about summary refs log tree commit diff stats
path: root/xombrero.c
Commit message (Collapse)AuthorAgeFilesLines
* make sure an invalid proxy cannot be used.David Hill2013-06-071-5/+9
|
* Make string copies for basename callsJosh Rickmar2013-06-061-3/+14
| | | | | | Linux basename(), unlike OpenBSD, takes a char * and may modify the contents of the path. We're previously were passing in internal webkit data so we must make a copy of it first.
* Unbreak GTK2Josh Rickmar2013-06-061-1/+1
|
* Don't color bar when warning of cached cert mismatchJosh Rickmar2013-06-061-2/+2
|
* Fix loads of memory issuesJosh Rickmar2013-06-061-113/+160
|
* cleanup cert handlingDavid Hill2013-06-051-18/+43
|
* Code cleanup and clearer var namesJosh Rickmar2013-06-051-16/+14
|
* Allow saving certs from :cert show pageJosh Rickmar2013-06-051-3/+13
| | | | | | | | This allows the user to avoid a race where, after verifying a cert via :cert show, they must go back to the site and save the cert. During this time, the cert may have been modified, so saving it from the :cert show page will use the PEM-encoded cert currently shown and saved in memory instead.
* Use homepage for HTTPS GET requestJosh Rickmar2013-06-031-1/+16
| | | | | | Change the additonal GET request to check certs to a HEAD, and cut the URI to not include any GET arguments. We don't want to use theu URI verbatim as it may contain args that should not be repeated.
* Kill GTK 3.8 size warningJosh Rickmar2013-05-141-9/+10
|
* add new configuration option 'enable_cache'David Hill2013-05-141-0/+6
| | | | When set to 1, web caching will be enabled. Default is 0.
* gtk_widget_modify_font is deprecated. Use gtk_widget_override_font if using ↵David Hill2013-05-131-5/+5
| | | | gtk 3.0.
* add urlmod plus and minMarco Peereboom2013-01-021-0/+90
|
* KNFJosh Rickmar2013-05-141-5/+7
|
* Remove threadingJosh Rickmar2013-05-141-145/+3
| | | | | | | Now that the cert sideband thread is gone, threading can be removed. Making GTK calls across multiple threads is also deprecated in newer GTK versions and is severly broken on Windows, so there's no point in keeping this around.
* Use libsoup exclusively for retrieving remote certsJosh Rickmar2013-05-141-484/+179
| | | | | | | | | | | | | | This removes the side channel for getting and verifying remote HTTPS certificates. As the http_proxy settings only affected messages downloaded as part of the webkit soup session, this side channel would create its own TCP connections which sidesteped the proxy, leaving a privacy leak. For simplicity, the remote certificate chain is now saved in pem format as part of the tab structure, and converted to a gnutls certificate chain when needed for viewing and displaying certs. Most of the initial code done by dhill@ and marco@
* Don't allow freeing NULL in open_tabs()Josh Rickmar2013-05-011-13/+13
|
* plug memleak on gnutls_x509_crt_list_import failureDavid Hill2013-04-201-0/+1
|
* plug memleak in get_local_cert_chainDavid Hill2013-04-201-0/+1
|
* Add osx build support (using macports).John C. Vernaleo2013-04-191-0/+4
| | | | | | Based on initial patch from Tim Meunier <trondd@gmail.com>). Add temporary files to .gitignore.
* fix icon apearing when http_proxy is setMarco Peereboom2012-11-281-3/+3
|
* add tor icon toggle for proxyMarco Peereboom2012-11-281-4/+18
| | | | requested by many
* Add a button to the toolbar to toggle the proxyJosh Rickmar2012-11-281-0/+29
|
* Initialize cookie whitelist. Fixes FS388.Josh Rickmar2012-10-301-0/+1
| | | | Found by Cody Write (writecode on flyspray)
* Fix for FS387Josh Rickmar2012-10-281-8/+18
| | | | From cody on irc
* Fix for FS273Josh Rickmar2012-10-281-22/+28
| | | | From cody on irc
* Make all new tabs open in new windows in tabless modeJosh Rickmar2012-08-291-1/+13
|
* Implement header changes as requested by jy-pJosh Rickmar2012-10-101-57/+57
| | | | | | | | | | | | | | | | | | | This change introduces a new RB tree to keep track of identities (defined as being different combinations of modified HTTP headers, so far only User-Agent and Accept). Whenever a site is visited, this tree is checked to see if it has been accessed before, and if it has, the previously used Accept and User-Agent headers will be used. If the site has not been visited before during the browser's lifetime, a new entry will be created in this tree to keep track of which headers to use the next time. A site is defined as a FQDN, so requests made to cross site resources or resources on a different subdomain will generate a new saved identity. The second change adds two new config files to the resource dir to read in additional user_agent and http_accept values scraped from the logs of www.bitrig.org. The idea of this is to keep rotating through each of these on every new site visit to provide more anonymity and thwart web tracking by looking at the headers being sent.
* Add regex support to whitelistsJosh Rickmar2012-09-181-35/+28
| | | | | | | | | | | | | | This modifies the whitelist and https forcing code to internally use unix extended regular expressions to match domains. The old config syntax converted to an appropiate regular expression. Inputing of raw regular expressions is possible by prepending the string "re:" in front of a regular expression, for example: js_wl = re:^(.*\.)*cyphertite\.com$ would be the same as js_wl = .cyphertite.com
* Make custom URI handling work againJosh Rickmar2012-08-311-7/+7
| | | | | | | This changes the order custom and invalid URI checking so that items set with custom_uri are still able to be handled properly, even if the URI scheme is invalid (not whitelisted) and we don't want xombrero opening it.
* Stop crash with old libsoups, kill warning with never onesJosh Rickmar2012-08-311-0/+2
| | | | Reported by Thomas in the irc channel
* Fix back/forward handling with about pages.Josh Rickmar2012-08-291-2/+4
| | | | | | | | | This change makes the can_go_* and go_* back/forward functions use the same logic when determining whether we are on an about page, and makes it so about:secviolation warning pages do not save the page that generated the warning to t->item. This prevents hitting back and going back to the exact same page that generated the warning (triggering the warning a second time).
* Fix issues with marco's back/forward list hackJosh Rickmar2012-08-281-17/+37
| | | | | | | | This should incorporate all the fixes in my previous back/forward list change, but still uses marco's horrible hack for determining if and how back/forward works. Code is still ugly but deal with it. Any remaining issues will be worked out in-tree.
* Backout the recent back/forward list changesJosh Rickmar2012-08-281-19/+127
| | | | | | This changed worked wonders for me but others still saw some problems. I could not reproduce any of them. This will bring back some problems with refresh not working again, but I'll work around that next.
* Fix cert checking thread to make sure t is always still validJosh Rickmar2012-08-241-8/+4
|
* Specify action for the policy when returning TRUE from npd cbJosh Rickmar2012-08-241-2/+7
|
* Fix the build when using some older glib and gtk versionsJosh Rickmar2012-08-241-0/+2
|
* Make the arrow menu work againJosh Rickmar2012-08-231-5/+5
|
* Marco wants new tabs only when middle-clicking (or ctrl-click)Josh Rickmar2012-08-231-8/+2
|
* Fix the logic for following links and opening new tabs.Josh Rickmar2012-08-231-3/+7
|
* Only allow loading of whitelisted valid uri typesJosh Rickmar2012-08-231-0/+6
| | | | | | This should prevent bait and switch attacks when using data: or javascript: uris (see http://lcamtuf.coredump.cx/switch/ for an example of the attack).
* Remove some deprecated signalsJosh Rickmar2012-08-221-14/+12
| | | | | | This stops the webview's deprecated load-finished and load-progress-changed signals from being attached to. May help with stability.
* Redo the back/forward list hackJosh Rickmar2012-08-211-127/+19
| | | | Much simpler, and less buggy.
* Remove duplicate codeJosh Rickmar2012-08-061-11/+3
| | | | | | Now that wl_add works correctly (doesn't automatically insert leading periods), remove the old struct sv_ignore and use struct domain and wl_add/wl_find instead.
* Add a favedit command and remove rm links from :favJosh Rickmar2012-08-061-2/+3
| | | | | | | | This makes using :fav with link hinting less likely to accidentally remove an entry by typing the wrong number. The old favorites page with the rm links is still available by using the favedit command. Patch slightly modified from a patch provide by user wallex on FS.
* ref/unref t->active before it is set or unsetJosh Rickmar2012-08-201-0/+2
| | | | | | | This should fix any crashes when determining if t->active is an active input element or not. The pointer is from a function which returns transfer none, so if we want to keep it alive (we do), we need manually add reference to it, and unrefernce it so it is freed.
* Make middle click to paste work in t->cmdJosh Rickmar2012-08-171-5/+8
| | | | | This reorders some gtk calls and adds another to unset the text in the GtkEntry before showing it.
* Destroy the session key when done with it.Josh Rickmar2012-08-161-5/+18
| | | | | This prevents sites from even being able to correctly guess an xtp session key.
* Give each tab its own session key for xtp links.Josh Rickmar2012-08-161-7/+9
| | | | While here, kill a bunch of trailing whitespace.
* Add more info and features to about:secviolationJosh Rickmar2012-08-151-0/+62
| | | | | | This adds the full url to the about:secviolation warning page, as well as implementing a new link to show the local cached cert instead of only the new remote one.
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2024-07-10 00:58:45 +0000