From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id wBTeH3Ja12MdNgAAbAwnHQ (envelope-from ) for ; Mon, 30 Jan 2023 06:49:38 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id OHjfH3Ja12NYJgAA9RJhRA (envelope-from ) for ; Mon, 30 Jan 2023 06:49:38 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 0ED54AE35 for ; Mon, 30 Jan 2023 06:49:36 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pMN27-0007eH-4M; Mon, 30 Jan 2023 00:48:47 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pMN24-0007dw-UX for emacs-orgmode@gnu.org; Mon, 30 Jan 2023 00:48:44 -0500 Received: from ciao.gmane.io ([116.202.254.214]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pMN23-0006ii-9M for emacs-orgmode@gnu.org; Mon, 30 Jan 2023 00:48:44 -0500 Received: from list by ciao.gmane.io with local (Exim 4.92) (envelope-from ) id 1pMN20-0008ru-HZ for emacs-orgmode@gnu.org; Mon, 30 Jan 2023 06:48:40 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: emacs-orgmode@gnu.org From: Max Nikulin Subject: Re: Firefox permission dialog and org-protocol Date: Mon, 30 Jan 2023 12:48:31 +0700 Message-ID: References: <3218434.44csPzL39Z@linux.fritz.box> <860cca44-faa3-ce41-3606-f92b50ee00a9@gmail.com> <87a62bnf4t.fsf@localhost> <21750362.EfDdHjke4D@linux.fritz.box> <939b62c1-34ee-051e-405a-328b841d3d16@gmail.com> <875yculcim.fsf@localhost> <87pmaxe9fk.fsf@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.4.2 Content-Language: en-US In-Reply-To: <87pmaxe9fk.fsf@localhost> Received-SPF: pass client-ip=116.202.254.214; envelope-from=geo-emacs-orgmode@m.gmane-mx.org; helo=ciao.gmane.io X-Spam_score_int: 27 X-Spam_score: 2.7 X-Spam_bar: ++ X-Spam_report: (2.7 / 5.0 requ) BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FORGED_GMAIL_RCVD=1, FORGED_MUA_MOZILLA=2.309, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, NICE_REPLY_A=-0.092, NML_ADSP_CUSTOM_MED=0.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: emacs-orgmode-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1675057777; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=LHcZh0IAoJv9dMhEhRvpm1Urr2+Ii32OmaMzjtbBbOA=; b=CoOq6A4oGc3/GGgijKzhXu9GlK4glU/GUqcD8cWr7tK+rrF7Qd6yY/f082ZgyKd2oKe4fz giLYh+FBMw03eNjB57hcLemDuI+Z7O0R2TdEer7txlLUD89O1l3Nk9lxrjv45b5BHV/dcE Puu82cX612ZOnkxjhBfVxRUzBaxW5PGMQ8+Ee/dAwKaW/nJzDcBEaRcPEa2ynAs6G9lfZf mj7cbur05eWJMAcbuBXy7fvQKHDEriNknWMc3BEKdXhvIzgYJhgh1okaV5MD0yN4HxTflQ kzwyM+WWNecRgS+wQqPH+NwZkMnsTenYfH3sahgsHcDqo4Hgso7cn6MFC8KMOA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" ARC-Seal: i=1; s=key1; d=yhetil.org; t=1675057777; a=rsa-sha256; cv=none; b=k0SXk8NeHLlmPsh8VwdFeRZwkjbtVIXtLhunSbnZRb5u/ZGPwrX9a2tSqn0O9S/URqz54d uPjZzXuxhYEn80HcXPkqNxhagDmV0u+620Kt3RoAKsuDTXgBAp3Mo0Pas/iTiNjnRiVEqx E+rna5URKpKLkVi3AB0p9j6RRD8lwpXOxBmhnAXb7MumFwP93epO6tE06Z+wpwE5zu3x7c HSEJsV45nQ81Te0M1Kx/A32vAELo6Mny6MYkbBQlWKsTDjMwaLgA7nOk8T4Q+CA2eQpMoP B8tfxC3PM3RJvTrK+gOvKRtvf7PVyaYz4+AU1o77BQxuABoRUxgAQ91c06gPlA== Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-Migadu-Scanner: scn0.migadu.com X-Migadu-Spam-Score: -1.28 X-Spam-Score: -1.28 X-Migadu-Queue-Id: 0ED54AE35 X-TUID: /rqRbK4yJNjW On 29/01/2023 20:50, Ihor Radchenko wrote: > Max Nikulin writes: >> On 26/01/2023 01:01, Ihor Radchenko wrote: >>> https://bugzilla.mozilla.org/show_bug.cgi?id=1678994 >> >> Bug 1678994 "website permission to open special links in external >> applications not configurable" ... > It appears to be a newer version of Firefox. > I originally got to know about the problem from > https://old.reddit.com/r/emacs/comments/10jr2up/orgprotocol_permissions_on_firefox/ Likely the person uses a bookmarklet to initiate capture. This case JavaScript snippet is executed in the context of the current web site, so it is necessary to confirm permission for each site. I would recommend to install an add-on for org-protocol instead. It would be enough to confirm once that *this extension* is allowed to launch external application through a custom scheme URI. An additional advantage is that if some site were had a malicious org-protocol link hidden by some attractive description then browser would ask user even if some pages on the same site were captured earlier. I faced a similar issue 3 years ago when "always allow" checkbox just disappeared from chromium popup. The popup with permission request appeared because some version of zoom allowed unsolicited video call. They decided that a dialog in the app before switching on camera would be annoying to users. Users already confirmed their intention in the Safari dialog. So other browser had to add this popup as well. The intention is to avoid joining a video call accidentally while being naked. https://infosecwriteups.com/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5?gi=2ed4ab044837 Jonathan Leitschuh. Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website! 2019-07-08 To summarize, I believe that a browser extension is a safer way to use org-protocol. With a native messaging helper application it is even possible to avoid desktop-wide org-protocol configuration and to call emacsclient directly by the add-on but not through links on non-trusted web sites. P.S. Actually launching an application from an add-on is not really reliable as well. The following issue has links to some other bugs. Not to mention that external scheme URI is a shoot and forget approach with hardly possible error detection. (A native host application may check emacsclient exit code.) https://bugzilla.mozilla.org/show_bug.cgi?id=1745931 External scheme handler configured to "Always ask" can not be launched from add-on background page.