| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
pledge is a bit more fine-grained than Capsicum's capability mode,
so the buffer & http ("network") sandboxes are now split up into
two parts.
I applied the same hack as in FreeBSD for overriding the buffer
selector kqueue, because a) I didn't want to request sysctl promise
b) I'm not sure if it would even work and c) if it breaks on OpenBSD,
then it's broken on FreeBSD too, so there's a greater chance of
discovering the bug.
|
| |
|
|
|
|
|
| |
We must HTML escape data, or the fragment parser will parse plain text
as markup. (However, just running htmlEscape() on data is not enough;
that would also mark <, ', etc. as >, &apos. So we only escape after
the regex is executed.)
|
| |
|
|
|
| |
seems like a good idea, especially because CGI uses stdout as the IPC
mechanism
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It's the sandboxing system of FreeBSD. Quite pleasant to work with.
(Just trying to figure out the basics with this one before tackling the
abomination that is seccomp.)
Indeed, the only non-trivial part was getting newSelector to work with
Capsicum. Long story short it doesn't, so we use an ugly pointer cast +
assignment. But even that is stdlib's "fault", not Capsicum's.
This also gets rid of that ugly SocketPath global.
|
| |
|
|
|
|
|
|
|
|
| |
* fix mismatch between return value & read value that would either crash
or freeze the browser depending on its mood
* add an assertion to detect the above footgun
* fix some resource leaks
* fix iteration over a table that called a function which altered the
table in buffer's cancel()
* if user cancels before anything is loaded, destroy the container too
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
until now, this had very strange (and inconsistent) semantics:
* err() was used for exception propagation, but also as a null value
* Option accepted undefined as a none value, but not null
* Opt and Option were used interchangeably (and mostly randomly)
Now, Result is always used for error reporting, and err(nil) means
JS_EXCEPTION. (Opt is a special case of Result where we don't care about
the error type, and is not used in JS.)
Option on the other hand means "nullable variation of normally
non-nullable type", and translates to JS_NULL. In JS we mainly use
it for turning strings nullable.
|
| | |
|
| |
|
|
|
|
|
|
| |
This way they are no longer compatible, but we no longer need them to
be compatible anyway.
(This also forces us to throw out the old serialize module, and use
packet writers everywhere.)
|
| | |
|
| |
|
|
|
|
|
| |
* fall back to text for unimplemented input types
* add custom prompt to all text-like input types
* show min/max for range
* fix accidental override of repaint
|
| |
|
|
| |
analogous to bufwriter
|
| |
|
|
| |
just for consistency
|
| |
|
|
|
|
|
| |
* send title to pager as soon as it's available
* expose `title' to DOM
* rename undocumented `getTitle' js function to `title' getter in
Container
|
| |
|
|
| |
this is buffer reading from pager
|
| |
|
|
|
| |
Since we know the length of packets, we can also read them in in one
call. Though I really wish we could do this without the StringStream.
|
| |
|
|
| |
Useful when browsing plaintext files; w3m has it too.
|
| |
|
|
| |
seems like it confuses popen()
|
| |
|
|
|
| |
this is unfortunately truncated on Linux, but I don't care enough to
hack around this
|
| |
|
|
|
|
|
|
|
|
| |
Unsurprisingly enough, calling `write` a million times is never going to
be very fast.
BufferedWriter basically does the same thing as serialize.swrite did,
but queues up writes in batches before sending them.
TODO: give sread a similar treatment
|
| |
|
|
|
|
|
|
| |
It was defined in the wrong module, and unnecessarily included
LoaderClientConfig.
Also, referrerPolicy was not being propagated to loader clients because
it was (incorrectly) in BufferConfig instead of LoaderClientConfig.
|
| |
|
|
|
|
|
|
| |
* extern -> gone, runproc absorbed by pager, others moved into io/
* display -> local/ (where else would we display?)
* xhr -> html/
* move out WindowAttributes from term, so we don't depend on local
from server
|
| |
|
|
|
| |
we just treat them as img tags. lazy, but works suprisingly well -- so
long as the server sends us a Content-Type, anyway.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Originally we had several loader processes so that the loader did not
need asynchronity for loading several buffers at once. Since then, the
scope of what loader does has been reduced significantly, and with
that loader has become mostly asynchronous.
This patch finishes the above work as follows:
* We only fork a single loader process for the browser. It is a waste of
resources to do otherwise, and would have made future work on a
download manager very difficult.
* loader becomes (almost) fully async. Now the only sync part is a)
processing commands and b) waiting for clients to consume responses.
b) is a bit more problematic than a), but should not cause problems
unless some other horrible bug exists in a client. (TODO: make it
fully async.)
This gives us a noticable improvement in CSS loading speed, since all
resources can now be queried at once (even before the previous ones
are connected).
* Buffers now only get processes when the *connection* is finished. So
headers, status code, etc. are handled by the client, and the buffer
is forked when the loader starts streaming the response body.
As a result, mailcap entries can simply dup2 the first UNIX domain
socket connection as their stdin. This allows us to remove the ugly
(and slow) `canredir' hack, which required us to send file handles on
a tour accross the entire codebase.
* The "cache" has been reworked somewhat:
- Since canredir is gone, buffer-level requests usually start
in a suspended state, and are explicitly resumed only after
the client could decide whether it wants to cache the response.
- Instead of a flag on Request and the URL as the cache key,
we now use a global counter and the special `cache:' scheme.
* misc fixes: referer_from is now actually respected by buffers (not
just the pager), load info display should work slightly better, etc.
|
| |
|
|
|
|
|
| |
using this API is suffering
(`n' is the last *valid* character ever since the validator API got
fixed, so it must be included in the slice.)
|
| |
|
|
|
|
| |
* put attrs pointer in state
* simplify width()
* use unsigned int as ptint to avoid UB
|
| |
|
|
|
|
|
|
|
| |
Only report when bytesRead has changed, otherwise we get unnecessary
load requests. (This means -2 return value no longer exists; it did
not work correctly anyway.)
Also, fix the race condition that broke onload returns when onload
happened before client requested load.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This is an ancient bug, but it got much easier to trigger with mouse
scrolling support so it's time to fix it.
(The bug itself was that since both the client and buffer ends of the
controlling stream are blocking, they could get stuck when both were
trying to send() data to the other end but the buffer was full. So now
we set the client end to non-blocking.)
|
| | |
|
| |
|
|
|
|
| |
* rename buffer enums
* fix isAscii for char 0x80
* remove dead code from URL
|
| |
|
|
|
|
|
|
| |
reshape must do a render from zero, as it's a last resort for users to
fixup the page on a rendering bug.
switchCharset must reset prevStyled for obvious reasons (it refers to
a dead document).
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* reduce onload result size to a single int
* clean up mess that was the container onload handler
This fixes automatic refresh in console. Before, the client would
only request a screen update after receiving the number of bytes read,
but before the screen was actually reshaped (which obviously resulted
in a race condition). Now, "I've reshaped the document" is a separate
response (and is the only occasion where the screen is updated before
the final render).
|
| |
|
|
|
|
|
|
|
| |
Some terminal emulators (AKA vte) refuse to set ws_xpixel and ws_ypixel
in the TIOCGWINSZ ioctl, so we now query for CSI 14 t as well. (Also CSI
18 t for good measure, just in case we can't ioctl for some reason.)
Also added some fallback (optionally forced) config values for width,
height, ppc, and ppl. (This is especially useful in dump mode.)
|
| |
|
|
|
| |
`confidence' becomes ccCertain when PRES_STOP is returned, so asserting
the opposite is incorrect (and was resulting in crashes).
|
| |
|
|
|
|
|
|
| |
Cache mailcap entry output too, then delete it when the buffer can no
longer read from it.
(Maybe it would be useful to instead preserve it and allow viewSource
for HTML output too? Hmm.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Handling text/plain as ANSI colored text was problematic for two
reasons:
* You couldn't actually look at the real source of HTML pages or text
files that used ANSI colors in the source. In general, I only want
ANSI colors when piping something into my pager, not when viewing any
random file.
* More importantly, it introduced a separate rendering mode for
plaintext documents, which resulted in the problem that only some
buffers had DOMs. This made it impossible to add functionality
that would operate on the buffer's DOM, to e.g. implement w3m's
MARK_URL. Also, it locked us into the horribly inefficient line-based
rendering model of entire documents.
Now we solve the problem in two separate parts:
* text/x-ansi is used automatically for documents received through
stdin. A text/x-ansi handler ansi2html converts ANSI formatting to
HTML. text/x-ansi is also used for .ans, .asc file extensions.
* text/plain is a separate input mode in buffer, which places all text
in a single <plaintext> tag. Crucially, this does not invoke the HTML
parser; that would eat NUL characters, which we should avoid.
One blind spot still remains: copiousoutput used to display ANSI colors,
and now it doesn't. To solve this, users can put the x-ansioutput
extension field to their mailcap entries, which behaves like
x-htmloutput except it first pipes the output into ansi2html.
|
| |
|
|
|
|
| |
* cancel resources on cancel() call
* call _exit in signal handler (also in loader)
* misc cleanups
|
| |
|
|
|
|
|
|
|
|
| |
Aside from being a wrapper of Request, it was just storing the -I
charset, except even that didn't actually work. Whoops.
This fixes -I effectively not doing anything; now it's a forced override
that even disables BOM sniffing. (If the user wants to decode a file
using a certain encoding, it seems wise to assume that they really
meant it.)
|
| |
|
|
|
|
|
|
|
|
| |
This fixes a bug where setContentType would call setHTML twice, which
messed up charsets and probably a couple more things. As a bonus, it
allows us to pass around the content type less.
In fact, buffer does not have to know its exact content type, just
whether it is in HTML mode or not. So that's all we tell it now;
only container still keeps track of the content type (as it should).
|
| |
|
|
|
|
| |
The API is horrid :( but at least it copies less.
TODO: think of a better API.
|
| |
|
|
|
| |
source.request.url is not used after buffer initialization (because it
may be replaced later), so we must set buffer.url instead.
|
| |
|
|
|
|
| |
This is required by the standard. (Without this, lots of websites have
incorrect background colors, because they set the body height to 100%
of the viewport.)
|
| |
|
|
|
|
|
|
| |
* disallow Stream interface usage on non-blocking PosixStreams
* do not read estream of forkserver byte-by-byte (it's slow)
* do not call writeData with a zero len in formdata
* do not quote numbers in mailcap quoteFile
* remove some unused stuff
|
| | |
|
| |
|
|
|
| |
readFromFd replacing the base URL of the buffer turns out to be a very
bad idea.
|
| |
|
|
|
| |
Speeds up processing of pretty much all documents, because we rarely
need to switch the charset after having downloaded the first chunk.
|
| | |
|
| |
|
|
|
|
|
|
| |
* factor out pushBuffer to make loadFromCache async
* fix incorrect cache path
* replace rewind with loadFromCache (it does the same thing except
actually works)
* remove rewindImpl callback, rewind in buffer instead
|