There is also another escape sequence, OSC 1337, apparently already implemented in iTerm2 [0], which makes iTerm2 open the URL instead of printing it:
The hypothetical new control code is different because it does not display a hyperlink; it directly opens the link using the appropriate system URL handler.
The commit linked there checks host only and not protocol for "always allow". I wonder if that's going to be a problem with some of the more interesting protocols.
iTerm2 has definitely not been designed with security in mind.
It has a massive and rapidly growing attack surface and quite a bit of feature bloat (literally hundreds of "features") - I would not recommend using it over Terminal for anyone security minded.
Joker_vD|1 year ago
lmz|1 year ago
vin10|1 year ago
xvector|1 year ago
It has a massive and rapidly growing attack surface and quite a bit of feature bloat (literally hundreds of "features") - I would not recommend using it over Terminal for anyone security minded.