ndwarshuis
/
org-mode
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

org-babel-confirm-evaluate: better doc and code when using function as 

Thanks to Vladimir Alexiev for submitting this patch

* lisp/ob.el (org-babel-confirm-evaluate): Fix for the case when
  org-confirm-babel-evaluate is a function (used to always ask no matter
  what the function returns).
* doc/org.texi (Code evaluation security): Add example for using a
  function.
This commit is contained in:
Eric Schulte 2010-12-21 09:37:19 -07:00
parent d234a9973b
commit ece347e32c
2 changed files with 17 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
doc/org.texi
View File

@ -12684,9 +12684,20 @@ Make sure you know what you are doing before customizing the variables
which take off the default security brakes.
@defopt org-confirm-babel-evaluate
When set to t user is queried before code block evaluation
When t (the default), the user is asked before every code block evaluation.
When nil, the user is not asked. When set to a function, it is called with
two arguments (language and body of the code block) and should return t to
ask and nil not to ask.
@end defopt
For example, here is how to execute "ditaa" code (which is considered safe)
without asking:
@example
(defun my-org-confirm-babel-evaluate (lang body)
(not (string= lang "ditaa"))) ; don't ask for ditaa
(setq org-confirm-babel-evaluate 'my-org-confirm-babel-evaluate)
@end example
@item Following @code{shell} and @code{elisp} links
Org has two link types that can directly evaluate code (@pxref{External
links}). These links can be problematic because the code to be evaluated is

10
lisp/ob.el
View File

@ -209,11 +209,11 @@ Note disabling confirmation may result in accidental evaluation
of potentially harmful code."
(let* ((eval (or (cdr (assoc :eval (nth 2 info)))
(when (assoc :noeval (nth 2 info)) "no")))
(query (or (equal eval "query")
(if (functionp org-confirm-babel-evaluate)
(funcall org-confirm-babel-evaluate
(nth 0 info) (nth 1 info))
org-confirm-babel-evaluate))))
(query (cond ((equal eval "query") t)
((functionp org-confirm-babel-evaluate)
(funcall org-confirm-babel-evaluate
(nth 0 info) (nth 1 info)))
(t org-confirm-babel-evaluate))))
(if (or (equal eval "never") (equal eval "no")
(and query
(not (yes-or-no-p