"Return non-nil if we trust the contents of the current buffer.
Here, \"trust\" means that we are willing to run code found inside of it.
See also `trusted-content'."
- ;; We compare with `buffer-file-truename' i.s.o `buffer-file-name'
- ;; to try and avoid marking as trusted a file that's merely accessed
- ;; via a symlink that happens to be inside a trusted dir.
(and (not untrusted-content)
(or
(eq trusted-content :all)
(and
- buffer-file-truename
+ (or vc-followed-link buffer-file-name)
(with-demoted-errors "trusted-content-p: %S"
- (let ((exists (file-exists-p buffer-file-truename)))
- (let ((file (abbreviate-file-name buffer-file-truename))
- (trusted nil))
+ (let* ((file (expand-file-name (or vc-followed-link buffer-file-name)))
+ (exists (file-exists-p file)))
+ (catch 'ball
(dolist (tf trusted-content)
- (when (or (if exists (file-equal-p tf file) (equal tf file))
- ;; We don't use `file-in-directory-p' here, because
- ;; we want to err on the conservative side: "guilty
- ;; until proven innocent".
- (and (string-suffix-p "/" tf)
- (string-prefix-p tf file)))
- (setq trusted t)))
- trusted)))))))
+ (let ((ef (expand-file-name tf)))
+ (and
+ (or (if exists (file-equal-p ef file) (equal ef file))
+ ;; We don't use `file-in-directory-p' here,
+ ;; because we want to err on the conservative
+ ;; side: "guilty until proven innocent".
+ (and (string-suffix-p "/" ef)
+ (string-prefix-p ef file)))
+ (throw 'ball t)))))))))))
(defcustom enable-local-eval nil
"Control processing of the \"variable\" `eval' in a file's local variables.
projects / emacs.git / commitdiff