Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Dr. Arne Babenhauserheide]

Jean Louis  writes:

> * Dr. Arne Babenhauserheide  [2022-10-27 14:23]:
>> 
>> Jean Louis  writes:
>> 
>> > * Jean Louis  [2022-10-25 15:14]:
>> >> 
>> >> This wish request is related to Emacs EWW and Org mode.
>> >> 
>> >> Please make EWW recognize Org file when served by WWW server. Currently
>> >> it does not recognize the MIME type text/x-org and opens the file as
>> >> text, it does not invoke the org mode. In my opinion, it should.
>> >
>> > Now is clear that main problem here is that Org advertises somewhere
>> > to be "text" in MIME context, while it is not, it is by default
>> > "application" and thus unsafe, see:
>> >
>> > Application Media Types
>> > https://datatracker.ietf.org/doc/html/rfc6838#section-4.2.5
>> >
>> > and understand difference to:
>> >
>> > Text Media Types
>> > https://datatracker.ietf.org/doc/html/rfc6838#section-4.2.1
>> >
>> > Thus I suggest that Org changes its MIME type and stop falsely
>> > claiming to be "text" in MIME context, but that content type:
>> > "application/x-org" become adopted, as that way it will become clear
>> > that it is unsafe opening Org as falsely claimed "plain" text.
>> 
>> You are mixing up text/plain and text/*. Orgmode is clearly text/* but
>> not text/plain. From your link:
>
> How do I mix it?

The paragraph about plain text only applies to text/plain.

The following paragraph shows clearly that org-mode is rich-text,
because it can be read without specialized program. And it is: I
sometimes read org-mode documents with nano.

>>Beyond plain text, there are many formats for representing what might
>>be known as "rich text".  An interesting characteristic of many such
>>representations is that they are to some extent readable even without
>>the software that interprets them.  It is useful to distinguish them,
>>at the highest level, from such unreadable data as images, audio, or
>>text represented in an unreadable form.  In the absence of
>>appropriate interpretation software, it is reasonable to present
>>subtypes of "text" to the user, while it is not reasonable to do so
>>with most non-textual data.  Such formatted textual data can be
>>represented using subtypes of "text".
>
> Org is not just rich text for reason as explained here:
> https://datatracker.ietf.org/doc/html/rfc6838#section-4.2.5 so I
> suggest reading it.

This is information that must be processed by an application before it is
viewable or usable by a user"

That is very much *not* the case for org-mode documents.

You’ll have to quote a specific point you mean, because I do not find
anything that supports your point in there.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Jean Louis]

* Dr. Arne Babenhauserheide  [2022-10-27 14:23]:
> 
> Jean Louis  writes:
> 
> > * Jean Louis  [2022-10-25 15:14]:
> >> 
> >> This wish request is related to Emacs EWW and Org mode.
> >> 
> >> Please make EWW recognize Org file when served by WWW server. Currently
> >> it does not recognize the MIME type text/x-org and opens the file as
> >> text, it does not invoke the org mode. In my opinion, it should.
> >
> > Now is clear that main problem here is that Org advertises somewhere
> > to be "text" in MIME context, while it is not, it is by default
> > "application" and thus unsafe, see:
> >
> > Application Media Types
> > https://datatracker.ietf.org/doc/html/rfc6838#section-4.2.5
> >
> > and understand difference to:
> >
> > Text Media Types
> > https://datatracker.ietf.org/doc/html/rfc6838#section-4.2.1
> >
> > Thus I suggest that Org changes its MIME type and stop falsely
> > claiming to be "text" in MIME context, but that content type:
> > "application/x-org" become adopted, as that way it will become clear
> > that it is unsafe opening Org as falsely claimed "plain" text.
> 
> You are mixing up text/plain and text/*. Orgmode is clearly text/* but
> not text/plain. From your link:

How do I mix it?

>Beyond plain text, there are many formats for representing what might
>be known as "rich text".  An interesting characteristic of many such
>representations is that they are to some extent readable even without
>the software that interprets them.  It is useful to distinguish them,
>at the highest level, from such unreadable data as images, audio, or
>text represented in an unreadable form.  In the absence of
>appropriate interpretation software, it is reasonable to present
>subtypes of "text" to the user, while it is not reasonable to do so
>with most non-textual data.  Such formatted textual data can be
>represented using subtypes of "text".

Org is not just rich text for reason as explained here:
https://datatracker.ietf.org/doc/html/rfc6838#section-4.2.5 so I
suggest reading it.

Examples of content types for some "rich" text formats:

.odtOpenDocument text document
application/vnd.oasis.opendocument.text

.rtfRich Text Format (RTF)  application/rtf

.xhtml  XHTML   application/xhtml+xml

xml XML application/xml is recommended as of RFC 7303 (section
4.1), but text/xml is still used sometimes. You can assign a specific
MIME type to a file with .xml extension depending on how its contents
are meant to be interpreted. For instance, an Atom feed is
application/atom+xml, but application/xml serves as a valid default.

Review definition of "application/*" type.

-- 
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Dr. Arne Babenhauserheide]

Jean Louis  writes:

> * Jean Louis  [2022-10-25 15:14]:
>> 
>> This wish request is related to Emacs EWW and Org mode.
>> 
>> Please make EWW recognize Org file when served by WWW server. Currently
>> it does not recognize the MIME type text/x-org and opens the file as
>> text, it does not invoke the org mode. In my opinion, it should.
>
> Now is clear that main problem here is that Org advertises somewhere
> to be "text" in MIME context, while it is not, it is by default
> "application" and thus unsafe, see:
>
> Application Media Types
> https://datatracker.ietf.org/doc/html/rfc6838#section-4.2.5
>
> and understand difference to:
>
> Text Media Types
> https://datatracker.ietf.org/doc/html/rfc6838#section-4.2.1
>
> Thus I suggest that Org changes its MIME type and stop falsely
> claiming to be "text" in MIME context, but that content type:
> "application/x-org" become adopted, as that way it will become clear
> that it is unsafe opening Org as falsely claimed "plain" text.

You are mixing up text/plain and text/*. Orgmode is clearly text/* but
not text/plain. From your link:

   Beyond plain text, there are many formats for representing what might
   be known as "rich text".  An interesting characteristic of many such
   representations is that they are to some extent readable even without
   the software that interprets them.  It is useful to distinguish them,
   at the highest level, from such unreadable data as images, audio, or
   text represented in an unreadable form.  In the absence of
   appropriate interpretation software, it is reasonable to present
   subtypes of "text" to the user, while it is not reasonable to do so
   with most non-textual data.  Such formatted textual data can be
   represented using subtypes of "text".

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Jean Louis]

* Jean Louis  [2022-10-25 15:14]:
> 
> This wish request is related to Emacs EWW and Org mode.
> 
> Please make EWW recognize Org file when served by WWW server. Currently
> it does not recognize the MIME type text/x-org and opens the file as
> text, it does not invoke the org mode. In my opinion, it should.

Now is clear that main problem here is that Org advertises somewhere
to be "text" in MIME context, while it is not, it is by default
"application" and thus unsafe, see:

Application Media Types
https://datatracker.ietf.org/doc/html/rfc6838#section-4.2.5

and understand difference to:

Text Media Types
https://datatracker.ietf.org/doc/html/rfc6838#section-4.2.1

Thus I suggest that Org changes its MIME type and stop falsely
claiming to be "text" in MIME context, but that content type:
"application/x-org" become adopted, as that way it will become clear
that it is unsafe opening Org as falsely claimed "plain" text.

Main reason to change MIME for Org files is that Org is opened mainly
by Emacs -- and Emacs itself has programming language built-in. It is
equivalent to opening Perl file example.pl with "perl" command.

Quote from RFC6838:
---

For example, a meeting scheduler might define a standard
representation for information about proposed meeting dates.  An
intelligent user agent would use this information to conduct a dialog
with the user, and might then send additional material based on that
dialog.  More generally, there have been several "active" languages
developed in which programs in a suitably specialized language are
transported to a remote location and automatically run in the
recipient's environment.  Such applications may be defined as subtypes
of the "application" top-level type.

Other comments: one can see from above that MIME types are useful to
execute remote programs, and there is nothing fundamentally wrong with
it. We can't just speak of safety alone when we are in general
computing environment, we must also speak of usefulness.

My initial request was not to execute Babel code in Org files or any
other code in Org files, but the basic viewing, browsing and linking
capacity of Org files, similarly to HTML. 

My notes are on meta level, they export to Org for presentation
purposes. Not really for execution purposes. Though it is also useful.

All I want is to access my personal read-only Org files by using WWW
and browse from one to the other by using links. 

While one may achieve similar hyperlinking features with HTML export,
exporting to HTML and making sure of details is very bloated activity
that also requires much supervision of the presentation.  It generates
work and takes time. It also requires browsers, separate software to
handle Org objects innate to Emacs. Why?

Generating Org files with all relational referencing and making them
accessible from WWW straight to Emacs makes life simpler.

It implies teaching Emacs EWW how to open various content types. 


--
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Rudolf Adamkovič]

Jean Louis  writes:

>> This should be trivial to do, I think.

+1 and I say: consider contributing to EWW!

I noticed that the EWW manual says

  PDFs are viewed inline, by default, with doc-view-mode, but this can
  be customized by using the mailcap (see mailcap in Emacs MIME Manual)
  mechanism, in particular mailcap-mime-data.

For some reason, it made me think that EWW uses MIME correctly.

So, I evaluated

  (add-to-list 'mailcap-mime-data
   (list "org"
 (cons 'viewer 'org-mode)
 (cons 'type "text/x-org")))

but it did not work.  What the hack!

To satisfy my curiosity, I decided to look at the source code.

In eww.el, the eww-render procedure parses the content-type header and
stores its value in a local let binding.  After that, it dispatches to
the various "display" procedures EWW comes with, such as

((equal (car content-type) "application/pdf")
(eww-display-pdf))

The eww-display-pdf procedure then looks up the MIME viewer for the
application/pdf MIME type specifically.

If no dispatch fits, EWW ends up calling eww-display-raw.

TL;DR EWW hard-codes a couple of MIME types.

You could improve the situation in various ways.

For example, you could

(1) patch EWW to expose the eww-content-type for the user to use, or
(2) patch EWW to look up MIME for not just the PDF.

You could hack something local to you as well, but a patch would make
EWW better for all of us.  So, win-win!

Rudy
-- 
"Programming reliably -- must be an activity of an undeniably
mathematical nature […] You see, mathematics is about thinking, and
doing mathematics is always trying to think as well as possible."
-- Edsger W. Dijkstra, 1981

Rudolf Adamkovič  [he/him]
Studenohorská 25
84103 Bratislava
Slovakia

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Andreas Schwab]

On Okt 26 2022, Jean Louis wrote:

> If there is way to extend EWW and Emacs in such way that I can tell
> EWW what to do on certain content type, just as I do with other
> browsers, that would solve the problem.

This is what browse-url-handlers is for.

-- 
Andreas Schwab, SUSE Labs, sch...@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Jean Louis]

* Dr. Arne Babenhauserheide  [2022-10-26 14:58]:
> I may have misunderstood what you want.
> 
> Do you want eww to open text/x-org files in org-mode by default, or do
> you search for a way how you can modify your local eww to open
> text/x-org files with org-mode?
> 
> My worries apply to the first, not to the second (there users know what
> they get into).

If there is way to extend EWW and Emacs in such way that I can tell
EWW what to do on certain content type, just as I do with other
browsers, that would solve the problem.

Then I can say, please EWW, open "text/x-org" content type with
org-mode.

-- 
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Dr. Arne Babenhauserheide]

Jean Louis  writes:

>> If you ask me whether I can make this work safely: This would first
>> require the introduction of a safe-org-mode which strictly disables all
>> features that can execute remote code or disguise unsafe operations as
>> safe ones. If a user then decides to explicitly call M-x org-mode,
>> that’s their problem.
>
> Thanks, though, that was not my request.
>
> Please note that you miss very important issue, and that is that all
> browsers support customization on how to open specific content types,
> so it is quite trivial to customize in browser to open Common Lisp
> program with Common Lisp. 

I may have misunderstood what you want.

Do you want eww to open text/x-org files in org-mode by default, or do
you search for a way how you can modify your local eww to open
text/x-org files with org-mode?

My worries apply to the first, not to the second (there users know what
they get into).

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Jean Louis]

* Ag Ibragimov  [2022-10-26 01:13]:
> Can't you just use one of hooks (e.g., eww-after-render-hook) where you
> inspect the URL and if it's .org, just change the mode?
> 
> This should be trivial to do, I think.

I need to inspect content type. Not extension.

My WWW file may be of HTML content type, while ending with .org, that
is not the way: https://www.example.com/my.file.org could have
text/html content type. 

Using extension on WWW is incorrect.

-- 
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Jean Louis]

Forgot this attached file, so you can see how easy it is to customize
Iceweasel to open Org files, it works well.

Org files are native to Emacs, I wish to open Org files by using EWW.


-- 
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/


signature.asc
Description: PGP signature

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Jean Louis]

* Dr. Arne Babenhauserheide  [2022-10-26 01:02]:
> All of the Emacs packages have some amount of implicit trust.

Users are unaware what package may do, and packages are everywhere on
Internet. That is not a problem that I wish to solve.

> If you ask me whether I can make this work safely: This would first
> require the introduction of a safe-org-mode which strictly disables all
> features that can execute remote code or disguise unsafe operations as
> safe ones. If a user then decides to explicitly call M-x org-mode,
> that’s their problem.

Thanks, though, that was not my request.

Please note that you miss very important issue, and that is that all
browsers support customization on how to open specific content types,
so it is quite trivial to customize in browser to open Common Lisp
program with Common Lisp. 

Thus all of browsers who allow content type customization are
analogous to problem you are presenting, which in fact is no practical
problem at all. 

Find the victim first, then present the problem.

To understand is that content type opening is generally not secure and
that it is user choice.

I am user of Org mode, and all I wish is to adapt eww to invoke
command "org-mode" once content type text/x-org has been recognized.

This way I can browse Org files directly, it is very useful for me as
I have bunch of files.

> If you ask me whether I know how to make this work unsafely: It likely
> won’t need a lot of elisp reading, but I do not, because I do not look
> for it, because if I did, I would not.

Well then 

> I do not want to be the one who caused the systems of eww users to get
> breached, or who helped opening that security hole.

See above, all other content types and URL links may be customized by
user to be opened how users want it. 

Your security presentation lacks the background knowledge.

See the attached screenshot how easy it was to customize IceWeasel or
Firefox derivate to open Org files by using Emacs client. I have
script called "edit" which invoces emacsclient.

-- 
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Ag Ibragimov]

Can't you just use one of hooks (e.g., eww-after-render-hook) where you
inspect the URL and if it's .org, just change the mode?

This should be trivial to do, I think.

Jean Louis  writes:

> This wish request is related to Emacs EWW and Org mode.
>
> Please make EWW recognize Org file when served by WWW server. Currently
> it does not recognize the MIME type text/x-org and opens the file as
> text, it does not invoke the org mode. In my opinion, it should.
>
> Inspect following file by using lynx:
>
> $ lynx -head https://gnu.support/files/tmp/example.org
>
> uHTTP/1.1 200 OK
> Server: nginx/1.14.2
> Date: Tue, 25 Oct 2022 12:04:26 GMT
> Content-Type: text/x-org
> Content-Length: 364
> Last-Modified: Tue, 25 Oct 2022 11:58:22 GMT
> Connection: close
> ETag: "6357cf5e-16c"
> Accept-Ranges: bytes
>
> One can see that Content-Type is text/x-org
>
> My expectation is that EWW opens the Org file served by WWW server in
> Org mode. But it doesn't. Can this be done?
>
> This will open opportunity to directly serve Org files by using WWW
> servers and to browse such files through Emacs, meaning, bunch of notes,
> tasks and similar may be kept online, with or without protection and
> directly accessed by Emacs. It becomes new area or WWO or World Wide Org
> environment.
>
>
>
> In GNU Emacs 29.0.50 (build 7, x86_64-pc-linux-gnu, X toolkit, cairo
>  version 1.17.6, Xaw3d scroll bars) of 2022-10-10 built on
>  protected.rcdrun.com
> Repository revision: ed436db1320339862fad5ac754a6ec42de06c766
> Repository branch: master
> Windowing system distributor 'The X.Org Foundation', version 11.0.12101004
> System Description: Parabola GNU/Linux-libre
>
> Configured using:
>  'configure --with-x-toolkit=lucid'
>
> Configured features:
> ACL CAIRO DBUS FREETYPE GIF GLIB GMP GNUTLS GPM GSETTINGS HARFBUZZ JPEG
> JSON LCMS2 LIBOTF LIBSYSTEMD LIBXML2 M17N_FLT MODULES NOTIFY INOTIFY
> PDUMPER PNG RSVG SECCOMP SOUND SQLITE3 THREADS TIFF TOOLKIT_SCROLL_BARS
> WEBP X11 XAW3D XDBE XIM XINPUT2 XPM LUCID ZLIB
>
> Important settings:
>   value of $LC_ALL: en_US.UTF-8
>   value of $LANG: de_DE.UTF-8
>   value of $XMODIFIERS: @im=exwm-xim
>   locale-coding-system: utf-8-unix
>
> Major mode: Message
>
> Minor modes in effect:
>   mml-mode: t
>   tooltip-mode: t
>   global-eldoc-mode: t
>   show-paren-mode: t
>   electric-indent-mode: t
>   mouse-wheel-mode: t
>   tool-bar-mode: t
>   menu-bar-mode: t
>   file-name-shadow-mode: t
>   global-font-lock-mode: t
>   font-lock-mode: t
>   blink-cursor-mode: t
>   line-number-mode: t
>   auto-fill-function: message-do-auto-fill
>   transient-mark-mode: t
>   auto-composition-mode: t
>   auto-encryption-mode: t
>   auto-compression-mode: t
>   abbrev-mode: t
>
> Load-path shadows:
> None found.
>
> Features:
> (shadow sort emacsbug mail-extr org-timer org-colview org-clock
> org-attach org-id org-archive org-agenda org-refile ol-eww eww xdg
> url-queue thingatpt mm-url ol-rmail ol-mhe ol-irc ol-info ol-gnus
> nnselect gnus-art mm-uu mml2015 mm-view mml-smime smime gnutls dig
> gnus-sum shr pixel-fill kinsoku url-file svg dom browse-url url
> url-proxy url-privacy url-expand url-methods url-history url-cookie
> generate-lisp-file url-domsuf url-util url-parse auth-source cl-seq
> eieio eieio-core cl-macs url-vars gnus-group gnus-undo gnus-start
> gnus-dbus dbus xml gnus-cloud nnimap nnmail mail-source utf7 nnoo
> parse-time gnus-spec gnus-int gnus-range message sendmail mailcap
> yank-media puny rfc822 mml mml-sec password-cache epa derived epg
> rfc6068 epg-config mm-decode mm-bodies mm-encode mail-parse rfc2231
> rfc2047 rfc2045 ietf-drums mailabbrev gmm-utils mailheader gnus-win gnus
> nnheader gnus-util text-property-search mail-utils range mm-util
> mail-prsvr wid-edit ol-docview doc-view filenotify jka-compr image-mode
> exif dired dired-loaddefs ol-bibtex ol-bbdb ol-w3m ol-doi org-link-doi
> reporter org ob ob-tangle ob-ref ob-lob ob-table ob-exp org-macro
> org-footnote org-src ob-comint org-pcomplete pcomplete comint ansi-osc
> ansi-color ring org-list org-faces org-entities noutline outline icons
> org-version ob-emacs-lisp ob-core ob-eval org-table oc-basic json map
> byte-opt gv bytecomp byte-compile cconv bibtex iso8601 time-date subr-x
> ol rx org-keys oc org-compat advice org-macs org-loaddefs format-spec
> find-func cal-menu calendar cal-loaddefs cl-loaddefs cl-lib rmc
> iso-transl tooltip eldoc paren electric uniquify ediff-hook vc-hooks
> lisp-float-type elisp-mode mwheel term/x-win x-win term/common-win x-dnd
> tool-bar dnd fontset image regexp-opt fringe tabulated-list replace
> newcomment text-mode lisp-mode prog-mode register page tab-bar menu-bar
> rfn-eshadow isearch easymenu timer select scroll-bar mouse jit-lock
> font-lock syntax font-core term/tty-colors frame minibuffer nadvice seq
> simple cl-generic indonesian philippine cham georgian utf-8-lang
> misc-lang vietnamese tibetan thai tai-viet lao korean japanese eucjp-ms
> cp51932 hebrew greek romanian slovak czech 

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Ihor Radchenko]

"Dr. Arne Babenhauserheide"  writes:

> This sounds dangerous. Org mode can execute untrusted code, so this
> could trick people into running untrusted code with the permissions of
> their Emacs.
>
> Links in org-mode can run shell scripts. Yes, they usually ask, but this
> may be changed it a local Emacs, trusting that it will only be used to
> open trusted local files.

You are exaggerating the situation.
The "problem" with shell links you are describing is a question of
setting variables and is also disabled by default.

eww-mode, when loading Org page, could simply set
org-link-shell-confirm-function to its default value.

-- 
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at .
Support Org development at ,
or support my work at 

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Dr. Arne Babenhauserheide]

Jean Louis  writes:

> * Dr. Arne Babenhauserheide  [2022-10-25 18:06]:
>> > This wish request is related to Emacs EWW and Org mode.
>> >
>> > Please make EWW recognize Org file when served by WWW server. Currently
>> > it does not recognize the MIME type text/x-org and opens the file as
>> > text, it does not invoke the org mode. In my opinion, it should.
>> 
>> This sounds dangerous. Org mode can execute untrusted code, so this
>> could trick people into running untrusted code with the permissions of
>> their Emacs.
>
> I can always do that in Emacs, execute untrusted code. There are no
> trust mechanisms for plethora of Emacs packages and codes distributed
> over Internet. 

All of the Emacs packages have some amount of implicit trust. Even melpa
carefully vets packages nowadays. That’s not the case for some website
you visit.

> That was not my request.
>
> Do you know how to make this work?

If you ask me whether I can make this work safely: This would first
require the introduction of a safe-org-mode which strictly disables all
features that can execute remote code or disguise unsafe operations as
safe ones. If a user then decides to explicitly call M-x org-mode,
that’s their problem.

If you ask me whether I know how to make this work unsafely: It likely
won’t need a lot of elisp reading, but I do not, because I do not look
for it, because if I did, I would not.

I do not want to be the one who caused the systems of eww users to get
breached, or who helped opening that security hole.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Jean Louis]

* Dr. Arne Babenhauserheide  [2022-10-25 18:06]:
> > This wish request is related to Emacs EWW and Org mode.
> >
> > Please make EWW recognize Org file when served by WWW server. Currently
> > it does not recognize the MIME type text/x-org and opens the file as
> > text, it does not invoke the org mode. In my opinion, it should.
> 
> This sounds dangerous. Org mode can execute untrusted code, so this
> could trick people into running untrusted code with the permissions of
> their Emacs.

I can always do that in Emacs, execute untrusted code. There are no
trust mechanisms for plethora of Emacs packages and codes distributed
over Internet. 

That was not my request.

Do you know how to make this work?

-- 
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/

Re: 29.0.50; [WISH]: Let us make EWW browse WWW Org files correctly

[Dr. Arne Babenhauserheide]

Jean Louis  writes:

> This wish request is related to Emacs EWW and Org mode.
>
> Please make EWW recognize Org file when served by WWW server. Currently
> it does not recognize the MIME type text/x-org and opens the file as
> text, it does not invoke the org mode. In my opinion, it should.

This sounds dangerous. Org mode can execute untrusted code, so this
could trick people into running untrusted code with the permissions of
their Emacs.

Links in org-mode can run shell scripts. Yes, they usually ask, but this
may be changed it a local Emacs, trusting that it will only be used to
open trusted local files.

The threat model of eww changes a lot when any file on the web can
request being opened with org-mode.

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de


signature.asc
Description: PGP signature