1 | #! perl |
1 | #! perl |
|
|
2 | |
|
|
3 | =head1 NAME |
|
|
4 | |
|
|
5 | confirm-paste - ask for confirmation before pasting control characters |
|
|
6 | |
|
|
7 | =head1 DESCRIPTION |
|
|
8 | |
|
|
9 | Displays a confirmation dialog when a paste containing control characters |
|
|
10 | is detected. |
|
|
11 | |
|
|
12 | This is mostly meant as a defense-in-depth mechanism to protect against |
|
|
13 | the common web browser bug of you selecting some text but the browser |
|
|
14 | pasting a completely different text, which has some attack potential. |
|
|
15 | |
|
|
16 | It can also be useful to prevent you from accidentally pasting large |
|
|
17 | amounts of text. |
|
|
18 | |
|
|
19 | =cut |
2 | |
20 | |
3 | sub msg { |
21 | sub msg { |
4 | my ($self, $msg) = @_; |
22 | my ($self, $msg) = @_; |
5 | |
23 | |
6 | $self->{overlay} = $self->overlay (0, -1, $self->strwidth ($msg), 1); |
24 | $self->{overlay} = $self->overlay (0, -1, $self->ncol, 2, urxvt::OVERLAY_RSTYLE, 0); |
7 | $self->{overlay}->set (0, 0, $msg); |
25 | $self->{overlay}->set (0, 0, $msg); |
8 | } |
26 | } |
9 | |
27 | |
10 | sub on_tt_paste { |
28 | sub on_tt_paste { |
11 | my ($self, $str) = @_; |
29 | my ($self, $str) = @_; |
12 | |
30 | |
13 | my $count = ($str =~ tr/\012\015//); |
31 | my $count = ($str =~ tr/\x00-\x1f\x80-\x9f//) |
14 | |
32 | or return; |
15 | return unless $count; |
|
|
16 | |
33 | |
17 | $self->{paste} = \$str; |
34 | $self->{paste} = \$str; |
18 | $self->msg ("Paste of $count lines, continue? (y/n)"); |
35 | $self->msg ("Pasting $count control characters, continue? (y/n)"); |
|
|
36 | |
|
|
37 | my $preview = substr $self->locale_decode ($str), 0, $self->ncol; |
|
|
38 | $preview =~ s/\n/\\n/g; |
|
|
39 | $preview =~ s/([\x00-\x1f\x80-\x9f])/sprintf "\\x%02x", ord $1/ge; |
|
|
40 | |
|
|
41 | $self->{overlay}->set (0, 1, $self->special_encode ($preview)); |
19 | $self->enable (key_press => \&key_press); |
42 | $self->enable (key_press => \&key_press); |
20 | |
43 | |
21 | 1 |
44 | 1 |
22 | } |
45 | } |
23 | |
46 | |