From 8853f6bae27d964420c67e44f97809d3001b6a9d Mon Sep 17 00:00:00 2001 From: Kovid Goyal Date: Fri, 20 Oct 2023 13:37:03 +0530 Subject: [PATCH] Consider \r dangerous without bracketed paste --- kitty/window.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kitty/window.py b/kitty/window.py index e808b4fcd..1abf18aa2 100644 --- a/kitty/window.py +++ b/kitty/window.py @@ -1470,7 +1470,7 @@ class Window: btext = text.encode('utf-8') if 'confirm' in opts.paste_actions: sanitized = sanitize_control_codes(text) - if sanitized != text: + if sanitized != text or (not self.screen.in_bracketed_paste_mode and re.search(r'[\r\n]', text) is not None): msg = _('The text to be pasted contains terminal control codes.\n\nIf the terminal program you are pasting into does not properly' ' sanitize pasted text, this can lead to \x1b[31mcode execution vulnerabilities\x1b[39m.\n\nHow would you like to proceed?') get_boss().choose(