IMO Konsole does it right, it's a feature that's disabled by default, and there is an explicit warning next to the option to turn it on that says:
WARNING: This has security implications as it allows malicious URLs
to be shown as another URL or hidden.
Make sure you understand the implications before turning this on.
Then it has an option for you to enter the link schemes you want to enable, like https://, file://, etc
Disaster is perhaps an exaggeration, but it does seem like this would be another environment, where users need to be aware of a different set of safety and usability measures than in the browser. Surely we will see interesting attempts at exploiting it.
Overall, I think the idea is super interesting, especially the ability to encode in the future other context than URLs with it. Whether actually useful, or just gimmicky, remains to be seen.
Trivially, `less` to see README.md of a malicious/compromised open source project. There are perhaps more plausible avenues of exploiting, but this one popped to mind immediately.
Yet such security bugs exist in their multitude. Plenty of internal-only systems are not locked down securely and only thing preventing mass exploitation is browsers CORS settings. But if request is originating from inside the network (as it would from a terminal emulator), then all bets are off.
Granted, on its own, this should be safe. But attacks are usually composed from multiple bugs and/or weaknesses in design. Hence why security folk keep talking about “defence in depth” — ie not to rely on the security of any single facet but instead layering your security just in case any one particular layer does prove to be insufficient.
This is why in my own terminal emulator I implemented hyperlinks via user defined RegEx. The terminal user gets to decide what text becomes click-actionable rather than the attacker.
I actually voiced some concerns with this original hyperlink proposal several years back. In fact lots of developers and security researchers did. And the gist authors response was to delete the replies and turn off comments. Which adds additional concern about this proposal. It follows no process, no feedback, nothing. Just one persons mission to dictate how everyone else’s terminal, and security model, should operate.
So, the approach is identical to <a href="example.com">example</a>.
In contrast, in Plumber [1], we have things like !98—this text opens pull request no. 98 by passing "!98" to the local server, which knows how to interpret it.
Both approaches go one step beyond plain text. However, Plumber’s approach, at least, doesn’t compromise the plain text itself by embedding invisible elements.
This eliminates an entire category of risks by design. With no hidden metadata, accidental clicks are less probable and social engineering attacks, such as UI deception, are impossible.
I've found it nice to have the terminal emulator be able to match text with regexp and upon a click convert it to an external action. For example, I can click Python traceback in terminal and have Emacs go into that exact line in code, or the JIRA issue id and go to the web page.
I wonder though if this is a popular feature. Tilix is under minimal maintenance at the moment, so alternatives would be good to have..
I love these and wish they were used more by command line applications. For instance in GCC, when your terminal supports them, compiler diagnostic flags are clickable and something like "warning: address of local variable ‘a’ returned [-Wreturn-local-addr]" can be clicked to open the GCC documentation for that flag.
This is a classic copy-paste and search function. I admit that your approach is fast but counter that it highlights a failure to make basic functions like copy-paste and search efficient and introduces a whole class of complexity into software design.
Edit: the same applies to diffs generated by /bin/diff. Most of the time, diff strings are unique enough to locate them by plain text searching.
I think CLI code agents (eg. Claude Code) should render the line numbers in their diff view as links, opening that line in your editor of choice.
You can also make your own scheme-handler easily (on Linux at least). I have a `niri://` handler enabling linking to a specific Wayland window. (it has niche usecases :D)
Yes, they do it with the paths inside the `Edit(path/to/file)` tool calls as well. But I have not seen any links using the capability to link to line numbers.
I have found this really useful together with file:// links. If properly set up, you can use this to go to a specific file, line and column in your IDE/editor even. Very useful with custom lint and debug tooling that I have written for my dayjob.
On my second day when I worked at Reddit, I learned by accident that I do not want my terminal to have clickable links.
I was working on image compression, and we had a script where we would render a column with the original image link, and a column with the new compressed image, and a column with the relative percentage of size to PNG, and there would be like 200 rows at a time.
I managed to somehow accidentally click on a link in iTerm, my browser opened, and I discovered what "sounding" [1] is, on a company computer, in the company office.
I saw it, whispered "oh fuck!", and quickly killed my browser. I don't think anyone saw me but I was extremely worried that I was going to get fired on my second day of work for viewing porn on a company computer in front of everyone, even though it was a legitimate accident.
So now I don't want my links to be clickable. If there's a link I'll highlight it and paste it into Firefox manually.
[1] If you do not know what sounding is, I do not recommend you look it up, just know that it's a weird sex thing that I wish I didn't know about and cannot unsee.
In every implementation I've seen, the link only becomes clickable if you hold down a modifier key. By default, the links are just text. Which should make intuitive sense, because otherwise it'd be breaking existing semantics, as it would e.g. make it impossible to highlight the underlying text to copy-and-paste. (Or to send a click event to the underlying PTY-controlling process-group leader when mouse reporting is active.) I presume your "somehow" happened to involve you holding whatever modifier key your terminal emulator required.
Also, sounding isn't a weird sex thing per se; it's a mundane (and somewhat painful) medical procedure. One that some people happen to coincidentally have a kink for, mostly due to the discomfort involved. But "some weird people having a kink for medical procedure X" is true of many/most medical procedures.
> the link only becomes clickable if you hold down a modifier key.
Fun trick not a lot of people know -
In a web browser, links which are normally clickable become UN-clickable if you hold a modifier. On a mac, it's (option). It's helpful if you want to select text inside a large link (or in a button) so you can copy it.
It was iTerm, and yeah I it did require a modifier key.
I had gotten it in my head that the way that you highlight a line in iTerm (and I have no idea where I heard this or why I thought it) was holding command and clicking on the line. It was a mistake I made exactly once.
I am afraid I didn't investigate sounding after I saw the horrifying image; I only learned the name for it after I described the image to someone and they told me what it was; I guess I assumed it was just a weird sex thing, I didn't realize that there was any practical medicine stuff to it.
Yeah, but it’s only browsers that render hyperlinks from untrusted sources…unless you’re saying you often download random executables and then click their hyperlinks?
Overall, I think the idea is super interesting, especially the ability to encode in the future other context than URLs with it. Whether actually useful, or just gimmicky, remains to be seen.
Granted, on its own, this should be safe. But attacks are usually composed from multiple bugs and/or weaknesses in design. Hence why security folk keep talking about “defence in depth” — ie not to rely on the security of any single facet but instead layering your security just in case any one particular layer does prove to be insufficient.
This is why in my own terminal emulator I implemented hyperlinks via user defined RegEx. The terminal user gets to decide what text becomes click-actionable rather than the attacker.
I actually voiced some concerns with this original hyperlink proposal several years back. In fact lots of developers and security researchers did. And the gist authors response was to delete the replies and turn off comments. Which adds additional concern about this proposal. It follows no process, no feedback, nothing. Just one persons mission to dictate how everyone else’s terminal, and security model, should operate.
[0] https://news.ycombinator.com/item?id=43936884
https://web.archive.org/web/20250324071822/https://gist.gith...
In contrast, in Plumber [1], we have things like !98—this text opens pull request no. 98 by passing "!98" to the local server, which knows how to interpret it.
Both approaches go one step beyond plain text. However, Plumber’s approach, at least, doesn’t compromise the plain text itself by embedding invisible elements.
This eliminates an entire category of risks by design. With no hidden metadata, accidental clicks are less probable and social engineering attacks, such as UI deception, are impossible.
[1]: https://p9f.org/sys/doc/plumb.html
I wonder though if this is a popular feature. Tilix is under minimal maintenance at the moment, so alternatives would be good to have..
[1]: https://p9f.org/sys/doc/plumb.html
Edit: the same applies to diffs generated by /bin/diff. Most of the time, diff strings are unique enough to locate them by plain text searching.
You can also make your own scheme-handler easily (on Linux at least). I have a `niri://` handler enabling linking to a specific Wayland window. (it has niche usecases :D)
This guy build a pty "proxy" to linkify Claude Code output: https://www.youtube.com/watch?v=GP5TwKnCzhQ
CC already does this with PR/MR/etc links for example (i.e. #123 is clickable and brings you to issue 123 in the repo it's working on)
https://github.com/anthropics/claude-code/issues/13008
I was working on image compression, and we had a script where we would render a column with the original image link, and a column with the new compressed image, and a column with the relative percentage of size to PNG, and there would be like 200 rows at a time.
I managed to somehow accidentally click on a link in iTerm, my browser opened, and I discovered what "sounding" [1] is, on a company computer, in the company office.
I saw it, whispered "oh fuck!", and quickly killed my browser. I don't think anyone saw me but I was extremely worried that I was going to get fired on my second day of work for viewing porn on a company computer in front of everyone, even though it was a legitimate accident.
So now I don't want my links to be clickable. If there's a link I'll highlight it and paste it into Firefox manually.
[1] If you do not know what sounding is, I do not recommend you look it up, just know that it's a weird sex thing that I wish I didn't know about and cannot unsee.
Also, sounding isn't a weird sex thing per se; it's a mundane (and somewhat painful) medical procedure. One that some people happen to coincidentally have a kink for, mostly due to the discomfort involved. But "some weird people having a kink for medical procedure X" is true of many/most medical procedures.
Fun trick not a lot of people know -
In a web browser, links which are normally clickable become UN-clickable if you hold a modifier. On a mac, it's (option). It's helpful if you want to select text inside a large link (or in a button) so you can copy it.
I had gotten it in my head that the way that you highlight a line in iTerm (and I have no idea where I heard this or why I thought it) was holding command and clicking on the line. It was a mistake I made exactly once.
I am afraid I didn't investigate sounding after I saw the horrifying image; I only learned the name for it after I described the image to someone and they told me what it was; I guess I assumed it was just a weird sex thing, I didn't realize that there was any practical medicine stuff to it.
here's coming from markdown