Re: bracketed paste mode in xterm and urxvt

zsh-workers
 help / color / mirror / code / Atom feed

From: Stephane Chazelas <stephane.chazelas@gmail.com>
To: zsh-workers@zsh.org
Subject: Re: bracketed paste mode in xterm and urxvt
Date: Thu, 4 Jun 2015 08:15:57 +0100	[thread overview]
Message-ID: <20150604071557.GB6451@chaz.gmail.com> (raw)
In-Reply-To: <29062.1433375305@thecus.kiddle.eu>

2015-06-04 01:48:25 +0200, Oliver Kiddle:
> Stephane Chazelas wrote:
> > To sum-up, for a safe bracketed paste, you need either:
> > 
> > - terminal emulator to filter out ^[ and ^C
> > 
> 
> ^C is only the default interrupt character. From some basic testing, it
> seems you can use tcgetattr/tcsetattr on the master side of the pty.
> So the terminal could perhaps disable isig before writing the string
> and restore it afterwards. I doubt that an ssh would pass that through,
> however.

ssh (the client) disables ISIG already. It passes the ^C along
and it's the remote pty line discipline that may send SIGINT to
the process upon receiving that ^C, so there's nothing ssh could
do there.

> >  - a different paste mode than xterm's \e[200~<to-paste>\e[201~ which
> >    doesn't work as <to-paste> may contain \e[201~ (something
> >    like: insert-formatted("\033[202~%S~%s",
> >    CLIPBOARD,PRIMARY,CUT_BUFFER0) would do).
> 
> Would have been better if xterm had done it that way in the first place. 
> As it is, stripping a fake end string should do the job.

zsh could use a heuristic approach similar to the one I use in
the pty wrapper at
http://security.stackexchange.com/questions/39118/how-can-i-protect-myself-from-this-kind-of-clipboard-abuse/52655#52655

That is detect paste by the fact that all characters come at
once. Not foolproof when done by the shell as there's the case
of the user typing or pasting before the prompt is issued.

> >  - zsh to disable isig.
> > 
> > Maybe a better approach would be to query the X selection for
> > instance with xclip/xsel where available. That can also be
> 
> I've got a widget based on xclip. There isn't always an X connection
> back, however. It might be worth remembering for when copying text from
> firefox.
> 
> The nice thing about getting bracketed paste working is that it
> potentially doesn't require users to learn anything new: they already
> know how to paste in their terminal. That's also why I think it is worth
> trying to include support in a form that doesn't need ohmyzsh plugins or
> lines in .zshrc. And putting security aside, there are other benefits
> like the single undo event, newlines not being accepted and the option
> of manipulating the string such as with shell quoting.
[...]

Agreed.

next prev parent reply	other threads:[~2015-06-04  7:20 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <BANLkTikh_-+L2W5=Yfu7h7iAe5CcpP6fxw@mail.gmail.com>
     [not found] ` <CAFOazAOfk=Sq-smkMGzJKO4b7jMb_1_m4vXXn8twoVA2wV55YA@mail.gmail.com>
     [not found]   ` <55677AF5.50709@thequod.de>
     [not found]     ` <mk9dc0$p0$1@ger.gmane.org>
     [not found]       ` <CABZhJg_5p8BLbq82s_wVtsPdD5hVtk-cPg6fNxzbSs4Vg00SOw@mail.gmail.com>
     [not found]         ` <mkmjfu$3h0$1@ger.gmane.org>
     [not found]           ` <CAHYJk3T3dVdN5qDMecPAH_ALLBYNntW0QVdPMh50Lo_ULeWP6w__21110.9288772152$1433333265$gmane$org@mail.gmail.com>
2015-06-03 12:43             ` Stephane Chazelas
2015-06-03 15:31       ` Oliver Kiddle
2015-06-03 20:42         ` Stephane Chazelas
2015-06-03 23:48           ` Oliver Kiddle
2015-06-04  7:15             ` Stephane Chazelas [this message]
2015-06-05 10:49         ` Yuri D'Elia
2015-06-05 13:40           ` Oliver Kiddle
2015-06-05 14:35             ` Yuri D'Elia
2015-06-10  0:28               ` Oliver Kiddle
2015-06-10  4:38                 ` Bart Schaefer
2015-06-15 22:11                   ` Oliver Kiddle
2015-06-15 23:09                     ` Mikael Magnusson
2015-06-16  0:20                     ` Bart Schaefer
2015-06-16 17:12                       ` Oliver Kiddle
2015-06-16 20:26                         ` Bart Schaefer
2015-06-17 10:45                           ` Oliver Kiddle
2015-06-17 15:04                             ` Bart Schaefer
2015-06-10  9:44                 ` Yuri D'Elia

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150604071557.GB6451@chaz.gmail.com \
    --to=stephane.chazelas@gmail.com \
    --cc=zsh-workers@zsh.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).