| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
If enabled (the default), javascripts will be allowed to automatically
open windows (popups) based on the current browser_mode setting. This
is the current behavior.
If disabled (set to 0), the automatic opening of windows will never be
allowed, even if the site is whitelisted.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change introduces a new RB tree to keep track of identities
(defined as being different combinations of modified HTTP headers, so
far only User-Agent and Accept). Whenever a site is visited, this
tree is checked to see if it has been accessed before, and if it has,
the previously used Accept and User-Agent headers will be used. If
the site has not been visited before during the browser's lifetime, a
new entry will be created in this tree to keep track of which headers
to use the next time. A site is defined as a FQDN, so requests made
to cross site resources or resources on a different subdomain will
generate a new saved identity.
The second change adds two new config files to the resource dir to
read in additional user_agent and http_accept values scraped from the
logs of www.bitrig.org. The idea of this is to keep rotating through
each of these on every new site visit to provide more anonymity and
thwart web tracking by looking at the headers being sent.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This modifies the whitelist and https forcing code to internally use
unix extended regular expressions to match domains. The old config
syntax converted to an appropiate regular expression. Inputing of raw
regular expressions is possible by prepending the string "re:" in
front of a regular expression, for example:
js_wl = re:^(.*\.)*cyphertite\.com$
would be the same as
js_wl = .cyphertite.com
|
| |
|
|
|
|
| |
Thanks to user njw on FS for the patch.
|
| |
|
| |
|
|
|
|
|
| |
Patch provided by Vadim Zhukov <persgray@gmail.com>, manpage bits by
me.
|
|
|
|
|
|
|
|
| |
This makes using :fav with link hinting less likely to accidentally
remove an entry by typing the wrong number. The old favorites page
with the rm links is still available by using the favedit command.
Patch slightly modified from a patch provide by user wallex on FS.
|
|
|
|
|
|
| |
This may be used to modify the GnuTLS priority string used for the
soup session to enable or disable specific ciphers or TLS/SSL
versions. Default is empty (uses libsoup's defaults).
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This fixes the behavior of the whitelist code so that whitelist
toggling toggles the FQDN (not the domain and all subdomains), unless
domain is explicitly used. This was the intended behavior but the old
code would automatically assume all subdomains anyways. This also
makes the new force_https stuff work correctly with FQDNs (no
subdomains) for the preloaded HSTS list.
|
|
|
|
|
|
| |
change runtime settings. Settings that have been modified show in a
highlighted color in the table. Tooltips describe the setting's
function, as well as the default values.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
whitelist settings) to make all requests to that domain use the HTTPS
scheme, similar to HSTS.
Install a new file, hsts-preload, into the resource dir. This is a
regular config file with a bunch of force_https = ... lines, which is
used to implement a preloaded HSTS list. Right now all the domains in
this file, except for conformal.com and cyphertite.com, are taken
directly from chromium's preloaded HSTS list (and should be synced
with this file every so often). Also implement a new setting,
preload_strict_transport (enabled by default), to enable or disable
the loading of this preloaded HSTS list. Document force_https and
preload_strict_transport in the manpage.
|
| |
|
|
|
|
|
| |
with show_oops, and document how donothing behaves in the manpage and
example conf.
|
|
|
|
|
| |
(keep current behavior) for gui_mode = normal, and disable for
gui_mode = minimal. Requires GTK3.
|
|
|
|
|
|
| |
and p work with CLIPBOARD in addition to PRIMARY. Yanking copies to
both, and pasting tries PRIMARY first, and if empty, reads from
CLIPBOARD. This should make y/p/P work on windows.
|
|
|
|
|
|
| |
This restores the prior GUI behavior. Hide the asynchronous download
complete message behind the download_notifications setting which is
disruptive and racy.
|
|
|
|
|
|
|
|
|
|
| |
allow_insecure_scripts, which, if WebKitWebSettings has the
enable-display-of-insecure-content and/or
enable-running-of-insecure-content properties, sets those to enable or
disable viewing or running of insecure content from secure websites.
Make these default to 0 in whitelist mode, and 1 otherwise.
* * *
Document in manpage.
|
|
|
|
| |
section at the bottom.
|
|
|
|
| |
focused one. Document in manpage.
|
|
|
|
|
| |
globally for all connections), and implement http_accept which acts
the same way but sets the HTTP Accept header.
|
| |
|
|
|
|
| |
currently enabled or disabled in the statusbar.
|
|
|
|
|
|
|
| |
instead of the low-contrast one. Allow the userstyle and
usersyle_global commands to take an optional argument to use a
user-specified stylesheet instead of the default. Document in the
manpage.
|
|
|
|
| |
disabled
|
|
|
|
| |
cached certificate manually (although they still may, if inclined).
|
|
|
|
|
|
|
| |
ssl certificate is different from a previously cached certificate to
help prevent against MITM attacks. Prompt the user with an action to
take (show remote cert, allow for that session, or cache the new
remote cert).
|
|
|
|
|
|
|
|
|
|
|
| |
* Display a message when toggling proxy.
* Add a 'http_proxy_disabled' config option allowing a proxy to be disabled at
xombrero start.
* Add a note in the manual that polipo works with xombrero aswell as tsocks.
* In the config file, provide examples for polipo and tsocks running on
localhost with default ports.
OK marco
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
push.
Make the set_ssl_ca_file pointer logic not suck.
'M' isn't a valid key modifier, use 'M1' in the manpage.
Add a function to escape an html string and use this for displaying
settings. Now things like <file> and <uri> are not interpreted as
html tags.
Kill a system() when running a custom uri script. Tildes are now also
expanded instead of being interpreted by the no-longer-being-called
system shell.
Plug a leak
Replace the system() call for external_editor with an execvp and while
here, kill a dangerous sprintf.
Remove an unused variable
|
| |
|
|
|
|
| |
it in the manpage.
|
|
|
|
|
| |
external script rather then through xombrero. This makes it possible
to use scripts to support things such as mailto URIs. Fixes FS#253
|
|
|
|
|
|
| |
the manpage says they do. Setting show_url = 1 and fancy_bar = 0 will
now only display the url bar on the toolbar and not draw the buttons
and search box.
|
|
|
|
|
|
|
|
|
|
|
|
| |
don't try to execute them, but instead open a prompt with that current
command. Can be used to create custom prompts, and should fix FS#233.
This change also adds the ability to replace strings in keybound
prompts. So far the only string replacement is <uri> which is
replaced by the current tab's uri. This also kills the old prompt*
commands as they only existed so they could be bound to a key.
However with the addition of the <uri> substitution, these are no
longer necessary. Document these changes in the manpage.
|
| |
|
|
|
|
|
| |
recommend any search engine. Save their choice to runtime, and
document how runtime is being read in the manpage.
|
|
|
|
| |
of the settings
|
|
|