| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
rationale: see previous commit
|
| |
|
|
|
|
|
|
| |
The pager already unlinks it, so ideally this should change nothing.
(This was causing buffer processes to core dump on OpenBSD, because I
forgot that I removed unlink promise. Better keep code paths the same
when possible...)
|
| |
|
|
|
|
|
| |
* make Client an instance of Window (for less special casing)
* misc work on Request & fetch
* improve origin comparison (opaque origins of same URLs are now
considered the same)
|
| | |
|
| |
|
|
|
|
|
| |
* add $LOGNAME to the tmp directory name, so that tmpdirs of separate
users don't conflict
* use separate directory for sockets, so that we do not have to give
buffers access to all cached pages
|
| |
|
|
| |
for consistency
|
| |
|
|
|
|
|
|
|
| |
* fix enctype not getting picked up
* fix form data constructor requiring open() syscall (which gets blocked
by our seccomp filter)
* add closing boundary to multipart end
* pass fds instead of path names through WebFile/Blob and send those
through bufwriter/bufreader
|
| | |
|
| |
|
|
|
|
|
| |
* prefix to-be-separated modules with js
* remove dynstreams dependency
* untangle from EmptyPromise
* move typeptr into tojs
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* png: add missing filters, various decoder fixes
* term: fix kitty response interpretation, add support for kitty image
detection
* buffer, pager: initial image display support
Emphasis on "initial"; it only "works" with kitty output and PNG input.
Also, it's excruciatingly slow, and repaints images way too often.
Left undocumented intentionally it for now, until it actually becomes
useful. In the meantime, adventurous users can find out themselves why:
[[siteconf]]
url = "https://.*"
images = true
|
| |
|
|
|
| |
The validator is used only if the decoder is nil, so it must be cleared
in switchCharset.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use libseccomp, which is now a semi-mandatory dependency on Linux.
(You can still build without it, but only if you pass a scary long flag
to make.)
For this to work I had to disable getTimezoneOffset, which would
otherwise call localtime_r which in turn reads in some files from
/usr/share/zoneinfo. To allow this we would have to give unrestricted
openat(2) access to buffer processes, which is unacceptable.
(Giving websites access to the local timezone is a fingerprinting vector
so if this ever gets fixed then it should be an opt-in config setting.)
This patch also includes misc fixes to buffer cloning, and fixes the
LIBEXECDIR override in the makefile so that it is actually useful.
|
| |
|
|
|
|
| |
* separate params with ; (semicolon) instead of , (colon)
* reduce screaming snake case use
* wrap long lines
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's a bad idea for several reasons:
* it's inefficient; must allocate an environment for a closure in Nim,
even though we already have one in JS
* writing macros for automatically creating functions with variadic
arguments is suprisingly difficult (see the entire `js/javascript'
module)
* it never really worked properly, because we never freed the associated
function pointer.
We hardly used it anyway, so the easiest fix is to get rid of it
completely.
|
| |
|
|
|
| |
+ better align attribute-based event handler behavior with other
browsers
|
| |
|
|
|
|
|
|
|
|
|
|
| |
pledge is a bit more fine-grained than Capsicum's capability mode,
so the buffer & http ("network") sandboxes are now split up into
two parts.
I applied the same hack as in FreeBSD for overriding the buffer
selector kqueue, because a) I didn't want to request sysctl promise
b) I'm not sure if it would even work and c) if it breaks on OpenBSD,
then it's broken on FreeBSD too, so there's a greater chance of
discovering the bug.
|
| |
|
|
|
|
|
| |
We must HTML escape data, or the fragment parser will parse plain text
as markup. (However, just running htmlEscape() on data is not enough;
that would also mark <, ', etc. as >, &apos. So we only escape after
the regex is executed.)
|
| |
|
|
|
| |
seems like a good idea, especially because CGI uses stdout as the IPC
mechanism
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It's the sandboxing system of FreeBSD. Quite pleasant to work with.
(Just trying to figure out the basics with this one before tackling the
abomination that is seccomp.)
Indeed, the only non-trivial part was getting newSelector to work with
Capsicum. Long story short it doesn't, so we use an ugly pointer cast +
assignment. But even that is stdlib's "fault", not Capsicum's.
This also gets rid of that ugly SocketPath global.
|
| |
|
|
|
|
|
|
|
|
| |
* fix mismatch between return value & read value that would either crash
or freeze the browser depending on its mood
* add an assertion to detect the above footgun
* fix some resource leaks
* fix iteration over a table that called a function which altered the
table in buffer's cancel()
* if user cancels before anything is loaded, destroy the container too
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
until now, this had very strange (and inconsistent) semantics:
* err() was used for exception propagation, but also as a null value
* Option accepted undefined as a none value, but not null
* Opt and Option were used interchangeably (and mostly randomly)
Now, Result is always used for error reporting, and err(nil) means
JS_EXCEPTION. (Opt is a special case of Result where we don't care about
the error type, and is not used in JS.)
Option on the other hand means "nullable variation of normally
non-nullable type", and translates to JS_NULL. In JS we mainly use
it for turning strings nullable.
|
| | |
|
| |
|
|
|
|
|
|
| |
This way they are no longer compatible, but we no longer need them to
be compatible anyway.
(This also forces us to throw out the old serialize module, and use
packet writers everywhere.)
|
| | |
|
| |
|
|
|
|
|
| |
* fall back to text for unimplemented input types
* add custom prompt to all text-like input types
* show min/max for range
* fix accidental override of repaint
|
| |
|
|
| |
analogous to bufwriter
|
| |
|
|
| |
just for consistency
|
| |
|
|
|
|
|
| |
* send title to pager as soon as it's available
* expose `title' to DOM
* rename undocumented `getTitle' js function to `title' getter in
Container
|
| |
|
|
| |
this is buffer reading from pager
|
| |
|
|
|
| |
Since we know the length of packets, we can also read them in in one
call. Though I really wish we could do this without the StringStream.
|
| |
|
|
| |
Useful when browsing plaintext files; w3m has it too.
|
| |
|
|
| |
seems like it confuses popen()
|
| |
|
|
|
| |
this is unfortunately truncated on Linux, but I don't care enough to
hack around this
|
| |
|
|
|
|
|
|
|
|
| |
Unsurprisingly enough, calling `write` a million times is never going to
be very fast.
BufferedWriter basically does the same thing as serialize.swrite did,
but queues up writes in batches before sending them.
TODO: give sread a similar treatment
|
| |
|
|
|
|
|
|
| |
It was defined in the wrong module, and unnecessarily included
LoaderClientConfig.
Also, referrerPolicy was not being propagated to loader clients because
it was (incorrectly) in BufferConfig instead of LoaderClientConfig.
|
| |
|
|
|
|
|
|
| |
* extern -> gone, runproc absorbed by pager, others moved into io/
* display -> local/ (where else would we display?)
* xhr -> html/
* move out WindowAttributes from term, so we don't depend on local
from server
|
| |
|
|
|
| |
we just treat them as img tags. lazy, but works suprisingly well -- so
long as the server sends us a Content-Type, anyway.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Originally we had several loader processes so that the loader did not
need asynchronity for loading several buffers at once. Since then, the
scope of what loader does has been reduced significantly, and with
that loader has become mostly asynchronous.
This patch finishes the above work as follows:
* We only fork a single loader process for the browser. It is a waste of
resources to do otherwise, and would have made future work on a
download manager very difficult.
* loader becomes (almost) fully async. Now the only sync part is a)
processing commands and b) waiting for clients to consume responses.
b) is a bit more problematic than a), but should not cause problems
unless some other horrible bug exists in a client. (TODO: make it
fully async.)
This gives us a noticable improvement in CSS loading speed, since all
resources can now be queried at once (even before the previous ones
are connected).
* Buffers now only get processes when the *connection* is finished. So
headers, status code, etc. are handled by the client, and the buffer
is forked when the loader starts streaming the response body.
As a result, mailcap entries can simply dup2 the first UNIX domain
socket connection as their stdin. This allows us to remove the ugly
(and slow) `canredir' hack, which required us to send file handles on
a tour accross the entire codebase.
* The "cache" has been reworked somewhat:
- Since canredir is gone, buffer-level requests usually start
in a suspended state, and are explicitly resumed only after
the client could decide whether it wants to cache the response.
- Instead of a flag on Request and the URL as the cache key,
we now use a global counter and the special `cache:' scheme.
* misc fixes: referer_from is now actually respected by buffers (not
just the pager), load info display should work slightly better, etc.
|
| |
|
|
|
|
|
| |
using this API is suffering
(`n' is the last *valid* character ever since the validator API got
fixed, so it must be included in the slice.)
|
| |
|
|
|
|
| |
* put attrs pointer in state
* simplify width()
* use unsigned int as ptint to avoid UB
|
| |
|
|
|
|
|
|
|
| |
Only report when bytesRead has changed, otherwise we get unnecessary
load requests. (This means -2 return value no longer exists; it did
not work correctly anyway.)
Also, fix the race condition that broke onload returns when onload
happened before client requested load.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This is an ancient bug, but it got much easier to trigger with mouse
scrolling support so it's time to fix it.
(The bug itself was that since both the client and buffer ends of the
controlling stream are blocking, they could get stuck when both were
trying to send() data to the other end but the buffer was full. So now
we set the client end to non-blocking.)
|
| | |
|
| |
|
|
|
|
| |
* rename buffer enums
* fix isAscii for char 0x80
* remove dead code from URL
|
| |
|
|
|
|
|
|
| |
reshape must do a render from zero, as it's a last resort for users to
fixup the page on a rendering bug.
switchCharset must reset prevStyled for obvious reasons (it refers to
a dead document).
|