Firefox’s telnet protocol handler in Linux stopped working some time after version 3.0. I manage a network of switches, routers, and other devices with command-line interfaces. Wouldn’t it be nice to be able to click on telnet:// or ssh:// URLs again?
As with most tinkering in firefox, start by typing “about:config” in the location bar. Right click and select “New”, then “Boolean”. Create two entries:
network.protocol-handler.expose.telnet = false network.protocol-handler.expose.ssh = false
Now, click on a telnet or SSH URL, and Firefox will prompt you for the application to use. This application must handle the full URL as an argument. On Linux, the easiest solution is to choose /usr/bin/xdg-open. This will open the user’s preferred terminal, whether that is gnome-terminal, konsole, or xterm. You can use xdg-open to open almost any type of file or URL.
Alternatively, choose /usr/bin/putty, or use a simple script as follows. Edit the last line to call whatever application you prefer.
Update 2010-08-25: don’t use this script. See my next post for a better one.
#!/usr/bin/perl # take URL of form telnet://target:port and call konsole # get protocol and host ($proto,$addr) = split /:\/\//, $ARGV[0]; # convert "host:port" to "host port" (port is optional) $addr =~ s/\:/\ /g; `konsole -e $proto $addr\n`;
A bit of history, for the curious. You may find instructions online stating to create values like these:
network.protocol-handler.app.telnet = "/usr/bin/putty" network.protocol-handler.warn-external.telnet = false
This is the old method, used in releases prior to Firefox 3.5. These settings are now ignored.
-
It’s really hard to write things like this and not allow a maliciously-formed URL to execute arbitrary code. For a simple example, consider the URL (I’ll space it out, just to be sure this isn’t dangerous) “telnet : / / & xterm”. That will launch an extra xterm when clicked, not what the user wants. It is, alas, possible to do pretty much anything, even though there’s a slight limitation that makes it harder, but not impossible, to do the obvious exploits.
(I’ve tried to keep this nonspecific enough not to be a potential exploit itself. A fix could be as easy as a “die if ($addr =~ /[^a-zA-Z0-9. -]/);”, or as complicated as actually making sure target and port are valid.)
Sorry for channelling the resident script kiddy.
-
Philip,
You are quite right. I didn’t consider shell escapes when writing this. The correct thing to do is to modify the url handler script to validate the input before calling the terminal emulator.
-
-
Or you can use this Firefox Add-On that I develop:
https://addons.mozilla.org/fr/firefox/addon/221483/-
That’s a different function – detecting an IP address as text, and defining various sub-menu commands to run. Or does this handle telnet:// URLs too?
Either way, it’s very useful. Thanks!
-
4 comments
Comments feed for this article
Trackback link: http://www.tolaris.com/2010/08/23/enabling-telnet-and-ssh-urls-in-firefox-for-linux/trackback/