[Feature request]: Option to prevent Flatpak app opening browser/other application

flatpak / xdg-desktop-portal

Desktop integration portal

https://flatpak.github.io/xdg-desktop-portal/

GNU Lesser General Public License v2.1

551 stars 186 forks source link

[Feature request]: Option to prevent Flatpak app opening browser/other application #708

Open mariomadproductions opened 2 years ago

mariomadproductions commented 2 years ago

Checklist

[X] I agree to follow the Code of Conduct that this project adheres to.
[X] I have searched the issue tracker for a feature request that matches the one I want to file, without success.

Suggestion

Some programs (e.g. Discord) open your browser to a special URL in order to get your discord login info from the browser session. This is not a major privacy/security risk as this presumably requires the discord server to "cooperate", but it does seem wrong that an app can open arbitrary URLs without user permission (discord does this on startup without asking). I think it would be a good idea if this could be prevented somehow, using the flatpak per-app restrictions that users enable.

AdrianVovk commented 2 years ago

The challenge here is that there's no way to tell the difference between an app opening a browser link just because it feels like it and an app opening a browser link because a user clicked a button in the app that should open a webpage

mariomadproductions commented 2 years ago

That's a good point. I guess a prompt asking the user if they want to open it or not would work.

smcv commented 2 years ago

I've transferred this from Flatpak to xdg-desktop-portal, because if there was any sort of prompt, it would be implemented in xdg-desktop-portal and not in Flatpak. When an app inside the sandbox opens a URL, that's implemented by sending it out to the host system through xdg-desktop-portal's OpenURI interface.

RokeJulianLockhart commented 7 months ago

https://github.com/flatpak/xdg-desktop-portal/issues/708#issuecomment-1035198636

@mariomadproductions, it shouldn't be the default, however. I can think of almost no people I know of who would be content with agreeing to view a URI every time one is invoked, myself included.

mariomadproductions commented 7 months ago

#708 (comment)

@mariomadproductions, it shouldn't be the default, however. I can think of almost no people I know of who would be content with agreeing to view a URI every time one is invoked, myself included.

Yeah probably shouldn't happen every time unless the user asks for that. One way could be to have a "don't ask again for this program" checkbox in the Yes/No pop-up (in addition to something changeable in the settings).