1 |
#! perl |
2 |
|
3 |
=head1 NAME |
4 |
|
5 |
confirm-paste - ask for confirmation before pasting control characters |
6 |
|
7 |
=head1 DESCRIPTION |
8 |
|
9 |
Displays a confirmation dialog when a paste containing control characters |
10 |
is detected. |
11 |
|
12 |
This is mostly meant as a defense-in-depth mechanism to protect against |
13 |
the common web browser bug of you selecting some text but the browser |
14 |
pasting a completely different text, which has some attack potential. |
15 |
|
16 |
It can also be useful to prevent you from accidentally pasting large |
17 |
amounts of text. |
18 |
|
19 |
=cut |
20 |
|
21 |
sub msg { |
22 |
my ($self, $msg) = @_; |
23 |
|
24 |
$self->{overlay} = $self->overlay (0, -1, $self->ncol, 2, urxvt::OVERLAY_RSTYLE, 0); |
25 |
$self->{overlay}->set (0, 0, $msg); |
26 |
} |
27 |
|
28 |
sub on_tt_paste { |
29 |
my ($self, $str) = @_; |
30 |
|
31 |
my $count = ($str =~ tr/\x00-\x1f//) |
32 |
or return; |
33 |
|
34 |
$self->{paste} = \$str; |
35 |
$self->msg ("Pasting $count control characters, continue? (y/n)"); |
36 |
|
37 |
my $preview = substr $self->locale_decode ($str), 0, $self->ncol; |
38 |
$preview =~ s/\n/\\n/g; |
39 |
$preview =~ s/([\x00-\x1f\x80-\x9f])/sprintf "\\x%02x", ord $1/ge; |
40 |
|
41 |
$self->{overlay}->set (0, 1, $self->special_encode ($preview)); |
42 |
$self->enable (key_press => \&key_press); |
43 |
|
44 |
1 |
45 |
} |
46 |
|
47 |
sub leave { |
48 |
my ($self) = @_; |
49 |
|
50 |
$self->{paste} = undef; |
51 |
delete $self->{overlay}; |
52 |
$self->disable ("key_press"); |
53 |
} |
54 |
|
55 |
sub key_press { |
56 |
my ($self, $event, $keysym, $string) = @_; |
57 |
|
58 |
if ($keysym == 121) { # y |
59 |
$self->tt_paste (${$self->{paste}}); |
60 |
$self->leave; |
61 |
} elsif ($keysym == 110) { # n |
62 |
$self->leave; |
63 |
} |
64 |
|
65 |
1 |
66 |
} |