Bug 146386 - Drop support for FTP
Summary: Drop support for FTP
Status: NEW
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: framework (show other bugs)
Version:
(earliest affected)
unspecified
Hardware: All All
: medium enhancement
Assignee: Not Assigned
URL:
Whiteboard:
Keywords: security
Depends on:
Blocks: Network
  Show dependency treegraph
 
Reported: 2021-12-23 11:21 UTC by Gabor Kelemen (allotropia)
Modified: 2022-06-15 10:18 UTC (History)
6 users (show)

See Also:
Crash report or crash signature:
Regression By:


Attachments
Example file with hyperlink to a public FTP site (12.23 KB, application/vnd.oasis.opendocument.text)
2021-12-23 11:21 UTC, Gabor Kelemen (allotropia)
Details
The example document and Hyperlink dialog in current master (141.48 KB, image/png)
2021-12-23 11:21 UTC, Gabor Kelemen (allotropia)
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Gabor Kelemen (allotropia) 2021-12-23 11:21:00 UTC
Created attachment 177106 [details]
Example file with hyperlink to a public FTP site

Currently creation and opening of FTP hyperlinks is supported in LibreOffice.
Given that this is an inherently insecure protocol, LO should drop support for it in the Hyperlink dialog and the ucp backend[1] as well.

The ODF standard[2] does not require support of this protocol, so that's not a concern.

Recently popular browsers stopped supporting the FTP protocol citing security concerns and low usage of the protocol in browsers [3] [4].

[1] https://cgit.freedesktop.org/libreoffice/core/tree/ucb/source/ucp/ftp
[2] http://docs.oasis-open.org/office/OpenDocument/v1.3/
[3] https://chromestatus.com/feature/6246151319715840
[4] https://blog.mozilla.org/addons/2021/04/15/built-in-ftp-implementation-to-be-removed-in-firefox-90/
Comment 1 Gabor Kelemen (allotropia) 2021-12-23 11:21:35 UTC
Created attachment 177107 [details]
The example document and Hyperlink dialog in current master
Comment 2 Heiko Tietze 2022-01-04 09:03:57 UTC
Caolan, what's your take on this?
Comment 3 Caolán McNamara 2022-01-04 12:52:48 UTC
I don't have any particular opinion here. I don't hold any affection for ftp and it is obscure at this point and one less thing to support sounds good to me. Maybe its worth mentioning it at an ESC (or on the mailing list) so the proposed removal is flagged.
Comment 4 Buovjaga 2022-01-06 13:16:01 UTC
With the same reasoning you could drop HTTP support as it is inherently insecure.

Note what the chrome link says:
"The current FTP implementation in Google Chrome has no support for encrypted connections (FTPS), nor proxies. Usage of FTP in the browser is sufficiently low that it is no longer viable to invest in improving the existing FTP client."

So they just did not want to implement FTPS support.

As we now use curl, couldn't we take advantage of it and only allow FTPS in the ucp stuff? https://everything.curl.dev/ftp/ftps
Comment 5 Heiko Tietze 2022-01-06 15:16:13 UTC
We discussed the proposal at the ESC meeting and there are no concerns to remove the protocol. 

(In reply to Buovjaga from comment #4)
> As we now use curl, couldn't we take advantage of it and only allow FTPS in
> the ucp stuff?

Why invest effort here when it's most likely not used by anyone.
Comment 6 Buovjaga 2022-01-06 16:09:05 UTC
Then announce it as deprecated in 7.3 release notes.
Comment 7 Damian Hofmann 2022-01-06 18:54:37 UTC
Asking as a user (from a user perspective):

What exactly is the problem, if LO supports embedding FTP **links** in documents? As far as I can tell, clicking on such a link will just open an external FTP program, and that only, if one is actually installed on the users computer.

AFAIK, web browsers have only removed the ability to open/view FTP links **directly in the browser**. FTP links (that open in an external application) are still supported.

I'd agree, that LO probably doesn't need the ability to connect to FTP servers itself (if such ability actually exists in LO). But I'd also like to ask: Is it's really the responsibility/job of a word processor to prevent users from embedding links of certain types into their documents? It feels like an artificial limitation. A bit patronizing even. IMHO users should be allowed to embed any type of link they choose.
Comment 8 Mike Kaganski 2022-01-14 08:47:58 UTC
(In reply to Damian Hofmann from comment #7)
> What exactly is the problem, if LO supports embedding FTP **links** in
> documents? As far as I can tell, clicking on such a link will just open an
> external FTP program, and that only, if one is actually installed on the
> users computer.
> ...
> But I'd also like to ask: Is it's really the responsibility/job of a word
> processor to prevent users from embedding links of certain types into their
> documents? It feels like an artificial limitation. A bit patronizing even.
> IMHO users should be allowed to embed any type of link they choose.

I suppose that the wording of the Gabor's proposal is a bit misleading; and also this issue combines several:

1. Remove the "FTP" protocol radiobutton (and hence the whole Protocol section) from the Hyperlink dialog [1]; *assume* HTTP *when user does not provide the schema explicitly* in the URL - but as before, accept any explicitly passed schema.
2. Remove the FTP option from Open Remote/Save Remote [2].
3. Remove the possibility to e.g. link to external data from Calc (like Sheet->Link to External Data [3], or WEBSERVICE spreadsheet function [4]).

Also I suppose that ESC decision was about #2 and #3.

[1] https://help.libreoffice.org/7.3/en-US/text/shared/02/09070100.html?DbPAR=CALC
[2] https://help.libreoffice.org/7.3/en-US/text/shared/guide/cmis-remote-files-setup.html?DbPAR=SHARED#bm_id170820161240508275
[3] https://help.libreoffice.org/7.3/en-US/text/scalc/01/04090000.html?DbPAR=CALC
[4] https://help.libreoffice.org/7.3/en-US/text/scalc/01/func_webservice.html?DbPAR=CALC#bm_id3149012
Comment 9 Damian Hofmann 2022-01-22 12:02:14 UTC
(In reply to Mike Kaganski from comment #8)

I'm sure it will break someones existing workflow if you remove FTP support for external data linking and "Open/Save remove". But I can also see, why FTP shouldn't be used at this point.

Still, I think some users will be caught on the wrong foot, if you just "announce" it deprecated and then remove it. Very few user read the release notes. Maybe consider a multi-step approach:

1. Disable the feature by default, but allow it to be enabled in the settings for some time
1. Show the deprecation notice there in the settings, so that users who depend on these features (and have to re-enable it) can't miss it
1. Remove in a later version

I don't use these features myself, so I'm not personally affected. I'm fine, as long as I can embed links of any protocol in my documents and those links open with the default application, as configured in the OS. I don't even need the "Insert Hyperlink" dialog to assist me. A simple dialog with "link text" and "URL" would be good enough for me.
Comment 10 Buovjaga 2022-02-03 09:01:55 UTC
(In reply to Buovjaga from comment #6)
> Then announce it as deprecated in 7.3 release notes.

We missed this boat, so looks like support can be dropped only with 7.5 release. Is someone going to add a deprecation note for 7.4 or will I do it?

https://wiki.documentfoundation.org/ReleaseNotes/7.4
Comment 11 Caolán McNamara 2022-02-04 17:18:27 UTC
It sounds like a good idea for you to go ahead and add a deprecation note for 7.4 so if someone picks up this task before 7.4 they won't be tripped up by the lack of that, and no great harm if it rolls over.
Comment 12 Buovjaga 2022-02-04 18:06:18 UTC
(In reply to Caolán McNamara from comment #11)
> It sounds like a good idea for you to go ahead and add a deprecation note
> for 7.4 so if someone picks up this task before 7.4 they won't be tripped up
> by the lack of that, and no great harm if it rolls over.

Done.
Comment 13 Buovjaga 2022-06-15 10:18:57 UTC
Master is now 7.5, so dropping FTP support can be done per the polite deprecation notice in 7.4 notes.