Skip to content

Kicksecure/open-link-confirmation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

278 Commits
debian
debian
 
 
etc
etc
 
 
usr
usr
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
COPYING
COPYING
 
 
README.md
README.md
 
 
changelog.upstream
changelog.upstream
 
 

Repository files navigation

confirmation dialog before opening links or files

Provides a safety wrapper for opening URLs or files. Prompts the user for confirmation before launching the associated application, to prevent accidental or unsafe link openings.

Integrates with msgcollector to display graphical confirmation and error dialogs. Uses helper-scripts' sanitize-string to strip potentially malicious Unicode or HTML input, trims displayed addresses to 128 characters, and logs diagnostic information through msgcollector.

Detects execution context:

  • On Kicksecure and Whonix-Workstation systems, links can be opened after explicit confirmation in a supported browser.
  • On Whonix-Gateway (anon-gw-base-files installed), opening of links is blocked for security reasons. Local files are instead opened in the text editor defined by $EDITOR (defaulting to FeatherPad or Mousepad).
  • In Qubes OS Template, integrates with qvm-open-in-dvm for secure link opening in disposable VMs. Handles refusal responses and displays informative error dialogs.
  • When booted in "sysmaint" (system maintenance) mode, link opening is refused to avoid network activity during administrative sessions.

Automatically detects and uses installed browsers such as: brave-browser, chromium, firefox, mullvad-browser, browser-choice, or torbrowser (Whonix starter wrapper). Falls back to x-www-browser if none of the above are available.

Provides infinite recursion protection to prevent self-invocation loops, sets environment variables (OPEN_LINK_CONFIRMATION, OPEN_LINK_CONFIRMATION_COUNTER), and adjusts XDG_CONFIG_DIRS and XDG_DATA_DIRS to register itself as a compliant XDG handler and default $BROWSER.

Designed for security-focused environments such as Kicksecure, Whonix, and Qubes OS.

This package is produced independently of, and carries no guarantee from, The Tor Project.

How to install open-link-confirmation using apt-get

1. Download the APT Signing Key.

wget https://www.kicksecure.com/keys/derivative.asc

Users can check the Signing Key for better security.

2. Add the APT Signing Key.

sudo cp ~/derivative.asc /usr/share/keyrings/derivative.asc

3. Add the derivative repository.

echo "deb [signed-by=/usr/share/keyrings/derivative.asc] https://deb.kicksecure.com trixie main contrib non-free" | sudo tee /etc/apt/sources.list.d/derivative.list

4. Update your package lists.

sudo apt-get update

5. Install open-link-confirmation.

sudo apt-get install open-link-confirmation

How to Build deb Package from Source Code

Can be build using standard Debian package build tools such as:

dpkg-buildpackage -b

See instructions.

NOTE: Replace generic-package with the actual name of this package open-link-confirmation.

Contact

Donate

open-link-confirmation requires donations to stay alive!

About

Asks for confirmation before opening links - For better security. - Asks before a link is (accidentally) opened in a browser to avoid linking activities.

www.kicksecure.com/wiki/imprint

Resources

Readme

License

View license

Contributing

Contributing
Activity
Custom properties

Stars

5 stars

Watchers

3 watching

Forks

7 forks
Report repository

Releases

75 tags

Packages

 
 
 

Contributors

Languages