Firefox asking for permission every time

[real-or-random]

Like #68 but for Firefox.

Workaround is to set security.external_protocol_requires_permission to false but it would be nice if there was a way to make sure URIs opened by the extension do not trigger the warning.

[japhir]

I've encountered the same issue, thanks for mentioning the workaround! :)

[wehlutyk]

Also had the same issue, thanks for the workaround!

As mentioned on this reddit thread, it does sound like a security hole, so it would be nice to have a per-protocol setting.

[wehlutyk]

Service-specific config is now possible: https://www.reddit.com/r/firefox/comments/wyf15e/how_to_disable_allow_this_site_to_open_protocol/

[sprig]

It's not a security hole but rather a security feature, as one would not normally want pages/extensions to be able to send arbitrary URLs to the OS, which could potentially execute arbitrary code (especially in emacs). As far as I know there is no permission API that would allow one to disable the confirmation and rather needs to be set from the user end.

To expand on @wehlutyk's link, it looks like it might be possible to do this from the user-end in firefox by going to about:config and adding a setting for network.protocol-handler.external.org-protocol;

However, at least in my case firefox complains of failure to capture after enabling this (although the capture actually is successful and proceeds with no confirmation dialog). However note that this would potentially allow arbitrary sites to send org-protocol links to emacs, and although likely extremely niche, I would still be weary of the security implications of this.