[Lilypond-auto] [LilyIssues-auto] [testlilyissues:issues] #5342 lilypond-invoke-editor only should only handle textedit URIs

Mon, 11 Jun 2018 10:30:14 -0700 

Gabriel Corona - 2018-06-03

The Firefox -remote OpenURL(...) in many different programs is a remain from a 
long past. I doesn't work on recent versions of Firefox (and I think it has not 
been working for quite a few years).

If you checkout on aee02594be68a968bb843f87d3264777099e46b4 you still have this 
vulnerable code:

~~~
    (define (run-browser uri)
      (system
       (if (getenv "BROWSER")
           (format #f "~a ~a" (getenv "BROWSER") uri)
           (format #f "firefox -remote 'OpenURL(~a,new-tab)'" uri))))
~~~



---

** [issues:#5342] lilypond-invoke-editor only should only handle textedit URIs**

**Status:** New
**Created:** Mon Jun 11, 2018 05:26 PM UTC by pkx166h
**Last Updated:** Mon Jun 11, 2018 05:26 PM UTC
**Owner:** nobody


This came out of both 

https://sourceforge.net/p/testlilyissues/issues/5243/

and

https://sourceforge.net/p/testlilyissues/issues/5334/

>From Knut Petersen - 2018-06-03

I think that lilypond-invoke-editor only should only handle textedit URIs. It 
might be a good idea to have a 2nd look at the patch I suggested in 2017.

https://codereview.appspot.com/336240043
https://sourceforge.net/p/testlilyissues/issues/5243/

On top of current master
git revert aee02594be68a968bb843f87d3264777099e46b4
git revert 39f800a7e5acb7cc5da6424c99fd2690e389495a
git revert 807f5eb8cd631133da3be6897e3e8fa7202e089d
wget https://codereview.appspot.com/download/issue336240043_60001.diff
would be needed to for a test build.

In 2017 one objection was that my patch does not change the code in lily.scm 
... do you we really need to change that code? I don't see a problem as the 
code is executed by lilypond, we give the arguments. But maybe I don't have the 
imagination to see a security hole ... 


---

Sent from sourceforge.net because testlilyissues-a...@lists.sourceforge.net is 
subscribed to https://sourceforge.net/p/testlilyissues/issues/

To unsubscribe from further messages, a project admin can change settings at 
https://sourceforge.net/p/testlilyissues/admin/issues/options.  Or, if this is 
a mailing list, you can unsubscribe from the mailing list.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Testlilyissues-auto mailing list
testlilyissues-a...@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/testlilyissues-auto
  • [Lilypond-... Auto mailings of changes to Lily Issues via Testlilyissues-auto
    • [Lily... Auto mailings of changes to Lily Issues via Testlilyissues-auto
    • [Lily... Auto mailings of changes to Lily Issues via Testlilyissues-auto
    • [Lily... Auto mailings of changes to Lily Issues via Testlilyissues-auto
    • [Lily... Auto mailings of changes to Lily Issues via Testlilyissues-auto

Reply via email to