On 6/24/25 4:22 PM, Gabriel Corona wrote:
As was said by Solar Designer, if a "safe" version is needed,
it should probably be the default when going through URI scheme
registrations. This is because, as you said, this kind of issue
lies in the interaction between several components (URI sources,
URI sinks and URI go-betweens such as xdg-open) and it would
certainly be possible to find a way to bypass the behavior
otherwise.
I would think that all browsers should implement the safe behavior or
URL handler registrations and allow the user (or enterprise) to adjust
the policy within settings. This would limit the issue for the vast
majority of users, but allow folks to turn on the old behavior until
applications can be fixed. I suspect this could break some auth flows
that rely on handlers right now within many apps. (game launchers,
enterprise tools, etc)
I don't think the right place to handle this is xdg-open. Essentially,
browsers are trusting unsafe input as is.
--
Lucas Holt
l...@foolishgames.com
________________________________________________________
MidnightBSD.org (Free OS)
JustJournal.com (Free blogging)
