[PATCH] emacs: show: allow user to hide some mime types by default.
Mark Walters writes: > This commit adds a customize variable that allows the user to choose > to hide some mime types by default. They can still choose to view the > part by toggling the part button. > > One use is for hiding all text/html parts. This would mean that some > explicit user action was required before the part was loaded which > would mitigate some of the problems of remote image loading by the > emacs html renderer as detailed by dkg in > id:87ppa7q25w.fsf at alice.fifthhorseman.net. > --- Does this obsolete notmuch-multipart/alternative-discouraged? It seems a bit confusing to have both. At minimum I think n-m/a-d needs some documentation so users know what the relationship is. d
Re: [PATCH] emacs: show: allow user to hide some mime types by default.
Mark Walters markwalters1...@gmail.com writes: This commit adds a customize variable that allows the user to choose to hide some mime types by default. They can still choose to view the part by toggling the part button. One use is for hiding all text/html parts. This would mean that some explicit user action was required before the part was loaded which would mitigate some of the problems of remote image loading by the emacs html renderer as detailed by dkg in id:87ppa7q25w@alice.fifthhorseman.net. --- Does this obsolete notmuch-multipart/alternative-discouraged? It seems a bit confusing to have both. At minimum I think n-m/a-d needs some documentation so users know what the relationship is. d ___ notmuch mailing list notmuch@notmuchmail.org http://notmuchmail.org/mailman/listinfo/notmuch
[PATCH] emacs: show: allow user to hide some mime types by default.
On Fri 2015-01-23 02:21:41 -0500, David Edmondson wrote: > Whilst I think that having this knob is a good thing, I don't think that > it's a solution to the 'text/html renderers access the network' > problem. I can't sensibly (and don't wish to) disable the display of > text/html parts by default (colleagues generate too many text/html > messages to make that feasible, and I have rss2imap generate a bunch of > text/html messages that I want to see in their full glory), but would > definitely like to choose whether a message can sell me out to > advertisers. > > I'm trying to say that this is good, but let's not get into the habit of > telling someone that complains about network access that adding > text/html to `notmuch-show-always-hide-types' is the solution. I agree with this sentiment. I had been grousing earlier (off-list) about rendering html messages in general (i don't like exposing arbitrary attacker-delivered content to a complicated parser where i can avoid it), so i see Mark's patch as a useful tool to prevent that problem, not about remote network access during render. preventing network access from html-rendered messages is better handled in a workaround by (gnus-blocked-images "."), though notmuch should enforce this setting by default when rendering html parts. --dkg
[PATCH] emacs: show: allow user to hide some mime types by default.
On Thu, Jan 22 2015, Mark Walters wrote: > This commit adds a customize variable that allows the user to choose > to hide some mime types by default. They can still choose to view the > part by toggling the part button. > > One use is for hiding all text/html parts. This would mean that some > explicit user action was required before the part was loaded which > would mitigate some of the problems of remote image loading by the > emacs html renderer as detailed by dkg in > id:87ppa7q25w.fsf at alice.fifthhorseman.net. Whilst I think that having this knob is a good thing, I don't think that it's a solution to the 'text/html renderers access the network' problem. I can't sensibly (and don't wish to) disable the display of text/html parts by default (colleagues generate too many text/html messages to make that feasible, and I have rss2imap generate a bunch of text/html messages that I want to see in their full glory), but would definitely like to choose whether a message can sell me out to advertisers. I'm trying to say that this is good, but let's not get into the habit of telling someone that complains about network access that adding text/html to `notmuch-show-always-hide-types' is the solution. > --- > > I think this might be useful anyway (dkg asked for it before he found > the bug) but seems particularly relevant now. > > To use set the variable notmuch-show-always-hide-types to '(text/html) > or use the customize setting to add text/html to the list. > > Given the lack of control we have over the emacs renderers (so > possibility of future problems) we could even set this by default. > > Best wishes > > Mark > > emacs/notmuch-show.el | 18 +- > 1 file changed, 17 insertions(+), 1 deletion(-) > > diff --git a/emacs/notmuch-show.el b/emacs/notmuch-show.el > index 9f6fe07..8f49f17 100644 > --- a/emacs/notmuch-show.el > +++ b/emacs/notmuch-show.el > @@ -234,6 +234,15 @@ every user interaction with notmuch." >:type 'function >:group 'notmuch-show) > > +(defcustom notmuch-show-always-hide-types nil > + "List of mime types that should always be hidden. > + > +This is a list of mime types that should be initally displayed in > +the show buffer as hidden parts; they can be displayed by > +toggling the part button. Wildcards are allowed in the list." > + :type '(repeat string) > + :group 'notmuch-show) > + > (defmacro with-current-notmuch-show-message ( body) >"Evaluate body with current buffer set to the text of current message" >`(save-excursion > @@ -798,6 +807,12 @@ message at DEPTH in the current thread." > (intern (concat "notmuch-show-insert-part-" content-type > result)) > > +(defun notmuch-show-always-hide (mime-type) > + "Is mime-type in notmuch-show-always-hide-types" > + (let (match) > +(dolist (type notmuch-show-always-hide-types match) > + (setq match (or match (notmuch-match-content-type mime-type type)) > + > ;; > > (defun notmuch-show-insert-bodypart-internal (msg part content-type nth > depth button) > @@ -900,7 +915,8 @@ useful for quoting in replies)." >(nth (plist-get part :id)) >(beg (point)) >;; Hide the part initially if HIDE is t. > - (show-part (not (equal hide t))) > + (show-part (and (not (equal hide t)) > + (not (notmuch-show-always-hide mime-type >;; We omit the part button for the first (or only) part if >;; this is text/plain, or HIDE is 'no-buttons. >(button (unless (or (equal hide 'no-buttons) > -- > 2.1.4 > > ___ > notmuch mailing list > notmuch at notmuchmail.org > http://notmuchmail.org/mailman/listinfo/notmuch
Re: [PATCH] emacs: show: allow user to hide some mime types by default.
On Fri 2015-01-23 02:21:41 -0500, David Edmondson wrote: Whilst I think that having this knob is a good thing, I don't think that it's a solution to the 'text/html renderers access the network' problem. I can't sensibly (and don't wish to) disable the display of text/html parts by default (colleagues generate too many text/html messages to make that feasible, and I have rss2imap generate a bunch of text/html messages that I want to see in their full glory), but would definitely like to choose whether a message can sell me out to advertisers. I'm trying to say that this is good, but let's not get into the habit of telling someone that complains about network access that adding text/html to `notmuch-show-always-hide-types' is the solution. I agree with this sentiment. I had been grousing earlier (off-list) about rendering html messages in general (i don't like exposing arbitrary attacker-delivered content to a complicated parser where i can avoid it), so i see Mark's patch as a useful tool to prevent that problem, not about remote network access during render. preventing network access from html-rendered messages is better handled in a workaround by (gnus-blocked-images .), though notmuch should enforce this setting by default when rendering html parts. --dkg ___ notmuch mailing list notmuch@notmuchmail.org http://notmuchmail.org/mailman/listinfo/notmuch
[PATCH] emacs: show: allow user to hide some mime types by default.
This commit adds a customize variable that allows the user to choose to hide some mime types by default. They can still choose to view the part by toggling the part button. One use is for hiding all text/html parts. This would mean that some explicit user action was required before the part was loaded which would mitigate some of the problems of remote image loading by the emacs html renderer as detailed by dkg in id:87ppa7q25w.fsf at alice.fifthhorseman.net. --- I think this might be useful anyway (dkg asked for it before he found the bug) but seems particularly relevant now. To use set the variable notmuch-show-always-hide-types to '(text/html) or use the customize setting to add text/html to the list. Given the lack of control we have over the emacs renderers (so possibility of future problems) we could even set this by default. Best wishes Mark emacs/notmuch-show.el | 18 +- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/emacs/notmuch-show.el b/emacs/notmuch-show.el index 9f6fe07..8f49f17 100644 --- a/emacs/notmuch-show.el +++ b/emacs/notmuch-show.el @@ -234,6 +234,15 @@ every user interaction with notmuch." :type 'function :group 'notmuch-show) +(defcustom notmuch-show-always-hide-types nil + "List of mime types that should always be hidden. + +This is a list of mime types that should be initally displayed in +the show buffer as hidden parts; they can be displayed by +toggling the part button. Wildcards are allowed in the list." + :type '(repeat string) + :group 'notmuch-show) + (defmacro with-current-notmuch-show-message ( body) "Evaluate body with current buffer set to the text of current message" `(save-excursion @@ -798,6 +807,12 @@ message at DEPTH in the current thread." (intern (concat "notmuch-show-insert-part-" content-type result)) +(defun notmuch-show-always-hide (mime-type) + "Is mime-type in notmuch-show-always-hide-types" + (let (match) +(dolist (type notmuch-show-always-hide-types match) + (setq match (or match (notmuch-match-content-type mime-type type)) + ;; (defun notmuch-show-insert-bodypart-internal (msg part content-type nth depth button) @@ -900,7 +915,8 @@ useful for quoting in replies)." (nth (plist-get part :id)) (beg (point)) ;; Hide the part initially if HIDE is t. -(show-part (not (equal hide t))) +(show-part (and (not (equal hide t)) +(not (notmuch-show-always-hide mime-type ;; We omit the part button for the first (or only) part if ;; this is text/plain, or HIDE is 'no-buttons. (button (unless (or (equal hide 'no-buttons) -- 2.1.4
[PATCH] emacs: show: allow user to hide some mime types by default.
On Thu 2015-01-22 16:07:32 -0500, Mark Walters wrote: > This commit adds a customize variable that allows the user to choose > to hide some mime types by default. They can still choose to view the > part by toggling the part button. thanks for this, Mark. I'll try to test it out soon. > Given the lack of control we have over the emacs renderers (so > possibility of future problems) we could even set this by default. If the fear is of uncontrolled emacs renderers, maybe we want to consider using an allowlist instead of a blocklist? --dkg
Re: [PATCH] emacs: show: allow user to hide some mime types by default.
On Thu 2015-01-22 16:07:32 -0500, Mark Walters wrote: This commit adds a customize variable that allows the user to choose to hide some mime types by default. They can still choose to view the part by toggling the part button. thanks for this, Mark. I'll try to test it out soon. Given the lack of control we have over the emacs renderers (so possibility of future problems) we could even set this by default. If the fear is of uncontrolled emacs renderers, maybe we want to consider using an allowlist instead of a blocklist? --dkg ___ notmuch mailing list notmuch@notmuchmail.org http://notmuchmail.org/mailman/listinfo/notmuch
[PATCH] emacs: show: allow user to hide some mime types by default.
This commit adds a customize variable that allows the user to choose to hide some mime types by default. They can still choose to view the part by toggling the part button. One use is for hiding all text/html parts. This would mean that some explicit user action was required before the part was loaded which would mitigate some of the problems of remote image loading by the emacs html renderer as detailed by dkg in id:87ppa7q25w@alice.fifthhorseman.net. --- I think this might be useful anyway (dkg asked for it before he found the bug) but seems particularly relevant now. To use set the variable notmuch-show-always-hide-types to '(text/html) or use the customize setting to add text/html to the list. Given the lack of control we have over the emacs renderers (so possibility of future problems) we could even set this by default. Best wishes Mark emacs/notmuch-show.el | 18 +- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/emacs/notmuch-show.el b/emacs/notmuch-show.el index 9f6fe07..8f49f17 100644 --- a/emacs/notmuch-show.el +++ b/emacs/notmuch-show.el @@ -234,6 +234,15 @@ every user interaction with notmuch. :type 'function :group 'notmuch-show) +(defcustom notmuch-show-always-hide-types nil + List of mime types that should always be hidden. + +This is a list of mime types that should be initally displayed in +the show buffer as hidden parts; they can be displayed by +toggling the part button. Wildcards are allowed in the list. + :type '(repeat string) + :group 'notmuch-show) + (defmacro with-current-notmuch-show-message (rest body) Evaluate body with current buffer set to the text of current message `(save-excursion @@ -798,6 +807,12 @@ message at DEPTH in the current thread. (intern (concat notmuch-show-insert-part- content-type result)) +(defun notmuch-show-always-hide (mime-type) + Is mime-type in notmuch-show-always-hide-types + (let (match) +(dolist (type notmuch-show-always-hide-types match) + (setq match (or match (notmuch-match-content-type mime-type type)) + ;; (defun notmuch-show-insert-bodypart-internal (msg part content-type nth depth button) @@ -900,7 +915,8 @@ useful for quoting in replies). (nth (plist-get part :id)) (beg (point)) ;; Hide the part initially if HIDE is t. -(show-part (not (equal hide t))) +(show-part (and (not (equal hide t)) +(not (notmuch-show-always-hide mime-type ;; We omit the part button for the first (or only) part if ;; this is text/plain, or HIDE is 'no-buttons. (button (unless (or (equal hide 'no-buttons) -- 2.1.4 ___ notmuch mailing list notmuch@notmuchmail.org http://notmuchmail.org/mailman/listinfo/notmuch
Re: [PATCH] emacs: show: allow user to hide some mime types by default.
On Thu, Jan 22 2015, Mark Walters wrote: This commit adds a customize variable that allows the user to choose to hide some mime types by default. They can still choose to view the part by toggling the part button. One use is for hiding all text/html parts. This would mean that some explicit user action was required before the part was loaded which would mitigate some of the problems of remote image loading by the emacs html renderer as detailed by dkg in id:87ppa7q25w@alice.fifthhorseman.net. Whilst I think that having this knob is a good thing, I don't think that it's a solution to the 'text/html renderers access the network' problem. I can't sensibly (and don't wish to) disable the display of text/html parts by default (colleagues generate too many text/html messages to make that feasible, and I have rss2imap generate a bunch of text/html messages that I want to see in their full glory), but would definitely like to choose whether a message can sell me out to advertisers. I'm trying to say that this is good, but let's not get into the habit of telling someone that complains about network access that adding text/html to `notmuch-show-always-hide-types' is the solution. --- I think this might be useful anyway (dkg asked for it before he found the bug) but seems particularly relevant now. To use set the variable notmuch-show-always-hide-types to '(text/html) or use the customize setting to add text/html to the list. Given the lack of control we have over the emacs renderers (so possibility of future problems) we could even set this by default. Best wishes Mark emacs/notmuch-show.el | 18 +- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/emacs/notmuch-show.el b/emacs/notmuch-show.el index 9f6fe07..8f49f17 100644 --- a/emacs/notmuch-show.el +++ b/emacs/notmuch-show.el @@ -234,6 +234,15 @@ every user interaction with notmuch. :type 'function :group 'notmuch-show) +(defcustom notmuch-show-always-hide-types nil + List of mime types that should always be hidden. + +This is a list of mime types that should be initally displayed in +the show buffer as hidden parts; they can be displayed by +toggling the part button. Wildcards are allowed in the list. + :type '(repeat string) + :group 'notmuch-show) + (defmacro with-current-notmuch-show-message (rest body) Evaluate body with current buffer set to the text of current message `(save-excursion @@ -798,6 +807,12 @@ message at DEPTH in the current thread. (intern (concat notmuch-show-insert-part- content-type result)) +(defun notmuch-show-always-hide (mime-type) + Is mime-type in notmuch-show-always-hide-types + (let (match) +(dolist (type notmuch-show-always-hide-types match) + (setq match (or match (notmuch-match-content-type mime-type type)) + ;; (defun notmuch-show-insert-bodypart-internal (msg part content-type nth depth button) @@ -900,7 +915,8 @@ useful for quoting in replies). (nth (plist-get part :id)) (beg (point)) ;; Hide the part initially if HIDE is t. - (show-part (not (equal hide t))) + (show-part (and (not (equal hide t)) + (not (notmuch-show-always-hide mime-type ;; We omit the part button for the first (or only) part if ;; this is text/plain, or HIDE is 'no-buttons. (button (unless (or (equal hide 'no-buttons) -- 2.1.4 ___ notmuch mailing list notmuch@notmuchmail.org http://notmuchmail.org/mailman/listinfo/notmuch ___ notmuch mailing list notmuch@notmuchmail.org http://notmuchmail.org/mailman/listinfo/notmuch
