piotr-yuxuan
commented
6 years ago Hi @telotortium, this sounds great! Is there any similar mechanism with Firefox?
Open telotortium opened 6 years ago
piotr-yuxuan
commented
6 years ago Hi @telotortium, this sounds great! Is there any similar mechanism with Firefox?
prestancedesign
commented
6 years ago @piotr-yuxuan Yes, there is the Mozilla documentation : https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Native_messaging
sprig
commented
6 years ago Thanks for the suggestion! Sorry for taking a long time to reply...
I understand the part regarding installation friction, but I'm not entirely sure I understand by how much would nativeMessaging alleviate the problem - after all, if you're concerned that some extension might be monitoring the pages you are going to, do you start caring only once you capture them and not visit them in the first place? I understand that this could leak additional information, but it seems to be a small amount in comparison to the existing leak. Of course this could be a failure of my imagination - feel free to enlighten me :-)
Given the scope and (my perceived) slim potential for abuse, I probably won't pursue this myself in the near term - however, I'd be happy to accept a PR or even help in creating one if someone else leads the charge.
telotortium
commented
6 years ago Yes, I would do the work to implement this. No ETA on when I'll get around to it, though.
The concern is presumably that with nativeMessaging, you'd only have to audit the code of org-capture-extension in order to confirm that none of its URLs are being sent to external parties. With the current implementation, any extension the user has installed (with the appropriate permissions) can listen to the org-capture URLs being navigated to, a larger surface to audit.
sprig
commented
6 years ago I understand this, but are significantly more concerned about extensions monitoring what you capture vs all pages you browse to?
telotortium
commented
5 years ago I've gotten around to writing a hacky version of this extension that uses a native messaging host: https://github.com/telotortium/org-capture-extension/tree/native-messaging-host. It uses a short Python 2 script that should run on Linux and macOS at least, and hopefully on Windows too. I'm just putting this out here in case anyone needs this functionality as well.
While attempting to whitelist this extension at work recently, it was pointed out to me recently that many Chrome extensions listen to all URLs that Chrome navigates to; in some cases, these URLs are sent to third parties. This may be undesirable from the point of someone who thinks using org-protocol on their local computer doesn't leak any information to third parties. This reviewer suggested using the Chrome nativeMessaging functionality, which allows an extension to execute a script on the user's desktop which reads JSON input on standard input and writes JSON output on standard output.
I'd go about this by following the tutorial app in the nativeMessaging documentation. The commands to open URLs in desktop environments are these:
Alternatively, you can directly call emacsclient with an org-protocol URL, so the nativeMessaging app may want to default to this option. That would have the bonus of the user not having to set up a protocol handler, which would reduce the friction of setting up this extension.