From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id EIs0Ok122GMLeQEAbAwnHQ (envelope-from ) for ; Tue, 31 Jan 2023 03:00:46 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id ePEuOk122GP1xgAAauVa8A (envelope-from ) for ; Tue, 31 Jan 2023 03:00:45 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id D1C308A1A for ; Tue, 31 Jan 2023 03:00:44 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pMfvx-0007jq-20; Mon, 30 Jan 2023 20:59:41 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pMfvu-0007jh-PG for emacs-orgmode@gnu.org; Mon, 30 Jan 2023 20:59:38 -0500 Received: from mail-lf1-x12a.google.com ([2a00:1450:4864:20::12a]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1pMfvs-0002MP-Bq for emacs-orgmode@gnu.org; Mon, 30 Jan 2023 20:59:38 -0500 Received: by mail-lf1-x12a.google.com with SMTP id br9so22096008lfb.4 for ; Mon, 30 Jan 2023 17:59:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:references:in-reply-to :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=u+lso0Fqj9zjZusfhA7luU4KWr+byvH7FFg2QpZHR40=; b=XdbdMO/fUY7XcChHl61LZ7AQZj+9x3GonqxaEK+0raTdRdUOT6A1ctxmAQq51/bsNU Gs84VY1LSQo85Pg0ASiguSgnSAhAbL0ct94Vweeqo9CZZPVyHtrjbaJHnqEzdY010UPh tFJFlt1P1dayuzeKbO8KNEBB80yiflYvHzI4SCy41FZKssKTk5WZ1swjA/y3ckRqeDZa LpgNy4cY+wo0TDfGfbIM07E+SKd5K2uPO5qLHxkHh6O0npMJmSKV4m9dgyczH6ahOhiw GovFLpVbtZetl1wJSSOvefWajGNnLJc4wLNHBbd3DwonWFyl7OuRDfbRU1ZCWIRAvve0 +YGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:references:in-reply-to :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=u+lso0Fqj9zjZusfhA7luU4KWr+byvH7FFg2QpZHR40=; b=kiNaNTIWWD8bCtCSLPgOsD98Xakocl0L4Kg1zxox4QuDv65FWRUkO1zBw/cgJeX/X4 rB4bi33sHzD2AoF27J/G7T/XWmlsAP8dleBmQS/MVVLkiY0UNH5UeT4Jv+O/I6+E2KHj NeuqcW3VYIddVz0iJHyzicoX+ufVi3zVZ90x2vFU8mjweX89p1yFjJKpLan+5aLkYvAA OOJ4aCoqjcG66gAXBIAdcuIDwQsY1nej3LxyB15Sh5FrdLfLqidNV4M9rIyO8YJaFCU4 McsEOerewwgYayrPNIJLWKzNALh6L7WzToUmMVHSc8kRnm2PYYFMc1jDA26e7ET8ReRv kUSA== X-Gm-Message-State: AFqh2krP7Q41UUUT3hzdYFQlc7dNGl0XLl1LlqZVfD+aXSVPpxDQlZO5 mR+jAom7JJgpCHZFkdEU5wWMzROpC6XrhxhGxVA= X-Google-Smtp-Source: AMrXdXsJsZzuDOusNvn/i9I0k+aEpOeo4Z6DcDkW6XHocKtqanPYOQUPad9ikThre/6v6GFCjxM6RUtHehfHRYq3GLY= X-Received: by 2002:a19:6a15:0:b0:4cb:43d3:cb6c with SMTP id u21-20020a196a15000000b004cb43d3cb6cmr6891554lfu.151.1675130373825; Mon, 30 Jan 2023 17:59:33 -0800 (PST) MIME-Version: 1.0 Received: by 2002:aa6:c266:0:b0:23b:5e81:46ba with HTTP; Mon, 30 Jan 2023 17:59:32 -0800 (PST) In-Reply-To: References: <3218434.44csPzL39Z@linux.fritz.box> <860cca44-faa3-ce41-3606-f92b50ee00a9@gmail.com> <87a62bnf4t.fsf@localhost> <21750362.EfDdHjke4D@linux.fritz.box> <939b62c1-34ee-051e-405a-328b841d3d16@gmail.com> <875yculcim.fsf@localhost> <87pmaxe9fk.fsf@localhost> From: Samuel Wales Date: Mon, 30 Jan 2023 18:59:32 -0700 Message-ID: Subject: Re: Firefox permission dialog and org-protocol To: Max Nikulin Cc: emacs-orgmode@gnu.org Content-Type: text/plain; charset="UTF-8" Received-SPF: pass client-ip=2a00:1450:4864:20::12a; envelope-from=samologist@gmail.com; helo=mail-lf1-x12a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: emacs-orgmode-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1675130444; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=u+lso0Fqj9zjZusfhA7luU4KWr+byvH7FFg2QpZHR40=; b=CO0uRlS28xvKjcsetBjWKm/Fhjl3IN0bsShYjDJr9sEPH9qmUoD2Ns7H99wai8dTWMjN8F WoNkce/QtU4ThodbRr85vy8Wk3fxWhh2ahX8P+qx4Z1mevmFgNxp18NsDWpKvKGOlnALIw Ly2Dixpf7yl35SCEi8BJdKG5ZhlaGLdH7+JkbRnKWx5wx9UJ5sXbVjkXQvJycx+RwSG9DP 8S6h8qqTuWnD1wJ2eY5X093/bt/obV0L0/Wljo5YAtuAj8T/PEEePPaLweO1GZC79cqOeR JzMNlIl52L7vdVNOsbE3pjoz/hQZ5S/K7EveZeXBXMfZSmvubUf9YG4zwnzUlQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b="XdbdMO/f"; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=key1; d=yhetil.org; t=1675130444; a=rsa-sha256; cv=none; b=jXbBoGqnuoY6C6iKE5WmcecuRHF15CLp1yRwwx2CnOJmYkmCkAD8rp6ovZ90EiN63CxOfi E6HAEIr2cAUHbcTuV2PyeWXnTUKfEk4qqvHfFsbTzsmBazvOuFwup+1GKfIEG+u9oBADVK kM2j1XbdEgYwJ6CsdU16UVV5bYrTv2vHbtb1aw1nkA+Q7nApS1YIR+9GqLoXzGa2IiVRxd tu+2m14thZSgHuP0JlGGVyP6AtD6Is1CVSKqHLBm0aMbzC6SbRtEfjMJBWfij3tBi1h020 TTZ21RPqgShJ8f81Jecfh700OiHO6/EyDKNh6jjvHQJYCjld9dSzPt5LWUbDVg== Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b="XdbdMO/f"; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com X-Migadu-Scanner: scn0.migadu.com X-Spam-Score: -8.26 X-Migadu-Queue-Id: D1C308A1A X-Migadu-Spam-Score: -8.26 X-TUID: f9kE0Ec/rFI4 unable to follow this but it sounds like a big deal and i am glad that you are looking into it. thanks. [my use case fwiw: 1] it is disruptive for me having org-capture not work [i do not alwys use kb]. 2] x-wide capture using emacsclient would presumably not contain the page title in firefox. 3] if automatic reliable confirmation if possible results as a side effect of this work, great. 4] oh do i ever want advanced spookfox! please ignore all of this just want to say thanks.] On 1/29/23, Max Nikulin wrote: > On 29/01/2023 20:50, Ihor Radchenko wrote: >> Max Nikulin writes: >>> On 26/01/2023 01:01, Ihor Radchenko wrote: >>>> https://bugzilla.mozilla.org/show_bug.cgi?id=1678994 >>> >>> Bug 1678994 "website permission to open special links in external >>> applications not configurable" > ... >> It appears to be a newer version of Firefox. >> I originally got to know about the problem from >> https://old.reddit.com/r/emacs/comments/10jr2up/orgprotocol_permissions_on_firefox/ > > Likely the person uses a bookmarklet to initiate capture. This case > JavaScript snippet is executed in the context of the current web site, > so it is necessary to confirm permission for each site. I would > recommend to install an add-on for org-protocol instead. It would be > enough to confirm once that *this extension* is allowed to launch > external application through a custom scheme URI. > > An additional advantage is that if some site were had a malicious > org-protocol link hidden by some attractive description then browser > would ask user even if some pages on the same site were captured earlier. > > I faced a similar issue 3 years ago when "always allow" checkbox just > disappeared from chromium popup. > > The popup with permission request appeared because some version of zoom > allowed unsolicited video call. They decided that a dialog in the app > before switching on camera would be annoying to users. Users already > confirmed their intention in the Safari dialog. So other browser had to > add this popup as well. The intention is to avoid joining a video call > accidentally while being naked. > > https://infosecwriteups.com/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5?gi=2ed4ab044837 > Jonathan Leitschuh. Zoom Zero Day: 4+ Million Webcams & maybe an RCE? > Just get them to visit your website! 2019-07-08 > > To summarize, I believe that a browser extension is a safer way to use > org-protocol. With a native messaging helper application it is even > possible to avoid desktop-wide org-protocol configuration and to call > emacsclient directly by the add-on but not through links on non-trusted > web sites. > > P.S. Actually launching an application from an add-on is not really > reliable as well. The following issue has links to some other bugs. Not > to mention that external scheme URI is a shoot and forget approach with > hardly possible error detection. (A native host application may check > emacsclient exit code.) > > https://bugzilla.mozilla.org/show_bug.cgi?id=1745931 > External scheme handler configured to "Always ask" can not be launched > from add-on background page. > > > > > -- The Kafka Pandemic A blog about science, health, human rights, and misopathy: https://thekafkapandemic.blogspot.com