diff --git a/kitty/options/definition.py b/kitty/options/definition.py index 4f3960d19..663424a7d 100644 --- a/kitty/options/definition.py +++ b/kitty/options/definition.py @@ -552,6 +552,10 @@ The supported paste actions are: :code:`quote-urls-at-prompt`: If the text being pasted is a URL and the cursor is at a shell prompt, automatically quote the URL (needs :opt:`shell_integration`). +:code:`replace-dangerous-control-codes` + Replace dangerous control codes from pasted text, without confirmation. +:code:`replace-newline` + Replace the newline character from pasted text, without confirmation. :code:`confirm`: Confirm the paste if the text to be pasted contains any terminal control codes as this can be dangerous, leading to code execution if the shell/program running diff --git a/kitty/options/utils.py b/kitty/options/utils.py index d03d96486..db9468b75 100644 --- a/kitty/options/utils.py +++ b/kitty/options/utils.py @@ -911,11 +911,11 @@ def shell_integration(x: str) -> FrozenSet[str]: def paste_actions(x: str) -> FrozenSet[str]: - s = frozenset({'quote-urls-at-prompt', 'confirm', 'filter', 'confirm-if-large'}) + s = frozenset({'quote-urls-at-prompt', 'confirm', 'filter', 'confirm-if-large', 'replace-dangerous-control-codes', 'replace-newline'}) q = frozenset(x.lower().split(',')) if not q.issubset(s): log_error(f'Invalid paste actions: {q - s}, ignoring') - return q & s or frozenset({'invalid'}) + return (q & s) or frozenset({'invalid'}) return q diff --git a/kitty/window.py b/kitty/window.py index f8747e9d0..ca560a658 100644 --- a/kitty/window.py +++ b/kitty/window.py @@ -1509,6 +1509,10 @@ class Window: if rest.startswith('//') or scheme in ('mailto', 'irc'): import shlex text = shlex.quote(text) + if 'replace-dangerous-control-codes' in opts.paste_actions: + text = replace_control_codes(text) + if 'replace-newline' in opts.paste_actions: + text = text.replace('\n', '\x1bE') btext = text.encode('utf-8') if 'confirm' in opts.paste_actions: sanitized = replace_control_codes(text)