migadu.com X-TUID: 48VxcCuL3qJ4 --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Ihor Radchenko writes: > "Dr. Arne Babenhauserheide" writes: > >> One idea that could work well is to add an explicit allow-list >> trusted-sources-to-allow-unsafe-modes with entries of domain and >> path-prefix where people can add trusted sources. >> >> If for example my server were draketo.de,=C2=B9 I could set this list to >> >> '(("https://www.draketo.de" "/software")) >> >> and when I would then open a link like >> >> https://www.draketo.de/software/advent-of-wisp-code-2021.org >> >> with eww, it would directly switch to org-mode. > > I am a bit lost about the aim of this tread, but let me share some > existing remote resource controls we have employed on the latest Org: > (defun org--safe-remote-resource-p (uri) > "Return non-nil if URI is considered safe. > This checks every pattern in `org-safe-remote-resources', and > returns non-nil if any of them match." > You can check the implementation at > https://git.savannah.gnu.org/cgit/emacs/org-mode.git/tree/lisp/org.el#n45= 40 That=E2=80=99s pretty awesome! Thank you! So we could have companywide shared setupfiles without granting ssh-access to machines =E2=80=A6 =E2=80=A6 and to the topic: this may be something that could be re-used in = eww. Though I would prefer having a less-intrusive notification than a y-n question; maybe just a message in the echo area that with a specific command this uri could be marked as safe and then get interpreted as org right away. Best wishes, Arne =2D-=20 Unpolitisch sein hei=C3=9Ft politisch sein, ohne es zu merken. draketo.de --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEE801qEjXQSQPNItXAE++NRSQDw+sFAmNblJ0QHGFybmVfYmFi QHdlYi5kZQAKCRAT741FJAPD62MEEADRkaAOswDsvs0s/m6ALspGfQHOHqOkBCpk RoAX2a2HPxgapZe3PovKoMF1PvzeDC5VUvmtsZWG3ms6cGQaTDMo4xsPg+jkwrEb vmJENoCqER/M225Fb2ZBeTx4LgpK2yg/AuZouf26HSGFdNI6u80zlQd8mXMKNQu6 F9QYzFcQSIOrisoAIYOPmfkJfOX0Kt+ZQbmVuCVbTx9gXTpDCQ/B+RUlLsMB1XNh jFreO15og79Y6wVJooJsofVt6zfq9lFRCxffEI966BCrcsiFc3Ni4CSH1cw6kHqQ B+6rGK40UnAsAO0XBpWs382T9mztNccstWPGMWryyMJ/4epX3LfLhrGLCUymbwcS IXdyCe0vV7YpJQbSNUavKTyaNgJt87s/Wi2xZA9Ei8cV+9f2PR4Bb9XCr9eCUnKz UIfPPEzI5F7d0jXYHNs4h7yHVv/1j6rxSICgth8SKIMzX4OUq+9yQB2FQtoIQ8BZ GWyBqGvs0+X2d0Y2JORtfPzf/dRgE11M/yiiH9aDmgjvz3/iWmS1spIsf29drrip l3GiAmqidUSAZ881IdUJTXzSaK2SFPaJR6AOASOvEZ538c/5b+Z3xsFc0HtaXPC+ Q8aojUnsHHc5D4xz7uS5PA38KPaFJVpiWrqlQEnuOQeSDmOL6wjneTSVNFv/He6j dSR9KwVRXYjEBAEBCAAuFiEE3Si95tmHXKvOSosd3M8NswvBBUgFAmNblJ0QHGFy bmVfYmFiQHdlYi5kZQAKCRDczw2zC8EFSNvQA/9N8/TBhSNzEvZX0uIwLnalWcX6 9SS7MtDRZGGlATKzrjo9X+C8pO6v4d9DA9jOXqAUW+wE/gcLa6UdgCK+Adf9ZqJK 8cmLSroHgzyVttZxpOtElK/UXg0lOn/GLPaAND7QJDHTV2fCVNGRmg+6G3BG+SFD 2/KFPBjM1txuXh1Tiw== =+Asy -----END PGP SIGNATURE----- --=-=-=--