| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
ok we block if:
* method is not GET
* scheme is different
* it is not the case that both the current and the target schemes are
http/s
|
| |
|
|
| |
bleh
|
| |
|
|
| |
the Option setup hasn't made much sense for a long time now
|
| | |
|
| |
|
|
| |
naturally, it's opt-in
|
| |
|
|
|
|
| |
* refactor form submission
* add options to specify form handling per protocol
* block cross-protocol POST requests
|
| |
|
|
| |
Operation "modularize Chawan somewhat" part 3
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous solution had the issue that it switched between "delete
buffer, then move back" and "delete buffer, then move forward" depending
on whether the buffer was the root of the buffer tree, which made its
behavior quite unpredictable.
Now the pager (sort of) remembers the direction you are coming from,
and D moves in that direction. So e.g.:
* Enter, D just moves back to where you were coming from (as before)
* Comma, D deletes the previous buffer, then returns to the current
buffer
If no buffer exists in the target direction, then we alert.
Also, new commands are: `d,' `d.'. They do the same thing the
non-d-prefixed variations do, but also delete the current buffer. Useful
if you're no longer sure where you are coming from, but know where you
want to go. (`d,' in particular is equivalent to w3m's `B'.)
|
| |
|
|
|
| |
This is not a perfect solution, but it's still better than not being
able to double click on CJK links correctly.
|
| |
|
|
|
|
|
| |
* make Client an instance of Window (for less special casing)
* misc work on Request & fetch
* improve origin comparison (opaque origins of same URLs are now
considered the same)
|
| |
|
|
|
|
|
| |
* add $LOGNAME to the tmp directory name, so that tmpdirs of separate
users don't conflict
* use separate directory for sockets, so that we do not have to give
buffers access to all cached pages
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* fix enctype not getting picked up
* fix form data constructor requiring open() syscall (which gets blocked
by our seccomp filter)
* add closing boundary to multipart end
* pass fds instead of path names through WebFile/Blob and send those
through bufwriter/bufreader
|
| |
|
|
|
|
| |
* use EDITOR environment variable in default config, fix line number
ordering in fallback
* autodetect vi-like editors and add line number
|
| |
|
|
|
|
|
| |
* Replaced the `pcanvas' comparison with a much simpler tracking of
the first damaged cell in writeGrid, which is significantly faster.
* Removed emulate-overline: it's of too little utility compared to the
maintenance burden it caused.
|
| |
|
|
|
|
| |
Use a LUContext to only load required CharRanges once per pager.
Also, add kana & hangul vi word break categories for convenience.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of using the built-in (and outdated, and buggy) tables, we now
use libunicode from QJS. This shaves some bytes off the executable,
though far less than I had imagined it would.
Also, a surprising effect of this change: because libunicode's tables
aren't glitched out, kanji properly gets classified as alpha. I found
this greatly annoying because `w' in Japanese text would now jump
through whole sentences. As a band-aid solution I added an extra
Han category, but I wish we had a more robust solution that could
differentiate between *all* scripts.
TODO: I suspect that separately loading the tables for every rune in
breaksViWordCat is rather inefficient. Using some context object (at
least per operation) would probably be beneficial.
|
| |
|
|
|
|
|
| |
* prefix to-be-separated modules with js
* remove dynstreams dependency
* untangle from EmptyPromise
* move typeptr into tojs
|
| |
|
|
|
|
|
|
|
| |
* resolve empty promises without params, not a single undefined param
(we can't just unsafeAddr constants on 1.6.14, and I don't see why we
need to pass undefined?)
* same in client with InternalError
* explicitly convert static `asglobal' to bool (1.6.14 turns unquoted
enums into ints...)
|
| |
|
|
| |
no point in having identical overloads
|
| |
|
|
|
|
|
| |
* unwind the QJS stack with an uncatchable exception when quit is called
* clean up JS references in JSRuntime free even when the Nim
counterparts are still alive
* simplify some tests
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously we didn't actually free the main JS runtime, probably because
you can't do this without first waiting for JS to unwind the stack.
(This has the unfortunate effect that code now *can* run after quit().
TODO: find a fix for this.)
This isn't a huge problem per se, we only have one of these and the OS
can clean it up. However, it also disabled the JS_FreeRuntime leak
check, which resulted in sieve-like behavior (manual refcounting is
a pain).
So now we choose the other tradeoff: quit no longer runs exitnow, but
it waits for the event loop to run to the end and only then exits the
browser. Then, before exit we free the JS context & runtime, and also
all JS values allocated by config.
Fixes:
* fix `ad' flag not being set for just one siteconf/omnirule
* fix various leaks (since leak check is enabled now)
* use ptr UncheckedArray[JSValue] for QJS bindings that take an array
* allow JSAtom in jsgetprop etc., also disallow int types other than
uint32
* do not set a destructor for globals
|
| |
|
|
|
|
| |
Instead of the error-prone method of selectively applying config values
only for non-initial requests, add a separate (privileged) loader
command which allows specifying a different client config.
|
| |
|
|
|
|
|
| |
Equivalent to curl --insecure.
Note: unfortunately this does not help if the server is using unsafe
legacy renegotiation, you have to allow that in the OpenSSL config.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* blend bgcolor with cell color
* do not round up to 6
We don't use the sixel transparency feature because it's useless: sixel
transparency (AFAICT) only lets us respect alpha == 0, but we should
either respect *all* alpha, or no alpha at all.
Since we do color blending, we *do* respect all alpha, but only of
background color. This sadly means that text under images gets
destroyed, but at least transparent images don't look like garbage.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Unsigned operations and conversions to unsigned types always wrap/narrow
without checks, so no need to manually mask/cast/etc. them.
|
| |
|
|
| |
the status line can't have images, so this should work
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* png: add missing filters, various decoder fixes
* term: fix kitty response interpretation, add support for kitty image
detection
* buffer, pager: initial image display support
Emphasis on "initial"; it only "works" with kitty output and PNG input.
Also, it's excruciatingly slow, and repaints images way too often.
Left undocumented intentionally it for now, until it actually becomes
useful. In the meantime, adventurous users can find out themselves why:
[[siteconf]]
url = "https://.*"
images = true
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use libseccomp, which is now a semi-mandatory dependency on Linux.
(You can still build without it, but only if you pass a scary long flag
to make.)
For this to work I had to disable getTimezoneOffset, which would
otherwise call localtime_r which in turn reads in some files from
/usr/share/zoneinfo. To allow this we would have to give unrestricted
openat(2) access to buffer processes, which is unacceptable.
(Giving websites access to the local timezone is a fingerprinting vector
so if this ever gets fixed then it should be an opt-in config setting.)
This patch also includes misc fixes to buffer cloning, and fixes the
LIBEXECDIR override in the makefile so that it is actually useful.
|
| |
|
|
|
|
| |
* separate params with ; (semicolon) instead of , (colon)
* reduce screaming snake case use
* wrap long lines
|
| |
|
|
|
|
|
|
|
| |
It is quite straightforward, because XTerm has a functionality to do
just this.
(In fact, it automatically restores the title when I use smcup/rmcup.
But when I don't, it will linger until I close the window or change the
title again.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's a bad idea for several reasons:
* it's inefficient; must allocate an environment for a closure in Nim,
even though we already have one in JS
* writing macros for automatically creating functions with variadic
arguments is suprisingly difficult (see the entire `js/javascript'
module)
* it never really worked properly, because we never freed the associated
function pointer.
We hardly used it anyway, so the easiest fix is to get rid of it
completely.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is broken in w3m too, so we take nvi behavior instead. Also, we now
consistently complain when the user tries to search for an empty string
instead of just occasionally spitting out "invalid regex" alerts.
(In w3m, /search^M/^M just jumps to the first search result with
ISEARCH. In nvi, it jumps to the second one with both searchincr on
and off.
w3m only produces the latter behavior with regular search, which is I
assume why I made it work this way, but it's still inconsistent for no
good reason.)
|
| |
|
|
|
|
|
|
|
| |
For some reason, halfPageDown decremented height instead of incrementing
it, which caused some rather weird behavior where halfPageUp +
halfPageDown would put the cursor in a different position than it was
before.
Also, we must increment *before* dividing to mimic vi behavior properly.
|
| | |
|
| |
|
|
|
|
|
| |
* URI-decode path name for local files in default config
* (ab)use mailcap command quoting for passing params to editor command
instead of replicating it badly in formatEditorName
* rename mailcap enums
|
| | |
|
| | |
|
| |
|
|
|
| |
seems like a good idea, especially because CGI uses stdout as the IPC
mechanism
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It's the sandboxing system of FreeBSD. Quite pleasant to work with.
(Just trying to figure out the basics with this one before tackling the
abomination that is seccomp.)
Indeed, the only non-trivial part was getting newSelector to work with
Capsicum. Long story short it doesn't, so we use an ugly pointer cast +
assignment. But even that is stdlib's "fault", not Capsicum's.
This also gets rid of that ugly SocketPath global.
|
| |
|
|
|
| |
some terminals (alacritty) don't support XTGETTCAP and don't even
respond with ANSI color support to DA1, so just fall back to termcap.
|