about summary refs log tree commit diff stats
path: root/src/utils
Commit message (Collapse)AuthorAgeFilesLines
* sandbox: allow futex in network/buffer sandboxbptato2024-09-061-1/+2
| | | | | WSL needs it. It was already allowed on Android, so this just makes the sandboxes converge a little.
* twtstr: type erase binarySearch instantiationbptato2024-09-062-33/+43
| | | | | | | | Do it like parseEnumNoCase0, so we no longer instantiate a gazillion different binary searches for the same type. While we're at it, make matchNameProduction's searchInMap use uint32 too.
* sixel, stbi, sandbox: fix fstat sandbox violationbptato2024-09-041-2/+23
| | | | | | | Until recently, glibc used to implement it as fstatat. So don't trap for fstatat (and for consistency, fstat), but return EPERM. Just to be sure, rewrite sixel & stbi to never call fread.
* xhr: progressbptato2024-08-131-0/+2
| | | | | | | | | | | | | * fix header case sensitivity issues -> probably still wrong as it discards the original casing. better than nothing, anyway * fix fulfill on generic promises * support standard open() async parameter weirdness * refactor loader response body reading (so bodyRead is no longer mandatory) * actually read response body still missing: response body getters
* dom: remove generic JS bindingsbptato2024-08-111-2/+1
| | | | Dispatch manually with fromJS instead.
* dom: fix crash on wrong image content typebptato2024-08-111-0/+3
| | | | + slightly optimize getContentType
* twtstr: don't cast in parseEnumbptato2024-08-091-2/+2
| | | | Nim 1.6 does not like it.
* sandbox: allow ugetrlimitbptato2024-08-091-0/+1
| | | | called on armhf
* Update monouchabptato2024-08-091-6/+5
|
* endians: removebptato2024-08-031-39/+0
| | | | was only used by the PNG decoder which got replaced by stbi
* cssvalues, twtstr, mediaquery: refactor & fixesbptato2024-08-021-28/+25
| | | | | | | * cssvalues, twtstr: unify enum parsing code paths, parse enums by bisearch instead of hash tables * mediaquery: refactor (long overdue), fix range comparison syntax parsing, make ident comparisons case-insensitive (as they should be)
* twtstr: fix startsWithIgnoreCasebptato2024-07-291-2/+2
|
* buffer, pager, config: add meta-refresh + misc fixesbptato2024-07-281-18/+12
| | | | | | | | | * buffer, pager, config: add meta-refresh value, which makes it possible to follow http-equiv=refresh META tags. * config: clean up redundant format mode parser * timeout: accept varargs for params to pass on to functions * pager: add "options" dict to JS gotoURL * twtstr: remove redundant startsWithNoCase
* url: misc fixes & improvementsbptato2024-07-241-25/+13
| | | | | | * fix various parsing bugs * rewrite state machine * other small optimizations
* client, sandbox: fix termux buildbptato2024-07-241-3/+51
| | | | | Still not perfect, because it crashes on missing /tmp dir so you have to manually set it...
* html: event cleanup, XHR progressbptato2024-07-181-0/+27
|
* luwrap: use lre_is_spacebptato2024-07-181-2/+1
|
* config: support smart casebptato2024-07-161-5/+18
| | | | and enable it by default.
* fix compilation on 2.0.8bptato2024-07-101-0/+1
|
* main: misc improvementsbptato2024-07-051-3/+20
|
* pager: PNGify kitty images, clear images on buffer switchbptato2024-07-021-1/+1
| | | | | | | | | | | Saves bandwidth; it's especially useful over SSH. Still not sure if this is the right solution, since it now needs two select cycles instead of one, and it does yet another copy of the image. (Unnecessarily, because stbi cannot stream its output, and stbiw cannot stream its input.) Also, to save memory, we now discard decoded images of buffers that are not being viewed.
* img, loader: add image resizing, misc fixesbptato2024-06-281-0/+2
| | | | | | | | | | | | | | | * resize images with stb_image_resize * use tee for output handle redirection (redirectToFile blocks) * cache original image files * accept lseek in sandbox * misc stbi fixes For now, I just pulled in stb_image_resize v1. v2 is an extra 150K in size, not sure if it's worth the cost. (Either way, we can always switch later if needed, since the API is almost the same.) Next step: move sixel/kitty encoders to CGI, and cache their output in memory instead of the intermediate RGBA representation.
* img: use stb_image, drop zlib as dependencybptato2024-06-201-2/+3
| | | | | | | Now we have decoders for gif, jpeg, bmp. Also, the in-house PNG decoder has been replaced in favor of the stbi implementation; this means we no longer depend on zlib, since stbi comes with a built in inflate implementation.
* img, loader: separate out png codec into cgi, misc improvementsbptato2024-06-201-0/+3
| | | | | | | | | | | | | | | * multi-processed and sandboxed PNG decoding & encoding (through local CGI) * improved request body passing (including support for output id as response body) * simplified & faster blob()/text() - now every request starts suspended, and OngoingData.buf has been replaced with loader's buffering capability * image caching: we no longer pull bitmaps from the container after every single getLines call Next steps: replace our bespoke PNG decoder with something more usable, add other decoders, and make them stream.
* Move JS wrapper into Monouchabptato2024-06-032-2/+67
| | | | Operation "modularize Chawan somewhat" part 3
* twtstr: fix overflow checkbptato2024-05-211-2/+2
|
* sandbox: add sigreturnbptato2024-05-211-0/+2
| | | | seems to get called for signal handlers
* html: improve Request, derive Client from Windowbptato2024-05-201-8/+8
| | | | | | | * make Client an instance of Window (for less special casing) * misc work on Request & fetch * improve origin comparison (opaque origins of same URLs are now considered the same)
* forkserver: simplify fcLoadConfigbptato2024-05-181-3/+1
|
* config: separate tmp dir for sockets, usersbptato2024-05-161-2/+0
| | | | | | | * add $LOGNAME to the tmp directory name, so that tmpdirs of separate users don't conflict * use separate directory for sockets, so that we do not have to give buffers access to all cached pages
* luwrap: use separate context (+ various cleanups)bptato2024-05-104-191/+147
| | | | | | Use a LUContext to only load required CharRanges once per pager. Also, add kana & hangul vi word break categories for convenience.
* luwrap: replace Nim unicode maps with libunicodebptato2024-05-093-48/+108
| | | | | | | | | | | | | | | | | Instead of using the built-in (and outdated, and buggy) tables, we now use libunicode from QJS. This shaves some bytes off the executable, though far less than I had imagined it would. Also, a surprising effect of this change: because libunicode's tables aren't glitched out, kanji properly gets classified as alpha. I found this greatly annoying because `w' in Japanese text would now jump through whole sentences. As a band-aid solution I added an extra Han category, but I wish we had a more robust solution that could differentiate between *all* scripts. TODO: I suspect that separately loading the tables for every rune in breaksViWordCat is rather inefficient. Using some context object (at least per operation) would probably be beneficial.
* dom: simplify ButtonTypebptato2024-05-081-1/+1
|
* sandbox: allow getpid in seccomp network sandboxbptato2024-04-271-0/+1
| | | | openssl needs it
* Remove unnecessary unsigned castsbptato2024-04-261-1/+1
| | | | | Unsigned operations and conversions to unsigned types always wrap/narrow without checks, so no need to manually mask/cast/etc. them.
* data: replace std/base64 with atobbptato2024-04-251-0/+63
| | | | | | | | | | std's version is known to be broken on versions we still support, and it makes no sense to use different decoders anyway. (This does introduce a bit of a dependency hell, because js/base64 depends on js/javascript which tries to bring in the entire QuickJS runtime. So we move that out into twtstr, and manually convert a Result[string, string] to DOMException in js/base64.)
* sandbox: remove unveil callbptato2024-04-231-7/+4
| | | | | We no longer modify the file system inside the sandbox, so this permission is simply not needed.
* sandbox: allow syscalls for epoll Nim selectorsbptato2024-04-201-0/+4
| | | | | | | | | | | | This fixes setTimeout/setInterval causing crashes. Note: timerfd_gettime is not actually used by Nim right now. However, it seems like a good idea to add it to the set in case a future Nim version needs it, as it does no harm. We still do not allow signalfd, because it would let rogue buffers override our SIGSYS handler. (Not sure if this really matters, but we don't need it for now anyway.)
* http: fix sandbox violation in readFromStdinbptato2024-04-191-0/+2
| | | | | | | | | glibc apparently calls fstat from fread, and we didn't allow it in seccomp. So: * allow fstat in the sandbox; no reason not to, and it seems too big of a footgun to assume we never call fread * use read(2) in http; no need for buffered i/o here
* twtstr: remove pointless checks in parseIntImplbptato2024-04-191-5/+3
|
* url, twtstr: correct number parsingbptato2024-04-182-33/+48
| | | | | | | | | * do not use std's parse*Int; they accept weird stuff that we do not want to accept in any case * fix bug in parseHost where a parseIpv4 failure would result in an empty host * do not use isDigit, isAlphaAscii * improve parse*IntImpl error handling
* sandbox: seccomp support on Linuxbptato2024-04-181-2/+118
| | | | | | | | | | | | | | | | | We use libseccomp, which is now a semi-mandatory dependency on Linux. (You can still build without it, but only if you pass a scary long flag to make.) For this to work I had to disable getTimezoneOffset, which would otherwise call localtime_r which in turn reads in some files from /usr/share/zoneinfo. To allow this we would have to give unrestricted openat(2) access to buffer processes, which is unacceptable. (Giving websites access to the local timezone is a fingerprinting vector so if this ever gets fixed then it should be an opt-in config setting.) This patch also includes misc fixes to buffer cloning, and fixes the LIBEXECDIR override in the makefile so that it is actually useful.
* strwidth: return alpha for underscore in vi wordsbptato2024-04-171-1/+1
|
* Update code stylebptato2024-04-174-50/+68
| | | | | | * separate params with ; (semicolon) instead of , (colon) * reduce screaming snake case use * wrap long lines
* utils: polyfill addr/unsafeAddr distinction in Nim 2+bptato2024-04-141-0/+18
| | | | | | | | | | | | | | | | | | | | | I wish they didn't change this. unsafeAddr may be a confusing name, but it's more powerful than addr. Merging them violates the principle of least power. e.g. say I get n thru a param, and shadow it proc x(n: int) = var n = n + 1 a screen or two later I call mutates_variable_in_c(addr i) then later I no longer need to add 1, so I remove the var line. In Nim 1.6 the compiler refuses to compile, I can instantly find the bug. In 2.0 it does... whatever?? Maybe for an int it "works", for an object it likely doesn't. Certainly not something I'd enjoy debugging.
* twtstr: remove isAscii, simplify onlyWhitespacebptato2024-04-101-10/+1
|
* twtstr: remove pointless lookup tablesbptato2024-04-101-18/+10
| | | | it's a waste of space; we don't use these *that* much.
* remove dead code, fix openArray casingbptato2024-04-081-4/+1
|
* sandbox: add OpenBSD pledge/unveil supportbptato2024-04-031-3/+26
| | | | | | | | | | | | pledge is a bit more fine-grained than Capsicum's capability mode, so the buffer & http ("network") sandboxes are now split up into two parts. I applied the same hack as in FreeBSD for overriding the buffer selector kqueue, because a) I didn't want to request sysctl promise b) I'm not sure if it would even work and c) if it breaks on OpenBSD, then it's broken on FreeBSD too, so there's a greater chance of discovering the bug.
* ansi2html: support passing titlesbptato2024-03-291-17/+21
| | | | | | | Use content type attributes so e.g. git.cgi can set the title even with a text/x-ansi content type. (This commit also fixes some bugs in content type attribute handling.)