GNU bug report logs - #58774
29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

Previous Next

Package: emacs;

Reported by: Jean Louis <bugs <at> gnu.support>

Date: Tue, 25 Oct 2022 12:13:02 UTC

Severity: wishlist

Tags: wontfix

Found in version 29.0.50

Done: Stefan Kangas <stefankangas <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: "Dr. Arne Babenhauserheide" <arne_bab <at> web.de>
To: Ihor Radchenko <yantar92 <at> posteo.net>
Cc: 58774 <at> debbugs.gnu.org, Max Nikulin <manikulin <at> gmail.com>, emacs-orgmode <at> gnu.org
Subject: bug#58774: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly
Date: Fri, 28 Oct 2022 10:28:33 +0200

[Message part 1 (text/plain, inline)]
Ihor Radchenko <yantar92 <at> posteo.net> writes:

> "Dr. Arne Babenhauserheide" <arne_bab <at> web.de> writes:
>
>> One idea that could work well is to add an explicit allow-list
>> trusted-sources-to-allow-unsafe-modes with entries of domain and
>> path-prefix where people can add trusted sources.
>>
>> If for example my server were draketo.de,¹ I could set this list to
>>
>> '(("https://www.draketo.de" "/software"))
>>
>> and when I would then open a link like
>>
>>   https://www.draketo.de/software/advent-of-wisp-code-2021.org
>>
>> with eww, it would directly switch to org-mode.
>
> I am a bit lost about the aim of this tread, but let me share some
> existing remote resource controls we have employed on the latest Org:

> (defun org--safe-remote-resource-p (uri)
>   "Return non-nil if URI is considered safe.
> This checks every pattern in `org-safe-remote-resources', and
> returns non-nil if any of them match."

> You can check the implementation at
> https://git.savannah.gnu.org/cgit/emacs/org-mode.git/tree/lisp/org.el#n4540

That’s pretty awesome! Thank you!

So we could have companywide shared setupfiles without granting
ssh-access to machines …

… and to the topic: this may be something that could be re-used in eww.
Though I would prefer having a less-intrusive notification than a y-n
question; maybe just a message in the echo area that with a specific
command this uri could be marked as safe and then get interpreted as org
right away.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 1 year and 259 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.