Bug#172436: debian-policy: [PROPOSAL] web browser url viewing

To: 172436@bugs.debian.org
Subject: Bug#172436: debian-policy: [PROPOSAL] web browser url viewing
From: Ian Jackson <ian@davenant.greenend.org.uk>
Date: Sat, 4 Jan 2003 14:56:17 +0000
Message-id: <[🔎] 15894.62993.451951.967757@davenant.relativity.greenend.org.uk>
Reply-to: Ian Jackson <ian@davenant.greenend.org.uk>, 172436@bugs.debian.org
In-reply-to: <m2n.s.18LX2d-000xfM@chiark.greenend.org.uk>
References: <m2n.s.18LX2d-000xfM@chiark.greenend.org.uk>

Joey Hess writes ("Bug#172436: debian-policy: [PROPOSAL] web browser url viewing"):
...
>   The value of BROWSER may consist of a colon-separated series of
>   browser command parts. These should be tried in order until one
>   succeeds.

This is a bad idea because it will be very annoying if the URL is
unfetchable - all the browsers will be launched in sequence.

How about we define an exit status which the command is required to
give if it is not suitable for use at the moment ?  <sysexits.h> isn't
particularly helpful, but we could pick one of those.

>  Each command
>   part may optionally contain the string "%s"; if it does, the URL
>   to be viewed is substituted there. If a command part does not
>   contain %s, the browser is to be launched as if the URL had been
>   supplied as its first argument. The string %% must be substituted
>   as a single % <footnote> This browser variable was proposed by
>   Eric Raymond at http://www.tuxedo.org/~esr/BROWSER/ </footnote>

I think this is a very bad idea.  What if the URL maliciously contains
shell metacharacters ?  (I know they're not _supposed_ to.)  Instead
of having a fully-powerful substitution scheme, we should have
something simple: break the supplied command up at whitespace, and
pass the results to exec with the URL appended as the last argument.
Anything more complex can be done by having the browser supply a
wrapper script.

The wrapper script can also massage the exit status if necessary.

>   If the BROWSER environment variable is not set, the program should
>   use /usr/bin/x-www-browser if there is an available X Window
>   System DISPLAY, and /usr/bin/www-browser if not. These two files
>   are managed through the dpkg alternatives mechanism. Thus every
>   package providing a general-purpose web browser must call the
>   update-alternatives program to register the appopriate one of
>   these alternatives.

The phrase `if there is an available X Window System DISPLAY' could
suggest that the caller is supposed to see if it works or not.
Instead, `if DISPLAY is set'.

>   If it is very hard to adapt a program to make use of the BROWSER variable,
>   that program may be configured to use /usr/bin/sensible-www-browser
>   instead. This is a program provided by the Debian base system that checks
>   the BROWSER environment variable, and falls back to /usr/bin/x-www-browser
>   or /usr/bin/www-browser if it is not set.

I'm not sure that the phrase `if it is very hard' is appropriate.  It
might well be a good idea to configure a program to use
sensible-www-browser regardless of how easy or hard it would be to
hack its source.

Ian.

Reply to:

Prev by Date: Bug#99933: second attempt at more comprehensive unicode policy
Next by Date: Bug#99933: second attempt at more comprehensive unicode policy
Previous by thread: Bug#175202: debian-policy: [PROPOSAL] Clarify Perl package naming convention with more examples
Next by thread: Processed: no objections and >= 2 seconds; retitling 174982 as accepted
Index(es):
- Date
- Thread