## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@kicksecure.com>
## See the file COPYING for copying conditions.

Source: open-link-confirmation
Section: misc
Priority: optional
Maintainer: Patrick Schleizer <adrelanos@kicksecure.com>
Build-Depends: debhelper (>= 13), debhelper-compat (= 13)
Homepage: https://github.com/Kicksecure/open-link-confirmation
Vcs-Browser: https://github.com/Kicksecure/open-link-confirmation
Vcs-Git: https://github.com/Kicksecure/open-link-confirmation.git
Standards-Version: 4.7.2
Rules-Requires-Root: no

Package: open-link-confirmation
Architecture: all
Depends: sensible-utils, icon-pack-dist,
 msgcollector, xdg-utils, ${misc:Depends}
Recommends: tb-starter, tb-updater
Breaks: tb-default-browser (<< 3:7.5-1)
Replaces: tb-default-browser (<< 3:7.5-1)
Description: confirmation dialog before opening links or files
 Provides a safety wrapper for opening URLs or files. Prompts the user for
 confirmation before launching the associated application, to prevent
 accidental or unsafe link openings.
 .
 Integrates with msgcollector to display graphical confirmation and error
 dialogs. Uses helper-scripts' sanitize-string to strip potentially malicious
 Unicode or HTML input, trims displayed addresses to 128 characters, and logs
 diagnostic information through msgcollector.
 .
 Detects execution context:
  * On Kicksecure and Whonix-Workstation systems, links can be opened after
    explicit confirmation in a supported browser.
  * On Whonix-Gateway (anon-gw-base-files installed), opening of links is
    blocked for security reasons. Local files are instead opened in the text
    editor defined by $EDITOR (defaulting to FeatherPad or Mousepad).
  * In Qubes OS Template, integrates with qvm-open-in-dvm for secure link
    opening in disposable VMs. Handles refusal responses and displays
    informative error dialogs.
  * When booted in "sysmaint" (system maintenance) mode, link opening is
    refused to avoid network activity during administrative sessions.
 .
 Automatically detects and uses installed browsers such as:
  brave-browser, chromium, firefox, mullvad-browser, browser-choice,
  or torbrowser (Whonix starter wrapper). Falls back to x-www-browser if
  none of the above are available.
 .
 Provides infinite recursion protection to prevent self-invocation loops,
 sets environment variables (OPEN_LINK_CONFIRMATION,
 OPEN_LINK_CONFIRMATION_COUNTER), and adjusts XDG_CONFIG_DIRS and
 XDG_DATA_DIRS to register itself as a compliant XDG handler and default
 $BROWSER.
 .
 Designed for security-focused environments such as Kicksecure, Whonix,
 and Qubes OS.
 .
 This package is produced independently of, and carries no guarantee from,
 The Tor Project.

Package: tb-default-browser
Architecture: all
Depends: open-link-confirmation, ${misc:Depends}
Section: oldlibs
Description: transitional package
 This is a transitional package. It can safely be removed.
