"Dr. Arne Babenhauserheide" <arne_...@web.de> writes:
> Max Nikulin <maniku...@gmail.com> writes:
>
>> How are you going to distinguish your personal files and arbitrary
>> files from non-trusted sources? By signing your files and maintaining
>> list of trusted certificates?
>
> One idea that could work well is to add an explicit allow-list
> trusted-sources-to-allow-unsafe-modes with entries of domain and
> path-prefix where people can add trusted sources.
>
> If for example my server were draketo.de,¹ I could set this list to
>
> '(("https://www.draketo.de"; "/software"))
>
> and when I would then open a link like
>
> https://www.draketo.de/software/advent-of-wisp-code-2021.org
>
> with eww, it would directly switch to org-mode.
>
>
> If, however, I would open the link
>
> https://draketo.de.evil.attacks/software/advent-of-wisp-code-2021.org
>
> with eww, it would display it as plain text, because it would not be in
> the list of trusted sources.
I am a bit lost about the aim of this tread, but let me share some
existing remote resource controls we have employed on the latest Org:
(defun org--should-fetch-remote-resource-p (uri)
"Return non-nil if the URI should be fetched."
(defun org--safe-remote-resource-p (uri)
"Return non-nil if URI is considered safe.
This checks every pattern in `org-safe-remote-resources', and
returns non-nil if any of them match."
(defun org--confirm-resource-safe (uri)
"Ask the user if URI should be considered safe, returning non-nil if so."
You can check the implementation at
https://git.savannah.gnu.org/cgit/emacs/org-mode.git/tree/lisp/org.el#n4540
--
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>
