X-Git-Url: https://ruderich.org/simon/gitweb/?p=fcscs%2Ffcscs.git;a=blobdiff_plain;f=bin%2Ffcscs;h=017ae5bfa327ad4b109efaeb1b24a24cd1e7be17;hp=5b68c2b022a76f445db3f9c652a7f65e343d9bbb;hb=fabb3318b36ef82dd8e23c13eab3dbb715307fb6;hpb=f124504b5d88971f1740b01faed809a63825fe17

diff --git a/bin/fcscs b/bin/fcscs
index 5b68c2b..017ae5b 100755
--- a/bin/fcscs
+++ b/bin/fcscs
@@ -108,6 +108,9 @@ To change the selection mode (e.g. paths, files, etc.) use one of the mappings
 explained below. Per default URLs are selected, see options for a way to
 change this.
 
+I<NOTE>: Opening URLs in the browser passes the URL via the command line which
+leaks URLs to other users on the current system via C<ps aux> or C<top>.
+
 I<NOTE>: When yanking (copying) a temporary file is used to pass the data to
 GNU screen/Tmux without exposing it to C<ps aux> or C<top>. However this may
 leak data if those temporary files are written to disk. To prevent this change
@@ -264,6 +267,8 @@ package Screen {
     sub draw_prompt {
         my ($self, $config) = @_;
 
+        $self->debug('draw_prompt', 'started');
+
         my $x = 0;
         my $y = $self->height - 1;
 
@@ -273,17 +278,20 @@ package Screen {
         # Draw prompt flags.
         if (defined (my $s = $self->{prompt}{flags})) {
             $s = "[$s]";
+            $self->debug('draw_prompt', $s);
             $self->draw_clipped($y, $x, $config->{attribute}{prompt_flags}, $s);
             $x += length($s) + 1; # space between next element
         }
         # Draw prompt name.
         if (defined (my $s = $self->{prompt}{name})) {
             $s = "[$s]";
+            $self->debug('draw_prompt', $s);
             $self->draw_clipped($y, $x, $config->{attribute}{prompt_name}, $s);
             $x += length($s) + 1;
         }
         # Draw prompt value, e.g. a search field.
         if (defined (my $s = $self->{prompt}{value})) {
+            $self->debug('draw_prompt', $s);
             $self->draw_clipped($y, $x, undef, $s);
             $x += length($s) + 1;
         }
@@ -355,6 +363,9 @@ package Screen {
             }
         }
 
+        foreach (@args) {
+            $_ = $self->encode($_);
+        }
         say $fh "$module: @args";
         return;
     }
@@ -456,7 +467,8 @@ sub run_command {
         # a working $$.
         no warnings;
 
-        system { $cmd->[0] } @{$cmd};
+        my @cmd = map { $screen->encode($_) } @{$cmd};
+        system { $cmd[0] } @cmd;
     };
     if ($exit != 0) {
         my $msg;
@@ -599,6 +611,8 @@ sub extend_match {
 
     $screen->debug('extend_match', 'started');
 
+    return if not defined $match;
+
     $screen->prompt(name => 'extend', value => undef);
     $screen->draw_prompt($config);
 
@@ -895,10 +909,7 @@ sub handler_url {
     $screen->debug('handler_url', "opening $match->{value}");
 
     run_in_background($screen, sub {
-        my @cmd = map { $screen->encode($_) } (
-            @{$config->{setting}{browser}},
-            $match->{value},
-        );
+        my @cmd = ( @{$config->{setting}{browser}}, $match->{value} );
         run_command($screen, $config, \@cmd);
     });
     return;