mirrors/emacs
1
Fork 0
mirror of git://git.sv.gnu.org/emacs.git synced 2026-01-12 14:30:42 -08:00
Code Issues Projects Releases Wiki Activity
emacs/doc
History
Stefan Kangas 346e571230 Never send user email address in HTTP requests 
It used to be possible to customize 'url-privacy-level' so that the
user's email address was sent along in HTTP requests.  Since
'url-privacy-level' is also a blocklist, rather than an allowlist,
this meant that a mere misconfiguration of Emacs risked exposing the
user's email address.  This is a serious privacy risk, and it is thus
better if we remove this dangerous feature altogether.

* lisp/url/url-http.el (url-http-create-request): Never send the
user email address.
* lisp/url/url-vars.el (url-personal-mail-address): Make obsolete.
* lisp/url/url-privacy.el (url-setup-privacy-info): Don't set
above obsolete variable.
* doc/misc/url.texi (Customization):
* lisp/url/url-vars.el (url-privacy-level): Update documentation
to reflect the above changes.
2023-12-17 10:00:22 +01:00
..
emacs ; * doc/emacs/android.texi (Android Environment): Fix node name. 2023-12-16 14:38:21 +02:00
lispintro ; Fix typos 2023-12-03 23:31:30 +01:00
lispref Merge branch 'same-frame' 2023-12-16 13:13:23 -05:00
man Merge from origin/emacs-29 2023-11-04 05:21:38 -04:00
misc Never send user email address in HTTP requests 2023-12-17 10:00:22 +01:00