Received: (at 65973) by debbugs.gnu.org; 15 Sep 2023 11:47:27 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Sep 15 07:47:27 2023 Received: from localhost ([127.0.0.1]:42283 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1qh7IE-0002fZ-UZ for submit <at> debbugs.gnu.org; Fri, 15 Sep 2023 07:47:27 -0400 Received: from mail-lj1-x22d.google.com ([2a00:1450:4864:20::22d]:48325) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <stefankangas@HIDDEN>) id 1qh7IA-0002fK-Dt for 65973 <at> debbugs.gnu.org; Fri, 15 Sep 2023 07:47:25 -0400 Received: by mail-lj1-x22d.google.com with SMTP id 38308e7fff4ca-2bfb12b24e5so32279811fa.0 for <65973 <at> debbugs.gnu.org>; Fri, 15 Sep 2023 04:47:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1694778429; x=1695383229; darn=debbugs.gnu.org; h=cc:to:subject:message-id:date:mime-version:references:in-reply-to :from:from:to:cc:subject:date:message-id:reply-to; bh=DfZAlUQHZ28bsDr45fRIZ/zly43Q2FUiWyQpkphKhrg=; b=hu/iErtSXoscf4O9zogaeiZEf+SJjHEV3KQFg+j6Kas64z2Tlov4gmBono2dyyqotw 7GEIaZ6uSPc+DhuYBN2kYMbXAXLSb1mGeVoUnjU6chVLdvzBd/jRsGJxeaY636rAumNq NuUeXS2HXlBnpzZAMy/l05Cp0nPYtFQtZdPhN/Xb4HGFHHICEqzLMgZppAPn8CFzzdJn /cilV3z41QDOczowW9Klg73qs/95W86bEztxUf7IA+uniYgnacOjoU9wDEKipz73+mQN i8ouxZRt8r8CruxQpQzRshuVphfLJzH0/fLe7rZDA1jYRBcBeBIhM/D3QrqFj03XuGQE czcw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694778429; x=1695383229; h=cc:to:subject:message-id:date:mime-version:references:in-reply-to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=DfZAlUQHZ28bsDr45fRIZ/zly43Q2FUiWyQpkphKhrg=; b=ajCQE2h3OgjF8pexSCYshZtmXSC1SMfBhKzQDzDvyKDzo38xkhIb8VyZdQwYiNlicJ CCZTTG0xsbOnZkzU5aZEXhQPiDsllFtfV/qD/xrR2fRVcqcCq4zxFjTFpBqRLUrZ2xHW IybC/mdTc129bs49b7/UqMYkk53q9yFKBTN7rta4X+/J6r74teEfC9kS2mGBPFCzTfgy bfx9k0EAyHFtGRPCbiE2c+ntjCL9x+J/VG27c8R3KIWDMbstzLaDpi1VqCY/CKJ13QHM X31QjIJpiacqVT4GzCsoX2Emvi/ZzNJVyRF7sG+E/bMb6scB7ARqCwHoZwAiWr8emZc7 yhoA== X-Gm-Message-State: AOJu0YwZjDkKVPNSpXTxo2FDpjGQ36B57n19eLb0tp59SMAuKOQs6LBQ XYgLhJPlc21dTmgOthRqor5Y7Vxpe0DcFO3dHuw= X-Google-Smtp-Source: AGHT+IFjzSZBiVYTDO8KcE9yt/VwSRFyQX5CkE9xe+Py2jIEqBONh78o3cmfM7n4X2Lw1jUUaQu6HQF0WGKa5lUG4io= X-Received: by 2002:a2e:7d0c:0:b0:2b6:e2aa:8fbc with SMTP id y12-20020a2e7d0c000000b002b6e2aa8fbcmr1496089ljc.8.1694778429396; Fri, 15 Sep 2023 04:47:09 -0700 (PDT) Received: from 753933720722 named unknown by gmailapi.google.com with HTTPREST; Fri, 15 Sep 2023 04:47:08 -0700 From: Stefan Kangas <stefankangas@HIDDEN> In-Reply-To: <ZQKjw9QkW5lMSX5Z@HIDDEN> (daniel watson's message of "Wed, 13 Sep 2023 23:10:11 -0700") References: <ZQKjw9QkW5lMSX5Z@HIDDEN> MIME-Version: 1.0 Date: Fri, 15 Sep 2023 04:47:08 -0700 Message-ID: <CADwFkmkOx=OaA8Gj97e8riMcYkL7tYjAYS0JALBNZoEVxgh9fg@HIDDEN> Subject: Re: bug#65973: [PATCH] ; send filename, not full path, on EWW form submit To: daniel watson <ozzloy@HIDDEN> Content-Type: text/plain; charset="UTF-8" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 65973 Cc: 65973 <at> debbugs.gnu.org, daniel watson <ozzloy@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) daniel watson <ozzloy@HIDDEN> writes: > i'm including the diff inline to make it easier to review without > downloading the attached file. Most (or all?) people reviewing patches use Emacs mail readers, so we have no trouble reviewing attached files. Getting it as an attachment actually makes things easier for us, as our tools are adapted to that workflow. That's the main reason why we have a preference for that format.
bug-gnu-emacs@HIDDEN:bug#65973; Package emacs.
Full text available.
Received: (at submit) by debbugs.gnu.org; 14 Sep 2023 07:47:14 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Sep 14 03:47:13 2023
Received: from localhost ([127.0.0.1]:37217 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1qgh4A-00087k-BG
for submit <at> debbugs.gnu.org; Thu, 14 Sep 2023 03:47:13 -0400
Received: from lists.gnu.org ([2001:470:142::17]:48486)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ozzloy@HIDDEN>) id 1qgfYf-000566-Pv
for submit <at> debbugs.gnu.org; Thu, 14 Sep 2023 02:10:37 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <ozzloy@HIDDEN>)
id 1qgfYU-0006Yf-OH
for bug-gnu-emacs@HIDDEN; Thu, 14 Sep 2023 02:10:22 -0400
Received: from challenge-bot.com ([2602:fffa:fff:108a:0:16:3e15:92b8])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <ozzloy@HIDDEN>)
id 1qgfYS-0006f3-1v
for bug-gnu-emacs@HIDDEN; Thu, 14 Sep 2023 02:10:22 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=challenge-bot.com; s=20180430; h=Content-Type:MIME-Version:Message-ID:
Subject:Cc:To:From:Date:From; bh=gMVaPkXo8wS/vpujQjxyb45y4cWJsMwRAzmEjOEYiwo=
; b=naO3qzwMLXpkeBDgoYEgGasgZjg17zyhv+fsFN8HfiW87A1GpTk5PPlTVevBsR5kwb3ThUnlF
baQBqH8wLD0CMRPQZU2X+skPUSZVC/gduyL7hMK5uIQPE4dagIsJnFEwGzxjkCSxZq18oQb5GBKFG
G9RRSgIBV8YlUXzkAYubA=;
Received: from ozzloy by challenge-bot.com with local (Exim 4.94.2)
(envelope-from <ozzloy@HIDDEN>)
id 1qgfYJ-00GgMZ-P2; Wed, 13 Sep 2023 23:10:11 -0700
Date: Wed, 13 Sep 2023 23:10:11 -0700
From: daniel watson <ozzloy@HIDDEN>
To: bug-gnu-emacs@HIDDEN
Subject: [PATCH] ; send filename, not full path, on EWW form submit
Message-ID: <ZQKjw9QkW5lMSX5Z@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="wNG0Lg4LmFGGOPcM"
Content-Disposition: inline
Received-SPF: pass client-ip=2602:fffa:fff:108a:0:16:3e15:92b8;
envelope-from=ozzloy@HIDDEN; helo=challenge-bot.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001,
SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 0.9 (/)
X-Debbugs-Envelope-To: submit
X-Mailman-Approved-At: Thu, 14 Sep 2023 03:47:08 -0400
Cc: daniel watson <ozzloy@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.1 (/)
--wNG0Lg4LmFGGOPcM
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
0. in one terminal, run this http server
https://git.sr.ht/~ozzloy/emacs-bug-63941/tree/master/item/server.py
1. in another terminal, run
socat -v tcp-listen:8086,fork tcp:localhost:8085
2. browse to the page with EWW,
M-x eww <ENTER> localhost:8086 <ENTER>
3. put the cursor on the word "Browse" <ENTER>
4. select any file to which you have read access for uploading
5. put cursor on "Submit" <ENTER>
6. observe the full path of the file is sent to the server. this is
visible in both the python output and the socat output.
i'm including the diff inline to make it easier to review without
downloading the attached file.
---
lisp/net/eww.el | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lisp/net/eww.el b/lisp/net/eww.el
index 4ddda216afc..f28273dcc58 100644
--- a/lisp/net/eww.el
+++ b/lisp/net/eww.el
@@ -1849,7 +1849,7 @@ eww-submit
(insert-file-contents file)
(buffer-string)))
(cons "name" name)
- (cons "filename" file))
+ (cons "filename" (file-name-nondirectory file)))
values)))
((equal (plist-get input :type) "submit")
;; We want the values from buttons if we hit a button if
--
2.39.2
In GNU Emacs 29.1 (build 2, x86_64-pc-linux-gnu, GTK+ Version 3.24.20,
cairo version 1.16.0) of 2023-08-03 built on bos03-amd64-031
Repository revision: cf57ec68c2a5ac5b721f445928869ca14232a4d1
Repository branch: master
Windowing system distributor 'The X.Org Foundation', version 11.0.12101007
System Description: Ubuntu 23.04
Configured using:
'configure --prefix=/snap/emacs/current/usr --with-x-toolkit=gtk3
--without-xaw3d --with-modules --with-cairo
--with-native-compilation=aot --with-xinput2 --with-tree-sitter
--with-json
'CFLAGS=-isystem/build/emacs/parts/emacs/install/usr/include
-isystem/build/emacs/parts/emacs/install/usr/include/x86_64-linux-gnu
-isystem/build/emacs/stage/usr/include -O2'
'CPPFLAGS=-isystem/build/emacs/parts/emacs/install/usr/include
-isystem/build/emacs/parts/emacs/install/usr/include/x86_64-linux-gnu
-isystem/build/emacs/stage/usr/include'
'LDFLAGS=-L/build/emacs/parts/emacs/install/lib
-L/build/emacs/parts/emacs/install/usr/lib
-L/build/emacs/parts/emacs/install/lib/x86_64-linux-gnu
-L/build/emacs/parts/emacs/install/usr/lib/x86_64-linux-gnu
-L/build/emacs/stage/usr/lib''
--wNG0Lg4LmFGGOPcM
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment;
filename="0001-send-filename-not-full-path-on-EWW-form-submit.patch"
From 7b360d91a6667034da7c682af01ee1008d052c40 Mon Sep 17 00:00:00 2001
From: Daniel Watson <ozzloy@HIDDEN>
Date: Tue, 12 Sep 2023 00:06:14 -0700
Subject: [PATCH] ; send filename, not full path, on EWW form submit
; * lisp/net/eww.el (eww-submit): Instead of sending the entire file
; path, send just the filename and not the directory. This is the
; behavior seen in other clients, such as firefox, chromium, and curl.
; It keeps information about the users directory structure private.
---
lisp/net/eww.el | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lisp/net/eww.el b/lisp/net/eww.el
index 4ddda216afc..f28273dcc58 100644
--- a/lisp/net/eww.el
+++ b/lisp/net/eww.el
@@ -1849,7 +1849,7 @@ eww-submit
(insert-file-contents file)
(buffer-string)))
(cons "name" name)
- (cons "filename" file))
+ (cons "filename" (file-name-nondirectory file)))
values)))
((equal (plist-get input :type) "submit")
;; We want the values from buttons if we hit a button if
--
2.39.2
--wNG0Lg4LmFGGOPcM--
daniel watson <ozzloy@HIDDEN>:bug-gnu-emacs@HIDDEN.
Full text available.bug-gnu-emacs@HIDDEN:bug#65973; Package emacs.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.