GNU bug report logs - #21650
24.5; mh-e keeps trying to open urls

Previous Next

Packages: mh-e, emacs;

Reported by: Simon Gerraty <sjg <at> juniper.net>

Date: Thu, 8 Oct 2015 18:43:01 UTC

Severity: normal

Found in version 24.5

Done: Mike Kupfer <m.kupfer <at> acm.org>

Bug is archived. No further changes may be made.

Full log

Message #30 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Bill Wohler <wohler <at> newt.com>
To: bug-gnu-emacs <at> gnu.org
Subject: Re: bug#21650: 24.5; mh-e keeps trying to open urls
Date: Tue, 22 Dec 2015 22:07:23 -0800

Eli Zaretskii <eliz <at> gnu.org> writes:

>> CC: <21650 <at> debbugs.gnu.org>, <sjg <at> juniper.net>
>> From: "Simon J. Gerraty" <sjg <at> juniper.net>
>> Date: Thu, 8 Oct 2015 13:19:18 -0700
>> 
>> Eli Zaretskii <eliz <at> gnu.org> wrote:
>> > > How do I tell Emacs that under absolutely no circumstances do I want it
>> > > to do this?
>> > 
>> > What exactly is that "this" that you don't want Emacs to do?  
>> 
>> Sorry, I was refering to the opening of urls (tls or otherwise)
>> especially before I've had a chance to even see what they are.
>> 
>> That's a serious attack vector and why I would never choose an html
>> enabled mail reader.
>> 
>> Unfortunately my mail reader of choice (for the last 20 years or so;-)
>> seems to have morphed into one.
>> I'm hoping that that can be turned off.
>> 
>> > It's
>> > hard to help without understanding which part of what you described is
>> > the problem.  (Maybe it's because I don't use MH-E; but TLS
>> > connections are in Emacs core, not in MH-E, which just uses it.)
>> 
>> Sorry, mh-e may be a red-herring.
>> I want to prevent Emacs from opening http[s] urls - at the very least
>> while scanning mail that I've not even been able to read yet.
>
> OK, it's clear now, even to me, thanks ;-)
>
> You've got several suggestions for how to present additional
> information about what triggers the URL access.  I think that
> information will allow us to help you disable this.
>
> In generally, I'd expect to see some option in MH-E to disable this.

MH-E doesn't render HTML directly, so the options would be in the gnus
(and below) libraries.

-- 
Bill Wohler <wohler <at> newt.com> aka <Bill.Wohler <at> nasa.gov>
http://www.newt.com/wohler/
GnuPG ID:610BD9AD
This bug report was last modified 9 years and 22 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.