| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This allows the user to avoid a race where, after verifying a cert via
:cert show, they must go back to the site and save the cert. During
this time, the cert may have been modified, so saving it from the
:cert show page will use the PEM-encoded cert currently shown and
saved in memory instead.
|
| |
|
|
|
|
| |
Change the additonal GET request to check certs to a HEAD, and cut the
URI to not include any GET arguments. We don't want to use theu URI
verbatim as it may contain args that should not be repeated.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
When set to 1, web caching will be enabled. Default is 0.
|
| |
|
|
| |
gtk 3.0.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Now that the cert sideband thread is gone, threading can be removed.
Making GTK calls across multiple threads is also deprecated in newer
GTK versions and is severly broken on Windows, so there's no point in
keeping this around.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This removes the side channel for getting and verifying remote HTTPS
certificates. As the http_proxy settings only affected messages
downloaded as part of the webkit soup session, this side channel would
create its own TCP connections which sidesteped the proxy, leaving a
privacy leak.
For simplicity, the remote certificate chain is now saved in pem
format as part of the tab structure, and converted to a gnutls
certificate chain when needed for viewing and displaying certs.
Most of the initial code done by dhill@ and marco@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Based on initial patch from Tim Meunier <trondd@gmail.com>).
Add temporary files to .gitignore.
|
| | |
|
| | |
|
| |
|
|
|
| |
This fixes issues when installing to a clean path such as with
package creation.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
requested by many
|
| | |
|
| |
|
|
|
|
|
| |
This prevents displaying any extra whitespace between the comma and
the url in the alias definition from being displayed in the statusbar.
Found by Cody Write (writecode on Flyspray)
|
| |
|
|
| |
Found by Cody Write (writecode on flyspray)
|
| | |
|
| | |
|
| |
|
|
| |
From cody on irc
|
| |
|
|
| |
From cody on irc
|
| |
|
|
| |
Patch from cody in irc
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change introduces a new RB tree to keep track of identities
(defined as being different combinations of modified HTTP headers, so
far only User-Agent and Accept). Whenever a site is visited, this
tree is checked to see if it has been accessed before, and if it has,
the previously used Accept and User-Agent headers will be used. If
the site has not been visited before during the browser's lifetime, a
new entry will be created in this tree to keep track of which headers
to use the next time. A site is defined as a FQDN, so requests made
to cross site resources or resources on a different subdomain will
generate a new saved identity.
The second change adds two new config files to the resource dir to
read in additional user_agent and http_accept values scraped from the
logs of www.bitrig.org. The idea of this is to keep rotating through
each of these on every new site visit to provide more anonymity and
thwart web tracking by looking at the headers being sent.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This modifies the whitelist and https forcing code to internally use
unix extended regular expressions to match domains. The old config
syntax converted to an appropiate regular expression. Inputing of raw
regular expressions is possible by prepending the string "re:" in
front of a regular expression, for example:
js_wl = re:^(.*\.)*cyphertite\.com$
would be the same as
js_wl = .cyphertite.com
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This changes the order custom and invalid URI checking so that items
set with custom_uri are still able to be handled properly, even if the
URI scheme is invalid (not whitelisted) and we don't want xombrero
opening it.
|