Ihor Radchenko <yanta...@posteo.net> writes:
> "Dr. Arne Babenhauserheide" <arne_...@web.de> writes:
>
>> One idea that could work well is to add an explicit allow-list
>> trusted-sources-to-allow-unsafe-modes with entries of domain and
>> path-prefix where people can add trusted sources.
>>
>> If for example my server were draketo.de,¹ I could set this list to
>>
>> '(("https://www.draketo.de"; "/software"))
>>
>> and when I would then open a link like
>>
>> https://www.draketo.de/software/advent-of-wisp-code-2021.org
>>
>> with eww, it would directly switch to org-mode.
>
> I am a bit lost about the aim of this tread, but let me share some
> existing remote resource controls we have employed on the latest Org:> (defun org--safe-remote-resource-p (uri) > "Return non-nil if URI is considered safe. > This checks every pattern in `org-safe-remote-resources', and > returns non-nil if any of them match." > You can check the implementation at > https://git.savannah.gnu.org/cgit/emacs/org-mode.git/tree/lisp/org.el#n4540 That’s pretty awesome! Thank you! So we could have companywide shared setupfiles without granting ssh-access to machines … … and to the topic: this may be something that could be re-used in eww. Though I would prefer having a less-intrusive notification than a y-n question; maybe just a message in the echo area that with a specific command this uri could be marked as safe and then get interpreted as org right away. Best wishes, Arne -- Unpolitisch sein heißt politisch sein, ohne es zu merken. draketo.de
signature.asc
Description: PGP signature
