Add settings to warn about large or multiline pastes #6631
Conversation
ghost
added
Area-Settings
| const bool hasNewLine = std::find(text.cbegin(), text.cend(), L'\n') != text.cend(); | ||
| const bool warnMultiLine = hasNewLine && _settings->GlobalSettings().WarnAboutMultiLinePaste(); | ||
|
|
||
| constexpr const std::size_t minimumSizeForWarning = 1024 * 5; // 5 KiB |
There was a problem hiding this comment.
I put 5 KiB here for now, but I don't know what should be the optimal threshold for the warning.
There was a problem hiding this comment.
I think five kilobytes is fine!
I haven't read any of the code and I already love it |
ghost
added
the
Needs-Author-Feedback
ghost
removed
the
Needs-Author-Feedback
Yes, you're right, I will fix this. EDIT: Done. |
|
This is weird, I pushed a new commit on my branch (e4ccf28) but GitHub did not update the PR, and the CI did not run. Maybe someone at GitHub pasted a multi line command in a terminal accidentally and broke something... EDIT: I fixed it by squashing my two commits and force pushing. |
…haracter Before sending calling the `HandleClipboardData` member function on the `PasteFromClipboardEventArgs` object when we receive a request from the `TermControl` to send it the clipboard's text content, we now display a warning to let the user choose whether to continue or not if the text is larger than 5 KiB or contains the _new line_ character, which can be a security issue if the user is pasting the text in a shell. These warnings can be disabled with the `largePasteWarning` and `multiLinePasteWarning` global settings respectively. I merged `TerminalPage::_PasteFromClipboardHandler` and `TerminalPage::_PasteFromClipboardHandler` because I think that the code is simpler this way.
| GETSET_PROPERTY(bool, WarnAboutLargePaste, true); | ||
| GETSET_PROPERTY(bool, WarnAboutMultiLinePaste, true); |
There was a problem hiding this comment.
Should these be enabled by default?
There was a problem hiding this comment.
I think I was initially reluctant to enabled by default for both, but I've sat on it for a bit and I concur, enabled by default seems sensible.
| | `largePasteWarning` | Optional | Boolean | `true` | When set to `true`, trying to paste text with more than 5 KiB of characters will display a warning asking you whether to continue or not with the paste. | | ||
| | `multiLinePasteWarning` | Optional | Boolean | `true` | When set to `true`, trying to paste text with a _new line_ character will display a warning asking you whether to continue or not with the paste. | |
There was a problem hiding this comment.
For Discussion:
I'm wondering if we'll be adding more "warning" features over time. If so, what's everybody's thoughts on having a "warning." prefix? So these settings would be called warning.largePaste and warning.multiLinePaste.
And we could override some others like confirmCloseAllTabs to be warning.closeWithMultipleTabs.
There was a problem hiding this comment.
oh wow, I actually like that a lot. I'd love another ACK on that design, but I'm on board.
There was a problem hiding this comment.
I'll ACK that design. Should we do it in post so we can let greg904 in peace to merge his PR?
Making it a separate PR allows us to also add a compatibility lookup for warning.closeAllTabs
| GETSET_PROPERTY(bool, WarnAboutLargePaste, true); | ||
| GETSET_PROPERTY(bool, WarnAboutMultiLinePaste, true); |
Are you sure that's what you want
|
| const bool hasNewLine = std::find(text.cbegin(), text.cend(), L'\n') != text.cend(); | ||
| const bool warnMultiLine = hasNewLine && _settings->GlobalSettings().WarnAboutMultiLinePaste(); | ||
|
|
||
| constexpr const std::size_t minimumSizeForWarning = 1024 * 5; // 5 KiB |
There was a problem hiding this comment.
I think five kilobytes is fine!
ghost
added
the
Needs-Author-Feedback
ghost
removed
the
Needs-Author-Feedback
| <value>Cancel</value> | ||
| </data> | ||
| <data name="LargePasteDialog.Content" xml:space="preserve"> | ||
| <value>You are about to paste text that is longer than 5 KiB. This can make the terminal unresponsive while the text is being received on the other end. Are you sure you want to continue?</value> |
There was a problem hiding this comment.
nit:
| <value>You are about to paste text that is longer than 5 KiB. This can make the terminal unresponsive while the text is being received on the other end. Are you sure you want to continue?</value> | |
| <value>You are about to paste text that is longer than 5 KiB. Are you sure you want to continue?</value> |
@cinnamon-msft for confirmation on the wording here though.
There was a problem hiding this comment.
@zadjii-msft's wording looks great
There was a problem hiding this comment.
Okay actually, can we change "Are you sure you want to continue?" to "Do you wish to continue?" to match the other message?
| <value>Cancel</value> | ||
| </data> | ||
| <data name="MultiLinePasteDialog.Content" xml:space="preserve"> | ||
| <value>You are about to paste text that contains the "new line" character. If you paste text that contains the "new line" character into a shell, one or more command(s) will be executed automatically upon paste. Are you sure you want to continue?</value> |
There was a problem hiding this comment.
nit:
| <value>You are about to paste text that contains the "new line" character. If you paste text that contains the "new line" character into a shell, one or more command(s) will be executed automatically upon paste. Are you sure you want to continue?</value> | |
| <value>You are about to paste text that contains the "new line" character. If you paste text that contains the "new line" character into a shell, one or more command(s) might be executed automatically upon paste. Are you sure you want to continue?</value> |
again, @cinnamon-msft to ACK this wording
There was a problem hiding this comment.
I might rephrase as "You are about to paste text that contains multiple lines. If you paste this text into your shell, it may result in the unexpected execution of commands. Are you sure you want to continue?"
edit: "are you sure you wish to continue?" ("wish" stuck with me a bit more than "want")
There was a problem hiding this comment.
I think I like:
You are about to paste text that contains multiple lines. If you paste this text into your shell, it may result in the unexpected execution of commands. Do you wish to continue?
|
We also need a PR in the docs repo (or at the very least an issue please). |
| <value>Cancel</value> | ||
| </data> | ||
| <data name="MultiLinePasteDialog.Content" xml:space="preserve"> | ||
| <value>You are about to paste text that contains the "new line" character. If you paste text that contains the "new line" character into a shell, one or more command(s) will be executed automatically upon paste. Are you sure you want to continue?</value> |
There was a problem hiding this comment.
I might rephrase as "You are about to paste text that contains multiple lines. If you paste this text into your shell, it may result in the unexpected execution of commands. Are you sure you want to continue?"
edit: "are you sure you wish to continue?" ("wish" stuck with me a bit more than "want")
| <value>Cancel</value> | ||
| </data> | ||
| <data name="MultiLinePasteDialog.Content" xml:space="preserve"> | ||
| <value>You are about to paste text that contains the "new line" character. If you paste text that contains the "new line" character into a shell, one or more command(s) will be executed automatically upon paste. Are you sure you want to continue?</value> |
|
Paging @cinnamon-msft We need you in this PR to handle some dialog wording. |
|
I absolutely love this! Next maybe warn users about pasting binary text into the terminal? I think I’ve seen this in some terminals. Xfce Terminal warns me every time when I paste something with “sudo” command. That’s also kinda sweet but I don’t think we should go that far. |
|
EDIT: Fixed. |
DHowett
added
the
AutoMerge
|
Hello @DHowett! Because this pull request has the p.s. you can customize the way I help with merging this pull request, such as holding this pull request until a specific person approves. Simply @mention me (
|
DHowett
changed the title
DHowett
changed the title
ghost
merged commit
|
🎉 Handy links: |
ghost
mentioned this pull request
Before sending calling the
HandleClipboardDatamember function onthe
PasteFromClipboardEventArgsobject when we receive a requestfrom the
TermControlto send it the clipboard's text content, wenow display a warning to let the user choose whether to continue or
not if the text is larger than 5 KiB or contains the new line
character, which can be a security issue if the user is pasting the
text in a shell.
These warnings can be disabled with the
largePasteWarningandmultiLinePasteWarningglobal settings respectively.Closes #2349