Bug#172436: Updated BROWSER proposal
Russ Allbery wrote:
@@ -8675,6 +8675,68 @@ name ["<var>syshostname</var>"]:
for games (X and non-X games) should be installed in
+ <heading>Web browsers</heading>
+ Some programs have the ability to launch a web browser to
+ display an URL.
"web browser to display an URL."
I don't like the sentence, but anyway I don't worry much,
because the program should be sensible, and open browser
only with correct protocols.
FYI: "xdg-open" could enter in new LSB,
as a generic URL opener (not only for browser):
> + Since there are lots of different web browsers
> + available in the Debian distribution, the system administrator
> + and each user should have the possibility to choose a preferred
> + web browser.
Is "lots of different" correct?
Anyway it is a rationale, so I would remove the first part.
+ In addition, programs should choose a good default web browser
+ if none is selected by the user or system administrator.
+ The recommended way to satisfy these goals is for every program
+ that launches a web browser with a URL to use the BROWSER
+ environment variable to determine what browser the user wishes
+ to use.
+ The value of BROWSER may consist of a colon-separated series of
+ browser command parts. These should be tried in order until one
+ succeeds. A command part consists of the command to executed
+ followed by 0 or more arguments separated by one or more spaces.
+ The command and arguments should be separated at the spaces, the
+ URL added as a final argument, and the resulting command
+ executed directly (not via the shell).<footnote>
+ This protects against bugs and security problems caused by
+ shell metacharacters in the browser arguments or URL. This
+ specification is compatible with the
+ <url id="http://www.dwheeler.com/browse/"
+ name="Alternative Secure BROWSER Definition">.
+ If the BROWSER environment variable is not set, the program can
+ use <file>/usr/bin/x-www-browser</file> if DISPLAY is set, and
+ <file>/usr/bin/www-browser</file> if not. These two files are
+ managed through the dpkg alternatives mechanism. Thus every
+ package providing a general-purpose web browser should call the
+ <prgn>update-alternatives</prgn> program to register the
+ appopriate one of these alternatives.
These 4 paragraphs enter to much in details of a program.
I'll really remove these paragraphs, and let the programs
use only "/usr/bin/sensible-browser" (next paragraph), so it is
easier to update the policy (evolution of FreeDesktop, ...).
I think that next paragraph is good, and IMO we should not
describe rules in details.
+ Instead of implementing the above in every program that runs a
+ web browser, programs in Debian may be configured to use
+ <file>/usr/bin/sensible-browser</file>. This is a program
+ provided by the Debian base system that checks the BROWSER
+ environment variable, falls back to the configured browser in
+ the user's desktop environment, and then falls back to
+ <file>/usr/bin/x-www-browser</file> or
+ <file>/usr/bin/www-browser</file> if BROWSER is not set and no
+ recognized desktop environment is in use.