git.eshelyaron.com Git - emacs.git/commit

author	Stefan Kangas <stefankangas@gmail.com>
	Sun, 17 Dec 2023 08:45:05 +0000 (09:45 +0100)
committer	Eshel Yaron <me@eshelyaron.com>
	Thu, 21 Dec 2023 20:52:36 +0000 (21:52 +0100)
commit	1eb8c0624728ea06b8046568beb2be726935716d
tree	eafab0726c9926ef36378e11cc2cb1ba5f3d34d1	tree \| snapshot
parent	45229545d8d4dc17477949d8eeb9b2a8b3ddf46d	commit \| diff

Never send user email address in HTTP requests

It used to be possible to customize 'url-privacy-level' so that the
user's email address was sent along in HTTP requests. Since
'url-privacy-level' is also a blocklist, rather than an allowlist,
this meant that a mere misconfiguration of Emacs risked exposing the
user's email address. This is a serious privacy risk, and it is thus
better if we remove this dangerous feature altogether.

* lisp/url/url-http.el (url-http-create-request): Never send the
user email address.
* lisp/url/url-vars.el (url-personal-mail-address): Make obsolete.
* lisp/url/url-privacy.el (url-setup-privacy-info): Don't set
above obsolete variable.
* doc/misc/url.texi (Customization):
* lisp/url/url-vars.el (url-privacy-level): Update documentation
to reflect the above changes.

(cherry picked from commit 346e5712304e66bb1b52387115b89d1966cf184b)

doc/misc/url.texi		diff \| blob \| history
etc/NEWS		diff \| blob \| history
lisp/url/url-http.el		diff \| blob \| history
lisp/url/url-privacy.el		diff \| blob \| history
lisp/url/url-vars.el		diff \| blob \| history