procyberian/emacs
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
emacs/lisp/url
History
Stefan Kangas 346e571230 Never send user email address in HTTP requests 
It used to be possible to customize 'url-privacy-level' so that the
user's email address was sent along in HTTP requests.  Since
'url-privacy-level' is also a blocklist, rather than an allowlist,
this meant that a mere misconfiguration of Emacs risked exposing the
user's email address.  This is a serious privacy risk, and it is thus
better if we remove this dangerous feature altogether.

* lisp/url/url-http.el (url-http-create-request): Never send the
user email address.
* lisp/url/url-vars.el (url-personal-mail-address): Make obsolete.
* lisp/url/url-privacy.el (url-setup-privacy-info): Don't set
above obsolete variable.
* doc/misc/url.texi (Customization):
* lisp/url/url-vars.el (url-privacy-level): Update documentation
to reflect the above changes.
2023-12-17 10:00:22 +01:00
..
ChangeLog.1 ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-auth.el Avoid signaling errors in url-basic-auth when password is nil 2023-03-02 14:35:15 +02:00
url-cache.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-cid.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-cookie.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-dav.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-domsuf.el Use more recent public_suffix_list.dat where possible 2023-02-17 22:50:13 +01:00
url-expand.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-file.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-ftp.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-future.el Merge from origin/emacs-29 2023-01-01 05:47:47 -05:00
url-gw.el Make url-gateway-broken-resolution obsolete 2023-09-02 02:37:03 +02:00
url-handlers.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-history.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-http.el Never send user email address in HTTP requests 2023-12-17 10:00:22 +01:00
url-imap.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-irc.el Don't use func-arity to trigger API warning in url-irc 2023-11-12 20:36:32 -08:00
url-ldap.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-mailto.el Don't use mapconcat for effect 2023-04-10 15:20:27 +02:00
url-methods.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-misc.el ; Fix 'make-obsolete-variable' forms 2023-03-18 09:12:12 +02:00
url-news.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-nfs.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-parse.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-privacy.el Never send user email address in HTTP requests 2023-12-17 10:00:22 +01:00
url-proxy.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-queue.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-tramp.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-util.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00
url-vars.el Never send user email address in HTTP requests 2023-12-17 10:00:22 +01:00
url.el ; Add 2023 to copyright years. 2023-01-01 05:31:12 -05:00