[PATCH] emacs: Add a defcustom that specifies regexp for blocked remote images.

diff --git a/25/036971bfea6ba8b51f20eeb97981d418df775d b/25/036971bfea6ba8b51f20eeb97981d418df775d
new file mode 100644 (file)
index 0000000..78a21be
--- /dev/null
+++ b/25/036971bfea6ba8b51f20eeb97981d418df775d
@@ -0,0 +1,136 @@
+Return-Path: <jinwoo68@gmail.com>\r
+X-Original-To: notmuch@notmuchmail.org\r
+Delivered-To: notmuch@notmuchmail.org\r
+Received: from localhost (localhost [127.0.0.1])\r
+       by olra.theworths.org (Postfix) with ESMTP id 749A5431FC2\r
+       for <notmuch@notmuchmail.org>; Mon,  2 Feb 2015 10:55:54 -0800 (PST)\r
+X-Virus-Scanned: Debian amavisd-new at olra.theworths.org\r
+X-Spam-Flag: NO\r
+X-Spam-Score: 2.639\r
+X-Spam-Level: **\r
+X-Spam-Status: No, score=2.639 tagged_above=-999 required=5\r
+       tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,\r
+       DNS_FROM_AHBL_RHSBL=2.438, FREEMAIL_ENVFROM_END_DIGIT=1,\r
+       FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=disabled\r
+Received: from olra.theworths.org ([127.0.0.1])\r
+       by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024)\r
+       with ESMTP id Y3rK8oT2HJi6 for <notmuch@notmuchmail.org>;\r
+       Mon,  2 Feb 2015 10:55:51 -0800 (PST)\r
+Received: from mail-ie0-f175.google.com (mail-ie0-f175.google.com\r
+       [209.85.223.175]) (using TLSv1 with cipher RC4-SHA (128/128 bits))\r
+       (No client certificate requested)\r
+       by olra.theworths.org (Postfix) with ESMTPS id 35F16431FC0\r
+       for <notmuch@notmuchmail.org>; Mon,  2 Feb 2015 10:55:51 -0800 (PST)\r
+Received: by mail-ie0-f175.google.com with SMTP id ar1so19670950iec.6\r
+       for <notmuch@notmuchmail.org>; Mon, 02 Feb 2015 10:55:49 -0800 (PST)\r
+DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;\r
+       h=from:to:cc:subject:date:message-id;\r
+       bh=TCQXNR9BlHS9b8+kXqPyopoK0NJOeZDADPwJmGJIeFs=;\r
+       b=lYXmiKlYL5GDWMxNWa7G7jJPUtETmSBJzXKmCbASlK8IdYIu8QLYtGB1VCmKfxjrFd\r
+       DKHziCiZ8eRx5sQ23Wp1CElCmHBbxfmxvCRURsjdSNTy/DupRbyHDxf1fWXQ+UbkBbSN\r
+       dkHhWSMx8XeKTlfYSfElG8SqexZWqAJJjAnX6gf2oGfKarQVDIVAihNcltcLo14NoS20\r
+       WsUIbOzYwccHRs0byYpkRgQfG6SZIkEreCJR0fGqCKfDjtodddkvISFTbgtmgHFdyqAR\r
+       qEhPdQvIrrbZPb6QwSX6CmuInRarPtMijG7CxtsS+BeCItIBtJN9hO4FGwO2+auG98yM\r
+       MU2w==\r
+X-Received: by 10.50.111.168 with SMTP id ij8mr13465072igb.43.1422903348719;\r
+       Mon, 02 Feb 2015 10:55:48 -0800 (PST)\r
+Received: from jinwoo-macbookair.roam.corp.google.com.com ([172.19.60.210])\r
+       by mx.google.com with ESMTPSA id j77sm344578ioj.30.2015.02.02.10.55.47\r
+       (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);\r
+       Mon, 02 Feb 2015 10:55:47 -0800 (PST)\r
+From: Jinwoo Lee <jinwoo68@gmail.com>\r
+To: notmuch@notmuchmail.org\r
+Subject: [PATCH] emacs: Add a defcustom that specifies regexp for blocked\r
+       remote images.\r
+Date: Mon,  2 Feb 2015 10:54:06 -0800\r
+Message-Id: <1422903246-8621-1-git-send-email-jinwoo68@gmail.com>\r
+X-Mailer: git-send-email 2.2.2\r
+X-BeenThere: notmuch@notmuchmail.org\r
+X-Mailman-Version: 2.1.13\r
+Precedence: list\r
+List-Id: "Use and development of the notmuch mail system."\r
+       <notmuch.notmuchmail.org>\r
+List-Unsubscribe: <http://notmuchmail.org/mailman/options/notmuch>,\r
+       <mailto:notmuch-request@notmuchmail.org?subject=unsubscribe>\r
+List-Archive: <http://notmuchmail.org/pipermail/notmuch>\r
+List-Post: <mailto:notmuch@notmuchmail.org>\r
+List-Help: <mailto:notmuch-request@notmuchmail.org?subject=help>\r
+List-Subscribe: <http://notmuchmail.org/mailman/listinfo/notmuch>,\r
+       <mailto:notmuch-request@notmuchmail.org?subject=subscribe>\r
+X-List-Received-Date: Mon, 02 Feb 2015 18:55:54 -0000\r
+\r
+It's default value is ".", meaning all remote images will be blocked\r
+by default.\r
+\r
+---\r
+Addressed review comments.\r
+---\r
+ emacs/notmuch-show.el | 27 +++++++++++++++++++--------\r
+ 1 file changed, 19 insertions(+), 8 deletions(-)\r
+\r
+diff --git a/emacs/notmuch-show.el b/emacs/notmuch-show.el\r
+index 66350d4..5d939bb 100644\r
+--- a/emacs/notmuch-show.el\r
++++ b/emacs/notmuch-show.el\r
+@@ -136,6 +136,13 @@ indentation."\r
+   :type 'boolean\r
+   :group 'notmuch-show)\r
+ \r
++;; By default, block all external images to prevent privacy leaks and\r
++;; potential attacks.\r
++(defcustom notmuch-show-text/html-blocked-images "."\r
++  "Remote images that have URLs matching this regexp will be blocked."\r
++  :type '(choice (const nil) regexp)\r
++  :group 'notmuch-show)\r
++\r
+ (defvar notmuch-show-thread-id nil)\r
+ (make-variable-buffer-local 'notmuch-show-thread-id)\r
+ (put 'notmuch-show-thread-id 'permanent-local t)\r
+@@ -771,14 +778,21 @@ will return nil if the CID is unknown or cannot be retrieved."\r
+       ;; It's easier to drive shr ourselves than to work around the\r
+       ;; goofy things `mm-shr' does (like irreversibly taking over\r
+       ;; content ID handling).\r
+-      (notmuch-show--insert-part-text/html-shr msg part)\r
++\r
++      ;; FIXME: If we block an image, offer a button to load external\r
++      ;; images.\r
++      (let ((shr-blocked-images notmuch-show-text/html-blocked-images))\r
++      (notmuch-show--insert-part-text/html-shr msg part))\r
+     ;; Otherwise, let message-mode do the heavy lifting\r
+     ;;\r
+     ;; w3m sets up a keymap which "leaks" outside the invisible region\r
+     ;; and causes strange effects in notmuch. We set\r
+     ;; mm-inline-text-html-with-w3m-keymap to nil to tell w3m not to\r
+     ;; set a keymap (so the normal notmuch-show-mode-map remains).\r
+-    (let ((mm-inline-text-html-with-w3m-keymap nil))\r
++    (let ((mm-inline-text-html-with-w3m-keymap nil)\r
++        ;; FIXME: If we block an image, offer a button to load external\r
++        ;; images.\r
++        (gnus-blocked-images notmuch-show-text/html-blocked-images))\r
+       (notmuch-show-insert-part-*/* msg part content-type nth depth button))))\r
+ \r
+ ;; These functions are used by notmuch-show--insert-part-text/html-shr\r
+@@ -797,17 +811,14 @@ will return nil if the CID is unknown or cannot be retrieved."\r
+          ;; shr strips the "cid:" part of URL, but doesn't\r
+          ;; URL-decode it (see RFC 2392).\r
+          (let ((cid (url-unhex-string url)))\r
+-           (first (notmuch-show--get-cid-content cid)))))\r
+-      ;; Block all external images to prevent privacy leaks and\r
+-      ;; potential attacks.  FIXME: If we block an image, offer a\r
+-      ;; button to load external images.\r
+-      (shr-blocked-images "."))\r
++           (first (notmuch-show--get-cid-content cid))))))\r
+     (shr-insert-document dom)\r
+     t))\r
+ \r
+ (defun notmuch-show-insert-part-*/* (msg part content-type nth depth button)\r
+   ;; This handler _must_ succeed - it is the handler of last resort.\r
+-  (notmuch-mm-display-part-inline msg part content-type notmuch-show-process-crypto)\r
++  (notmuch-mm-display-part-inline msg part content-type\r
++                                notmuch-show-process-crypto)\r
+   t)\r
+ \r
+ ;; Functions for determining how to handle MIME parts.\r
+-- \r
+2.2.2\r
+\r