| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the past, Chawan would read global mailcap (/etc/mailcap, ...) too,
but every now and then that would run entries that I didn't even know
existed and definitely didn't intend to run. So I changed it to only
use ~/.mailcap, but this meant users now had to add mailcap entries for
every single mime type.
At some point I also changed application/octet-stream to always save to
disk, which is usually nice except when a text file is misrecognized as
binary. Often times I just want to decide myself what to do.
So now there are two layers. First, the global mailcap files (path as
per RFC) prompt before executing. Then there is ~/.chawan/auto.mailcap
(or ~/.config/chawan/auto.mailcap) which runs entries automatically.
If you press shift before selecting an option in the prompt, the
corresponding entry gets copied to auto.mailcap. It's also possible to
type a new entry on the fly. Overall I think it's quite convenient.
One unfortunate side effect is that existing users will have to migrate
their entries to auto.mailcap, or redefine external.auto-mailcap to e.g.
~/.mailcap, but this seems acceptable.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* remove std/streams use from mime.types; mmap and parse directly
* use mime.types for inline image extensions
* add some jpeg file extensions
Latter came up because I was trying to add a format locally and it
wouldn't recognize it on images from my file system (i.e. by extension).
As a security measure we still do not allow additional extensions for
predefined inline image types.
|
| |
|
|
|
| |
This couldn't get into system.nim for technical reasons, but it's still
pretty useful when iterating over non-mutable openArrays.
|
| |
|
|
| |
for consistency
|
| | |
|
| |
|
|
| |
ref. https://todo.sr.ht/~bptato/chawan/21
|
| |
|
|
|
| |
* line, vector, matrix -> path
* twtuni, charcategory -> twtstr
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* fix matching on unstripped whitespace: caught after upgrading to
upstream dash & chaseccomp wouldn't compile
* add defines to ensure that we computed the filter length correctly
* inline cut_label
* EPERM on sigaction, sigprocmask, gettid, and kill on tgkill (so a
crash doesn't trigger sandbox violations)
* move SIGSYS handler to C and add one for the network
The last change removes the stack trace from SIGSYS, but gives us the
syscall number which is probably more useful. (Indeed, we don't even
have a stack trace in release builds.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I'm starting to favor dotfiles over XDG basedirs, but there's no reason
why we couldn't have both. So now the search path is:
0. if config was set through -C, use that
1. $CHA_CONFIG_DIR is set -> $CHA_CONFIG_DIR/config.toml
2. $XDG_CONFIG_HOME is set -> $XDG_CONFIG_HOME/chawan/config.toml
3. ~/.config/chawan/config.toml exists -> use that
4. ~/.chawan/config.toml exists -> use that
Notably, this makes it so the default directory is ~/.chawan *if* you
don't have an existing config.toml file. So in that case known_hosts
will be placed in ~/.chawan/known_hosts. However, configurations with a
config in ~/.config/chawan/config.toml continue to work as expected, as
for those the known_hosts file remains inside ~/.config/chawan/.
Finally, I've added a default user CGI directory to reduce friction in
setting CGI up. (Like known_hosts, it's also relative to whatever config
dir you have.)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This drops libseccomp as a dependency.
Also, move the capsicum/pledge definitions from bindings to sandbox.nim
because they are only used there.
Interestingly, after integrating chaseccomp I found that the
stbi process would mysteriously crash by a getrandom(2) syscall.
Closer investigation revealed it is only called on the initialization
of glibc's malloc; presumably it had never surfaced before because
libseccomp would always allocate before entering the sandbox.
So I've added getrandom to our filter as well.
|
| |
|
|
|
|
|
|
|
|
|
| |
nativesockets is a wrapper over posix and winapi, but we don't support
winapi, so we can just fall back to PosixStream instead.
SocketStream remains as a constraint over PosixStream to allow
sendFileHandle/recvFileHandle.
As a nice side effect, we can drop some allowed syscalls from the
seccomp filter.
|
| |
|
|
|
| |
On a second thought, no timeouts for name resolution is fine - and even
if it weren't, it's better implemented in the loader.
|
| |
|
|
|
| |
* remove unused DateTime toml type
* add parseIntP for pointer-size int parsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Substitute tabs with one of eight PUA characters based on their width,
and convert them back in the pager:
* TUI mode always prints spaces, but now handles tabs appropriately on
cursor movement
* dump mode tries to preserve hard tabs, but uses soft tabs when that is
not possible (e.g. tabs after a margin, tab with background color,
etc)
* selection mode always outputs hard tabs.
|
| | |
|
| | |
|
| |
|
|
| |
used on 32-bit platforms
|
| |
|
|
|
| |
Now we use QuickJS-NG, which is better maintained than QJS and has
column tracking.
|
| |
|
|
|
|
| |
Also, kill twidth and its friends; we haven't been using it for a
while now. (In the future, a solution with PUA chars might be worth
exploring.)
|
| |
|
|
| |
required for poll
|
| |
|
|
|
|
|
|
|
|
|
|
| |
std/selectors uses OS-specific selector APIs, which sounds good in
theory (faster than poll!), but sucks for portability in practice.
Sure, you can fix portability bugs, but who knows how many there are
on untested platforms... poll is standard, so if it works on one
computer it should work on all other ones. (I hope.)
As a bonus, I rewrote the timeout API for poll, which incidentally
fixes setTimeout across forks. Also, SIGWINCH should now work on all
platforms (as we self-pipe instead of signalfd/kqueue magic).
|
| |
|
|
|
| |
* reduce copies & allocations
* simplify SGR generation
|
| |
|
|
|
|
| |
* simplify uint parser
* use uint parser for signed ints too (to simplify overflow handling)
* use openArray[char] where possible
|
| |
|
|
| |
looks like it's also necessary for musl
|
| |
|
|
| |
fcntl has some cursed commands that we really don't want to allow
|
| |
|
|
| |
Make sure U+FFFD is returned when a bounds check fails.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
std/unicode has the following issues:
* Rune is an int32, which implies overflow checking. Also, it is
distinct, so you have to convert it manually to do arithmetic.
* QJS libunicode and Chagashi work with uint32, interfacing with these
required pointless type conversions.
* fastRuneAt is a template, meaning it's pasted into every call
site. Also, it decodes to UCS-4, so it generates two branches that
aren't even used. Overall this lead to quite some code bloat.
* fastRuneAt and lastRune have frustratingly different
interfaces. Writing code to handle both cases is error prone.
* On older Nim versions which we still support, std/unicode takes
strings, not openArray[char]'s.
Replace it with "twtuni", which includes some improved versions of
the few procedures from std/unicode that we actually use.
|
| |
|
|
|
| |
Wait, why does std fastRuneAt try to decode UCS-32?
Hmm...
|
| | |
|
| |
|
|
|
| |
WSL needs it. It was already allowed on Android, so this just makes the
sandboxes converge a little.
|
| |
|
|
|
|
|
|
| |
Do it like parseEnumNoCase0, so we no longer instantiate a gazillion
different binary searches for the same type.
While we're at it, make matchNameProduction's searchInMap use uint32
too.
|
| |
|
|
|
|
|
| |
Until recently, glibc used to implement it as fstatat. So don't trap
for fstatat (and for consistency, fstat), but return EPERM.
Just to be sure, rewrite sixel & stbi to never call fread.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* fix header case sensitivity issues
-> probably still wrong as it discards the original
casing. better than nothing, anyway
* fix fulfill on generic promises
* support standard open() async parameter weirdness
* refactor loader response body reading (so bodyRead is no longer
mandatory)
* actually read response body
still missing: response body getters
|
| |
|
|
| |
Dispatch manually with fromJS instead.
|
| |
|
|
| |
+ slightly optimize getContentType
|
| |
|
|
| |
Nim 1.6 does not like it.
|
| |
|
|
| |
called on armhf
|
| | |
|
| |
|
|
| |
was only used by the PNG decoder which got replaced by stbi
|
| |
|
|
|
|
|
| |
* cssvalues, twtstr: unify enum parsing code paths, parse enums by
bisearch instead of hash tables
* mediaquery: refactor (long overdue), fix range comparison syntax
parsing, make ident comparisons case-insensitive (as they should be)
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* buffer, pager, config: add meta-refresh value, which makes it possible
to follow http-equiv=refresh META tags.
* config: clean up redundant format mode parser
* timeout: accept varargs for params to pass on to functions
* pager: add "options" dict to JS gotoURL
* twtstr: remove redundant startsWithNoCase
|
| |
|
|
|
|
| |
* fix various parsing bugs
* rewrite state machine
* other small optimizations
|
| |
|
|
|
| |
Still not perfect, because it crashes on missing /tmp dir so you have to
manually set it...
|