about summary refs log tree commit diff stats
Commit message (Collapse)AuthorAgeFilesLines
...
* update .gitignoreDavid Hill2013-06-141-0/+2
|
* Close tab when press+releasing X, not just press downJosh Rickmar2013-06-141-8/+4
|
* manpage cleanup. Mostly from Cody Wright.David Hill2013-06-141-116/+130
|
* remove extra spaceJosh Rickmar2013-06-131-1/+1
|
* support :favadd [title]David Hill2013-06-135-7/+16
|
* Make link hinting case insensitiveJosh Rickmar2013-06-131-1/+8
| | | | Patch from holger@zedat.fu-berlin.de
* link to wiki and be more specific about licensing.David Hill2013-06-121-1/+3
|
* add a README.md for GithubDavid Hill2013-06-121-0/+37
|
* kill -lgcrypt, no longer needed after killing coloring threadsMarco Peereboom2013-06-126-6/+6
|
* Prepare for release 1.6.0.David Hill2013-06-121-1/+1
|
* not sure why this was prematurely bumpedDavid Hill2013-06-121-1/+1
|
* add myself to copyrightDavid Hill2013-06-122-0/+2
|
* Prepare for release 1.6.0.David Hill2013-06-121-1/+1
|
* use https for links to opensource.conformal.comDavid Hill2013-06-121-4/+4
|
* add myself to authorsDavid Hill2013-06-121-0/+1
|
* sync hsts-preload with chromiumJosh Rickmar2013-06-121-0/+1
|
* Fix runtime set so it actually sets somethingJosh Rickmar2013-06-102-3/+6
| | | | | Disabling at runtime looks to work, but enabling it again seems to only take effect on open tabs once the page is reloaded. webkit bug?
* sync hsts-preload with chromiumJosh Rickmar2013-06-101-3/+4
| | | | update link to moved version of chromium's json file
* use a define for js_auto_open_windows settingDavid Hill2013-06-092-4/+4
|
* make js_auto_open_windows a runtime settingDavid Hill2013-06-091-1/+27
|
* add a new config option js_auto_open_windows = 0|1, default being 1.David Hill2013-06-086-5/+13
| | | | | | | | | If enabled (the default), javascripts will be allowed to automatically open windows (popups) based on the current browser_mode setting. This is the current behavior. If disabled (set to 0), the automatic opening of windows will never be allowed, even if the site is whitelisted.
* remove a debugging printf that snuck inDavid Hill2013-06-081-1/+0
|
* constifyDavid Hill2013-06-072-2/+2
|
* make sure an invalid proxy cannot be used.David Hill2013-06-073-32/+52
|
* add enable_cache example to xombrero.confDavid Hill2013-06-071-0/+1
|
* add local ipv6 unicast addresses to proxy_exclude list.David Hill2013-06-071-1/+1
|
* sync hsts-preload with chromium treeJosh Rickmar2013-06-061-4/+36
|
* document direct socks support with newer libsoupDavid Hill2013-06-061-3/+6
|
* in xtp_handle_rt, only allocate memory when needed. fixes a small leak.David Hill2013-06-061-1/+1
|
* remove xombrero UA from google search stringsJosh Rickmar2013-06-062-3/+3
|
* Make string copies for basename callsJosh Rickmar2013-06-062-5/+18
| | | | | | Linux basename(), unlike OpenBSD, takes a char * and may modify the contents of the path. We're previously were passing in internal webkit data so we must make a copy of it first.
* Unbreak GTK2Josh Rickmar2013-06-061-1/+1
|
* Don't color bar when warning of cached cert mismatchJosh Rickmar2013-06-061-2/+2
|
* Fix loads of memory issuesJosh Rickmar2013-06-064-134/+193
|
* cleanup cert handlingDavid Hill2013-06-051-18/+43
|
* libsoup proxy-resolver supportDavid Hill2013-06-052-11/+47
|
* Code cleanup and clearer var namesJosh Rickmar2013-06-052-17/+15
|
* Allow saving certs from :cert show pageJosh Rickmar2013-06-052-3/+16
| | | | | | | | This allows the user to avoid a race where, after verifying a cert via :cert show, they must go back to the site and save the cert. During this time, the cert may have been modified, so saving it from the :cert show page will use the PEM-encoded cert currently shown and saved in memory instead.
* Use homepage for HTTPS GET requestJosh Rickmar2013-06-032-5/+18
| | | | | | Change the additonal GET request to check certs to a HEAD, and cut the URI to not include any GET arguments. We don't want to use theu URI verbatim as it may contain args that should not be repeated.
* Prepare for release 1.5.0.David Hill2013-05-161-1/+1
|
* start signing tagsDavid Hill2013-05-161-1/+1
|
* Kill GTK 3.8 size warningJosh Rickmar2013-05-141-9/+10
|
* cache is disabled by defaultDavid Hill2013-05-141-1/+1
|
* add enable_cache to manpageDavid Hill2013-05-141-0/+3
|
* add new configuration option 'enable_cache'David Hill2013-05-143-0/+41
| | | | When set to 1, web caching will be enabled. Default is 0.
* gtk_widget_modify_font is deprecated. Use gtk_widget_override_font if using ↵David Hill2013-05-133-13/+19
| | | | gtk 3.0.
* add urlmod plus and minMarco Peereboom2013-01-023-0/+97
|
* KNFJosh Rickmar2013-05-141-5/+7
|
* Remove threadingJosh Rickmar2013-05-148-181/+15
| | | | | | | Now that the cert sideband thread is gone, threading can be removed. Making GTK calls across multiple threads is also deprecated in newer GTK versions and is severly broken on Windows, so there's no point in keeping this around.
* Use libsoup exclusively for retrieving remote certsJosh Rickmar2013-05-142-484/+183
| | | | | | | | | | | | | | This removes the side channel for getting and verifying remote HTTPS certificates. As the http_proxy settings only affected messages downloaded as part of the webkit soup session, this side channel would create its own TCP connections which sidesteped the proxy, leaving a privacy leak. For simplicity, the remote certificate chain is now saved in pem format as part of the tab structure, and converted to a gnutls certificate chain when needed for viewing and displaying certs. Most of the initial code done by dhill@ and marco@