Policy for opening url links in documents

Pavel Sanda sanda at lyx.org
Thu Aug 17 14:47:06 UTC 2023


On Thu, Aug 17, 2023 at 08:54:43AM +0200, Jürgen Spitzmüller wrote:
> I am not sure we really need a pref to bypass this measure, or disable
> the feature completely (as in needauth). This strikes me
> overregulation.

I don't have clerar opinion here.

> BTW are we talking URLs only or also links to local files?


I am actually not sure what magic can be done with the scheme prefixes,
like what happen on mac if you specify something else than "file:///"
or if the file is executable and you call it with "open", so we should
be careful here. 

> If the latter is also considered to be harmful, things will get significantly
> more complicated if lyxpaperview.py is involved.

That was the reason that lyxpaperview.py has already separated RC variable and
is disabled by default. We could add one more warning in tooltip, that you
enabling it is security risk. Or move that option to need auth section, so it's
clear that it security-related option and you should know what you are doing.

On the other hand to me the primary question is whether you trust the source of the
document (basically someone else than you?), so the proposed warning dialog
should imho ask whether you trust origin of the document and cover at once all
three cases:

- hyperlinks 
- citation urls
- lyxpaperview seraches.

Pavel


More information about the lyx-devel mailing list