Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: bracketed paste mode in xterm and urxvt

X-seq: zsh-workers 35380
From: Stephane Chazelas <stephane.chazelas@xxxxxxxxx>
To: zsh-workers@xxxxxxx
Subject: Re: bracketed paste mode in xterm and urxvt
Date: Thu, 4 Jun 2015 08:15:57 +0100
In-reply-to: <29062.1433375305@thecus.kiddle.eu>
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
References: <BANLkTikh_-+L2W5=Yfu7h7iAe5CcpP6fxw@mail.gmail.com> <CAFOazAOfk=Sq-smkMGzJKO4b7jMb_1_m4vXXn8twoVA2wV55YA@mail.gmail.com> <55677AF5.50709@thequod.de> <mk9dc0$p0$1@ger.gmane.org> <27004.1433345491@thecus.kiddle.eu> <20150603204258.GE4767@chaz.gmail.com> <29062.1433375305@thecus.kiddle.eu>

2015-06-04 01:48:25 +0200, Oliver Kiddle:
> Stephane Chazelas wrote:
> > To sum-up, for a safe bracketed paste, you need either:
> > 
> > - terminal emulator to filter out ^[ and ^C
> > 
> 
> ^C is only the default interrupt character. From some basic testing, it
> seems you can use tcgetattr/tcsetattr on the master side of the pty.
> So the terminal could perhaps disable isig before writing the string
> and restore it afterwards. I doubt that an ssh would pass that through,
> however.

ssh (the client) disables ISIG already. It passes the ^C along
and it's the remote pty line discipline that may send SIGINT to
the process upon receiving that ^C, so there's nothing ssh could
do there.

> >  - a different paste mode than xterm's \e[200~<to-paste>\e[201~ which
> >    doesn't work as <to-paste> may contain \e[201~ (something
> >    like: insert-formatted("\033[202~%S~%s",
> >    CLIPBOARD,PRIMARY,CUT_BUFFER0) would do).
> 
> Would have been better if xterm had done it that way in the first place. 
> As it is, stripping a fake end string should do the job.

zsh could use a heuristic approach similar to the one I use in
the pty wrapper at
http://security.stackexchange.com/questions/39118/how-can-i-protect-myself-from-this-kind-of-clipboard-abuse/52655#52655

That is detect paste by the fact that all characters come at
once. Not foolproof when done by the shell as there's the case
of the user typing or pasting before the prompt is issued.

> >  - zsh to disable isig.
> > 
> > Maybe a better approach would be to query the X selection for
> > instance with xclip/xsel where available. That can also be
> 
> I've got a widget based on xclip. There isn't always an X connection
> back, however. It might be worth remembering for when copying text from
> firefox.
> 
> The nice thing about getting bracketed paste working is that it
> potentially doesn't require users to learn anything new: they already
> know how to paste in their terminal. That's also why I think it is worth
> trying to include support in a form that doesn't need ohmyzsh plugins or
> lines in .zshrc. And putting security aside, there are other benefits
> like the single undo event, newlines not being accepted and the option
> of manipulating the string such as with shell quoting.
[...]

Agreed.

References:
- Re: bracketed paste mode in xterm and urxvt
  - From: Oliver Kiddle
- Re: bracketed paste mode in xterm and urxvt
  - From: Stephane Chazelas
- Re: bracketed paste mode in xterm and urxvt
  - From: Oliver Kiddle

Messages sorted by: Reverse Date, Date, Thread, Author