Re: [dev][project] soap - a simple xdg-open replacement

From: FRIGN <dev_AT_frign.de>
Date: Sun, 4 May 2014 13:19:40 +0200

On Sun, 4 May 2014 18:52:25 +0800
Chris Down <chris_AT_chrisdown.name> wrote:

> FRIGN writes:
> > A configuration can look like this:
> >
> > { "\.mp3", "st -e mplayer %s" },
> > { "\.(jpg|png|tiff)$", "feh %s" },
> > { "\.gif", "wget -O /tmp/tmp.gif %s && gifview -a /tmp/tmp.gif" },
> > { "^(http://|https://)?(www\.)?(youtube.com/watch\?|youtu\.be/)", "youtube-viewer %s" }
>
> What happens if you unwittingly open "; rm -rf /; .jpg"? I'm not sure
> system() is really a good idea here.

That's definitely a good point. However, fortifying the regexes to
strictly match URIs solves this problem instantly (Hell, just check for
spaces!).

Cheers

FRIGN

-- 
FRIGN <dev_AT_frign.de>
Received on Sun May 04 2014 - 13:19:40 CEST

This archive was generated by hypermail 2.3.0 : Sun May 04 2014 - 13:24:07 CEST