On 31/01/2023 15:11, Charles Philip Chan wrote:
I have been using this org-protocol addon[1] for more than a year and it has
been rock solid for me. According to the author, bookmarklets are getting less
and less useful because CSP (Content Security Policy) blocking them on many
sites (for example Github)[2].
Thank you for the reminder. Using an add-on to extract metadata, I have
never tried if bookmarklets are affected by CSP.
I think, we assume different definitions of "rock solid". Does it able
to detect that desktop configuration of org-protocol is broken and to
notify the user about failure? I do not use :immediate-finish templates,
but some people do. There is a risk to quietly lost captures. I do not
see other ways to detect errors besides a native messaging helper
application.
(info "(org) Template elements")
https://orgmode.org/manual/Template-elements.html
[2] https://github.com/vifon/org-protocol-for-firefox
This extension uses browser.tabs.update method to launch external
protocol handler. Perhaps in some cases it is better than assigning
window.location.href from a content script like in older
https://github.com/sprig/org-capture-extension/
however I have seen issues with both methods. It is a grey zone and it
is hard to predict which one will be more reliable in next versions of
browsers. Actually some people believe that even mailto: was a hack, it
is not a resource identifier as it can be expected from URI
https://github.com/w3c/web-share/blob/main/docs/explainer.md#why-not-make-a-share-uri-scheme-like-mailto-instead-of-a-javascript-api
https://github.com/chromium/ballista/issues/21
Expand on why registerProtocolHandler and registerProtocolHandler are a hack
The question I have to ask myself, though, is if we were designing
mailto: today, would we do it the same way? And I think the answer is
"no, mailto: is and always was a hack, because we didn't have JavaScript".
So we should not expect that org-protocol: will work reliably in
browsers. Position of a firefox developers concerning external handlers
for custom protocols:
Bug 1744018 - External scheme handler launched by an add-on can be
blocked despite user action
https://bugzilla.mozilla.org/show_bug.cgi?id=1744018#c16
Pairing the extension with a native application and use the
nativeMessaging API seems a better fit for the use case you are describing
