ploum
/
offpunk
forked from solderpunk/AV-98
3
8
Fork 0
Code Issues Pull Requests Projects Releases 9 Wiki Activity
858 Commits 3 Branches 23 Tags 3.2 MiB
Commit Graph

858 Commits

Author SHA1 Message Date
Maeve Sproule - code at sprock.dev 1f516b6733 Avoid passing improperly escaped paths to shell 
This should fix https://notabug.org/ploum/offpunk/issues/9 . This
involves a few closely-related changes to subprogram execution:
- If a path, url or file contents were being passed using `cat` or
  `echo`, the code was changed to pass the file/string on stdin. This
  also makes several pipelines into single programs and should allow for
  the removal of `shell=True` in the future.
- For `file`, `xdg-open` and `less`, which either can't accept their
  input on stdin or otherwise use the path, the paths are now being
  escaped with `shlex.quote()`.
- Finally, the environment variable $LESSHISTFILE is now being set in
  python code, where escaping is not necessary.

Notably, the argument to `grep` in `less_cmd()` is not quoted in this
commit, since I was unsure of how it was meant to be used. If the
argument is not already quoted, this should probably be passed through
`shlex.quote()`.

This does not do the following, which may be desired:
- This does not disable `shell=True` anywhere, since `subprocess.run()`
  requires the command to be already split into a list of strings. I
  think this would just require a `shlex.split()` in `run()` when this
  is disabled, but it may require more thought.
- Some of the invoked programs (with the notable exception of `echo` and
  `xdg-open`) support the use of "--" to prevent any following arguments
  from being treated as program flags if they start with "-". I don't
  believe there are any paths that start with "-", but it may make sense
  to include this where possible.

I have briefly tested this commit, but it touches quite a few code
paths, so there might be bugs that I missed.
 2022-12-01 17:07:44 +01:00
Lionel Dricot e76b2a13e0 accept_bad_ssl_certificates with --assume-yes 2022-11-30 21:02:17 +01:00
Lionel Dricot c15d452d34 deprecating restricted mode 2022-11-30 20:57:23 +01:00
Lionel Dricot fc8cb2f163 moved all references to sourcehut repository 2022-11-30 16:07:33 +01:00
Lionel Dricot 1c9380835c removing dependency on cgi and implementing our own mime parser 2022-11-30 00:11:44 +01:00
Lionel Dricot 75b20e4982 deep bug in handling display modes that became apparent by breaking cp raw 2022-11-27 01:15:37 +01:00
Lionel Dricot 464fcf3773 highly experimental : trying to access gemini://océane.fr and it still fails 2022-11-24 16:26:36 +01:00
Sotiris Papatheodorou - sotiris at papatheodorou.xyz c02eba5e3e add support for the finger protocol 2022-11-24 12:36:55 +01:00
Lionel Dricot afa89097b2 better feedback when streaming 2022-11-24 10:48:38 +01:00
Lionel Dricot 2d5c17d2fd changelog 2022-11-21 00:07:21 +01:00
Marty Oehme - marty.oehme at gmail.com 0af34aa7e1 fix crash on missing index when listing contents 
Fixes a crash when trying to look up the contents of the current index
using `ls` command whenever there is no current page loaded by making a
current item a requirement.
 2022-11-21 00:05:25 +01:00
Lionel Dricot c1f6119e80 accepting_bad_ssl_certificates requires python-requests 2022-11-17 10:30:12 +01:00
Lionel Dricot 2e566f7220 accept localhost as a valid url 2022-11-16 21:45:51 +01:00
Lionel Dricot ff04177d53 set accept_bad_ssl_certificates 2022-11-16 14:44:47 +01:00
Lionel Dricot 06b2a56ed3 certdir variable was not initialised without HAS_CRYPTOGRAPHY (see bug #2) 2022-11-16 10:06:35 +01:00
Lionel Dricot 7baccbb15f v 1.7.1 2022-11-15 17:01:13 +01:00
Lionel Dricot af361bd4ad typo in changelog 2022-11-15 14:13:37 +01:00
Lionel Dricot 041146e3f1 offpunk 1.7 2022-11-15 13:55:39 +01:00
Sotiris Papatheodorou - sotiris at papatheodorou.xyz fb550a19bc fix typo in package name 2022-11-15 13:36:07 +01:00
Lionel Dricot 539b287901 new search and wikipedia commands 2022-11-14 21:33:40 +01:00
Lionel Dricot 39ad7ee7b7 comment for debugging stuck requests 2022-11-14 19:17:20 +01:00
Lionel Dricot f9b8ccaf9b hidden links in gopher/gemini 2022-11-10 23:50:16 +01:00
Lionel Dricot dd02476ae2 fixing list creation with fetch-later 2022-11-09 23:30:54 +01:00
Lionel Dricot 01b1bd56c4 automatically create system lists when needed 2022-11-05 23:14:41 +01:00
Lionel Dricot a60cbd9297 solving crash when adding wrong url to tour 2022-11-03 12:59:15 +01:00
Lionel Dricot c1538f2f9b autocompletion now working as expected 2022-11-02 15:47:57 +01:00
Lionel Dricot 8bd68ca02b introducing autocompletion for list/add/move 2022-11-02 00:58:41 +01:00
Lionel Dricot fbdff91f01 trying to not use shell=True (Wip) 2022-11-01 17:34:04 +01:00
Lionel Dricot f3bb6cd7f0 avoid a crash related to bug #9 2022-11-01 17:04:30 +01:00
Lionel Dricot bee6fd9e40 computing size of http body out of the if condition seems to help being stuck in some strange cases 2022-10-25 01:15:57 +02:00
Lionel Dricot c6d52b3c19 investigating sync perf 2022-10-20 22:53:33 +02:00
Lionel Dricot 68b278fe13 solve a crash when loading html pages with empty links 2022-10-15 18:25:15 +02:00
Lionel Dricot b3b9bff849 fix screenshot link for sourcehut 2022-10-12 13:17:29 +02:00
Lionel Dricot f388be39d6 releasing offpunk 1.6 2022-10-12 11:29:37 +02:00
Lionel Dricot 1ff77e796d consider .xml as feeds to avoid false detection as SVG by file 2022-10-10 11:00:58 +02:00
Lionel Dricot addab31f49 yet another try at fixing timg bugs 2022-10-08 23:20:30 +02:00
Lionel Dricot 8d242ef06e workaround old timg bug 2022-10-08 00:42:46 +02:00
Lionel Dricot 15d76dd05d redirect reddit to teddit (fix #12) 2022-10-08 00:16:28 +02:00
Lionel Dricot 230c359aff handling the case where gi is none 2022-10-07 16:07:03 +02:00
Lionel Dricot 0b06c360da base64 support seems to work. More testing needed 2022-10-07 15:51:26 +02:00
Lionel Dricot f7f78564a2 refactoring: replacing the self.lookup table with calls to gi.get_links for consistency 2022-10-07 14:45:44 +02:00
Lionel Dricot 93c666458a refactoring base64 support 2022-10-07 13:56:55 +02:00
Lionel Dricot 9ae464f154 initial support for base64 images in html. Still a bug with link counting. 2022-10-07 11:19:23 +02:00
Lionel Dricot 0a3024f765 automatically download the rss feed of a webpage during sync (fix #14) 2022-10-06 22:30:09 +02:00
Lionel Dricot 268d864cdb Close #15, redirects are now working also in --sync mode (thanks kelbot) 2022-10-06 18:22:34 +02:00
Lionel Dricot d93db54f55 only use timg > 1.3.2 (thanks Valvin for the bug report) 2022-10-06 11:59:03 +02:00
Lionel Dricot 54dcec340a removing libreddit redirection 2022-10-03 20:35:19 +02:00
Lionel Dricot 45fd77603e small typo in README 2022-09-29 14:49:46 +02:00
Lionel Dricot e7ebff8d34 touring a list in one command 2022-09-25 23:33:36 +02:00
ploum 2eb5c63716 Merge branch 'doc-alpine-pkg' of miyopan/offpunk into master 2022-08-13 12:14:06 +00:00