From 5be77ded3a94e0f576ca6033c2eda93eccce7941 Mon Sep 17 00:00:00 2001
From: Mitchell Hashimoto <m@mitchellh.com>
Date: Sun, 29 Dec 2024 08:56:21 -0800
Subject: [PATCH] config: add `title_report` (default false) to configure CSI
 21 t

---
 src/Surface.zig       | 9 ++++++++-
 src/config/Config.zig | 9 +++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/src/Surface.zig b/src/Surface.zig
index eedeb4fb5..053dec3fd 100644
--- a/src/Surface.zig
+++ b/src/Surface.zig
@@ -253,6 +253,7 @@ const DerivedConfig = struct {
     window_padding_right: u32,
     window_padding_balance: bool,
     title: ?[:0]const u8,
+    title_report: bool,
     links: []Link,
 
     const Link = struct {
@@ -313,6 +314,7 @@ const DerivedConfig = struct {
             .window_padding_right = config.@"window-padding-x".bottom_right,
             .window_padding_balance = config.@"window-padding-balance",
             .title = config.title,
+            .title_report = config.@"title-report",
             .links = links,
 
             // Assignments happen sequentially so we have to do this last
@@ -824,7 +826,12 @@ pub fn handleMessage(self: *Surface, msg: Message) !void {
             );
         },
 
-        .report_title => |style| {
+        .report_title => |style| report_title: {
+            if (!self.config.title_report) {
+                log.info("report_title requested, but disabled via config", .{});
+                break :report_title;
+            }
+
             const title: ?[:0]const u8 = self.rt_surface.getTitle();
             const data = switch (style) {
                 .csi_21_t => try std.fmt.allocPrint(
diff --git a/src/config/Config.zig b/src/config/Config.zig
index 25f11cf9c..f2d998aac 100644
--- a/src/config/Config.zig
+++ b/src/config/Config.zig
@@ -1254,6 +1254,15 @@ keybind: Keybinds = .{},
 /// program, not the terminal emulator).
 @"clipboard-paste-bracketed-safe": bool = true,
 
+/// Enables or disabled title reporting (CSI 21 t). This escape sequence
+/// allows the running program to query the terminal title. This is a common
+/// security issue and is disabled by default.
+///
+/// Warning: This can expose sensitive information at best and enable
+/// arbitrary code execution at worst (with a maliciously crafted title
+/// and a minor amount of user interaction).
+@"title-report": bool = false,
+
 /// The total amount of bytes that can be used for image data (i.e. the Kitty
 /// image protocol) per terminal screen. The maximum value is 4,294,967,295
 /// (4GiB). The default is 320MB. If this is set to zero, then all image