search

rusty-snake / fireurl

Fixing the firejail URL open issue
MIT License
13 stars 1 forks source link

Support more schemes and other commands #2

Open rusty-snake opened 1 year ago

rusty-snake commented 1 year ago 
# schemeapps.conf
# ===============
#
# This file contains a mapping of schemes to command-line for fireurl::open.
#
# Format
# ------
#
# * Leading and trailing whitespace characters are ignored.
# * Empty lines are ignored.
# * Lines starting with a "#" are comments (and ignored).
# * Everything else is expected to be an mapping of an scheme to a command line
#   in the form of `<scheme>: <command-line>`.
# * The command-line can contain a "%u" that will be substituted with the uri.
#   If the "%u" is missing it is implicitly added at the end.
# * The command-line is split at every whitespace character.
#   No quoting. No escaping.
# * If there is more than one mapping for a scheme the behavior is undefined.
# * If there is more than one "%u" in the command-line the behavior is undefined.
# * The format may change in the future.

http: firefox
https: firefox %u
rusty-snake commented 1 year ago 
for line in schemeapps_conf {
    let line = line.trim();
    if line.is_empty() || line.starts_with('#') {
        continue;
    }

    let (scheme, cmd) = if let Some(scheme_cmd) = line.split_once(':') {
        scheme_cmd
    } else {
        eprintln!("ERROR: Invalid line in schemeapps.conf: {line}");
        continue;
    };
    let mut cmd = cmd.split_whitespace()
        ...
}
topimiettinen commented 1 year ago

How about using a regexp or fnmatch patterns and also explicit allow/deny:

allow http://*.example.com/* firefox %u
deny *

For more flexibility (for example, if client authentication is considered in the future), the syntax could be

allow url=https://*.example.com/* cmd='firefox %u' client='mutt'
allow url=https:* client='firefox*'
deny url=http:*
# default deny
deny
rusty-snake commented 1 year ago