typedef enum {
AcceleratedCanvas,
CaretBrowsing,
+ Certificate,
CookiePolicies,
DiskCache,
DNSPrefetch,
SiteQuirks,
SpellChecking,
SpellLanguages,
- StrictSSL,
+ StrictTLS,
Style,
ZoomLevel,
ParameterLast,
WebKitWebInspector *inspector;
WebKitFindController *finder;
WebKitHitTestResult *mousepos;
- GTlsCertificateFlags tlsflags;
+ GTlsCertificateFlags tlserr;
Window xid;
- int progress, fullscreen;
+ int progress, fullscreen, https, insecure;
const char *title, *overtitle, *targeturi;
const char *needle;
struct Client *next;
typedef struct {
char *regex;
- char *style;
+ char *file;
regex_t re;
-} SiteStyle;
+} SiteSpecific;
/* Surf */
static void usage(void);
static char cookiepolicy_set(const WebKitCookieAcceptPolicy p);
static void seturiparameters(Client *c, const char *uri);
static void setparameter(Client *c, int refresh, ParamName p, const Arg *a);
+static const char *getcert(const char *uri);
+static void setcert(Client *c, const char *file);
static const char *getstyle(const char *uri);
-static void setstyle(Client *c, const char *stylefile);
+static void setstyle(Client *c, const char *file);
static void runscript(Client *c);
static void evalscript(Client *c, const char *jsstr, ...);
static void updatewinid(Client *c);
static void decidenavigation(WebKitPolicyDecision *d, Client *c);
static void decidenewwindow(WebKitPolicyDecision *d, Client *c);
static void decideresource(WebKitPolicyDecision *d, Client *c);
+static void insecurecontent(WebKitWebView *v, WebKitInsecureContentEvent e,
+ Client *c);
static void downloadstarted(WebKitWebContext *wc, WebKitDownload *d,
Client *c);
static void responsereceived(WebKitDownload *d, GParamSpec *ps, Client *c);
static void clickexternplayer(Client *c, const Arg *a, WebKitHitTestResult *h);
static char winid[64];
-static char togglestats[10];
+static char togglestats[11];
static char pagestats[2];
static Atom atoms[AtomLast];
static Window embed;
void
usage(void)
{
- die("usage: %s [-bBdDfFgGiIkKmMnNpPsSvx] [-a cookiepolicies ] "
- "[-c cookiefile] [-e xid] [-r scriptfile] [-t stylefile] "
+ die("usage: %s [-bBdDfFgGiIkKmMnNpPsStTvx] [-a cookiepolicies ] "
+ "[-c cookiefile] [-C stylefile] [-e xid] [-r scriptfile] "
"[-u useragent] [-z zoomlevel] [uri]\n", basename(argv0));
}
if (signal(SIGHUP, sighup) == SIG_ERR)
die("Can't install SIGHUP handler");
- gtk_init(NULL, NULL);
-
- gdpy = gdk_display_get_default();
- dpy = GDK_DISPLAY_XDISPLAY(gdpy);
-
- curconfig = defconfig;
+ if (!(dpy = XOpenDisplay(NULL)))
+ die("Can't open default display");
/* atoms */
atoms[AtomFind] = XInternAtom(dpy, "_SURF_FIND", False);
atoms[AtomGo] = XInternAtom(dpy, "_SURF_GO", False);
atoms[AtomUri] = XInternAtom(dpy, "_SURF_URI", False);
+ gtk_init(NULL, NULL);
+
+ gdpy = gdk_display_get_default();
+
+ curconfig = defconfig;
+
/* dirs and files */
cookiefile = buildfile(cookiefile);
scriptfile = buildfile(scriptfile);
cachedir = buildpath(cachedir);
+ certdir = buildpath(certdir);
gdkkb = gdk_seat_get_keyboard(gdk_display_get_default_seat(gdpy));
+ for (i = 0; i < LENGTH(certs); ++i) {
+ if (!regcomp(&(certs[i].re), certs[i].regex, REG_EXTENDED)) {
+ certs[i].file = g_strconcat(certdir, "/", certs[i].file,
+ NULL);
+ } else {
+ fprintf(stderr, "Could not compile regex: %s\n",
+ certs[i].regex);
+ certs[i].regex = NULL;
+ }
+ }
+
if (!stylefile) {
styledir = buildpath(styledir);
for (i = 0; i < LENGTH(styles); ++i) {
- if (regcomp(&(styles[i].re), styles[i].regex,
+ if (!regcomp(&(styles[i].re), styles[i].regex,
REG_EXTENDED)) {
- fprintf(stderr,
- "Could not compile regex: %s\n",
+ styles[i].file = g_strconcat(styledir, "/",
+ styles[i].file, NULL);
+ } else {
+ fprintf(stderr, "Could not compile regex: %s\n",
styles[i].regex);
styles[i].regex = NULL;
}
- styles[i].style = g_strconcat(styledir, "/",
- styles[i].style, NULL);
}
g_free(styledir);
} else {
uriparams[i].config[j] = defconfig[j];
}
} else {
- fprintf(stderr,
- "Could not compile regex: %s\n",
+ fprintf(stderr, "Could not compile regex: %s\n",
uriparams[i].uri);
uriparams[i].uri = NULL;
}
clients = c;
c->progress = 100;
- c->tlsflags = G_TLS_CERTIFICATE_VALIDATE_ALL + 1;
c->view = newview(c, rc ? rc->view : NULL);
return c;
togglestats[6] = curconfig[Plugins].val.b ? 'V' : 'v';
togglestats[7] = curconfig[Style].val.b ? 'M' : 'm';
togglestats[8] = curconfig[FrameFlattening].val.b ? 'F' : 'f';
- togglestats[9] = '\0';
+ togglestats[9] = curconfig[StrictTLS].val.b ? 'T' : 't';
+ togglestats[10] = '\0';
}
void
getpagestats(Client *c)
{
- pagestats[0] = c->tlsflags > G_TLS_CERTIFICATE_VALIDATE_ALL ? '-' :
- c->tlsflags > 0 ? 'U' : 'T';
+ if (c->https)
+ pagestats[0] = (c->tlserr || c->insecure) ? 'U' : 'T';
+ else
+ pagestats[0] = '-';
pagestats[1] = '\0';
}
webkit_settings_set_enable_caret_browsing(s, a->b);
refresh = 0;
break;
+ case Certificate:
+ if (a->b)
+ setcert(c, geturi(c));
+ return; /* do not update */
case CookiePolicies:
webkit_cookie_manager_set_accept_policy(
webkit_web_context_get_cookie_manager(
return; /* do not update */
case SpellLanguages:
return; /* do nothing */
- case StrictSSL:
+ case StrictTLS:
webkit_web_context_set_tls_errors_policy(
webkit_web_view_get_context(c->view), a->b ?
WEBKIT_TLS_ERRORS_POLICY_FAIL :
WEBKIT_TLS_ERRORS_POLICY_IGNORE);
- return; /* do not update */
+ break;
case Style:
if (a->b)
setstyle(c, getstyle(geturi(c)));
reload(c, a);
}
+const char *
+getcert(const char *uri)
+{
+ int i;
+
+ for (i = 0; i < LENGTH(certs); ++i) {
+ if (certs[i].regex &&
+ !regexec(&(certs[i].re), uri, 0, NULL, 0))
+ return certs[i].file;
+ }
+
+ return NULL;
+}
+
+void
+setcert(Client *c, const char *uri)
+{
+ const char *file = getcert(uri);
+ char *host;
+ GTlsCertificate *cert;
+
+ if (!file)
+ return;
+
+ if (!(cert = g_tls_certificate_new_from_file(file, NULL))) {
+ fprintf(stderr, "Could not read certificate file: %s\n", file);
+ return;
+ }
+
+ uri = strstr(uri, "://") + sizeof("://") - 1;
+ host = strndup(uri, strstr(uri, "/") - uri);
+
+ webkit_web_context_allow_tls_certificate_for_host(
+ webkit_web_view_get_context(c->view), cert, host);
+
+ free(host);
+}
+
const char *
getstyle(const char *uri)
{
for (i = 0; i < LENGTH(styles); ++i) {
if (styles[i].regex &&
!regexec(&(styles[i].re), uri, 0, NULL, 0))
- return styles[i].style;
+ return styles[i].file;
}
return "";
}
void
-setstyle(Client *c, const char *stylefile)
+setstyle(Client *c, const char *file)
{
gchar *style;
- if (!g_file_get_contents(stylefile, &style, NULL, NULL)) {
- fprintf(stderr, "Could not read style file: %s\n", stylefile);
+ if (!g_file_get_contents(file, &style, NULL, NULL)) {
+ fprintf(stderr, "Could not read style file: %s\n", file);
return;
}
{
int i = 0;
char tmp[64];
- const char *cmd[26], *uri;
+ const char *cmd[28], *uri;
const Arg arg = { .v = cmd };
cmd[i++] = argv0;
cmd[i++] = "-c";
cmd[i++] = cookiefile;
}
+ if (stylefile && g_strcmp0(stylefile, "")) {
+ cmd[i++] = "-C";
+ cmd[i++] = stylefile;
+ }
cmd[i++] = curconfig[DiskCache].val.b ? "-D" : "-d";
if (embed && !noembed) {
cmd[i++] = "-e";
cmd[i++] = scriptfile;
}
cmd[i++] = curconfig[JavaScript].val.b ? "-S" : "-s";
- if (stylefile && g_strcmp0(stylefile, "")) {
- cmd[i++] = "-t";
- cmd[i++] = stylefile;
- }
+ cmd[i++] = curconfig[StrictTLS].val.b ? "-T" : "-t";
if (fulluseragent && g_strcmp0(fulluseragent, "")) {
cmd[i++] = "-u";
cmd[i++] = fulluseragent;
g_free(scriptfile);
g_free(stylefile);
g_free(cachedir);
+ XCloseDisplay(dpy);
}
WebKitWebView *
} else {
settings = webkit_settings_new_with_settings(
"auto-load-images", curconfig[LoadImages].val.b,
- "default-font-size", curconfig[FontSize].val.f,
+ "default-font-size", curconfig[FontSize].val.i,
"enable-caret-browsing", curconfig[CaretBrowsing].val.b,
"enable-developer-extras", curconfig[Inspector].val.b,
"enable-dns-prefetching", curconfig[DNSPrefetch].val.b,
* or one for each view */
webkit_web_context_set_process_model(context,
WEBKIT_PROCESS_MODEL_MULTIPLE_SECONDARY_PROCESSES);
- /* ssl */
+ /* TLS */
webkit_web_context_set_tls_errors_policy(context,
- curconfig[StrictSSL].val.b ? WEBKIT_TLS_ERRORS_POLICY_FAIL :
+ curconfig[StrictTLS].val.b ? WEBKIT_TLS_ERRORS_POLICY_FAIL :
WEBKIT_TLS_ERRORS_POLICY_IGNORE);
/* disk cache */
webkit_web_context_set_cache_model(context,
G_CALLBACK(createview), c);
g_signal_connect(G_OBJECT(v), "decide-policy",
G_CALLBACK(decidepolicy), c);
+ g_signal_connect(G_OBJECT(v), "insecure-content-detected",
+ G_CALLBACK(insecurecontent), c);
g_signal_connect(G_OBJECT(v), "load-changed",
G_CALLBACK(loadchanged), c);
g_signal_connect(G_OBJECT(v), "mouse-target-changed",
gtk_window_set_role(GTK_WINDOW(w), wmstr);
g_free(wmstr);
- gtk_window_set_default_size(GTK_WINDOW(w), 800, 600);
+ gtk_window_set_default_size(GTK_WINDOW(w), winsize[0], winsize[1]);
}
g_signal_connect(G_OBJECT(w), "destroy",
curconfig = defconfig;
setatom(c, AtomUri, title);
c->title = title;
- c->tlsflags = G_TLS_CERTIFICATE_VALIDATE_ALL + 1;
+ c->https = c->insecure = 0;
seturiparameters(c, geturi(c));
break;
case WEBKIT_LOAD_REDIRECTED:
seturiparameters(c, geturi(c));
break;
case WEBKIT_LOAD_COMMITTED:
- if (!webkit_web_view_get_tls_info(c->view, NULL,
- &(c->tlsflags)))
- c->tlsflags = G_TLS_CERTIFICATE_VALIDATE_ALL + 1;
-
+ c->https = webkit_web_view_get_tls_info(c->view, NULL,
+ &c->tlserr);
break;
case WEBKIT_LOAD_FINISHED:
/* Disabled until we write some WebKitWebExtension for
}
}
+void
+insecurecontent(WebKitWebView *v, WebKitInsecureContentEvent e, Client *c)
+{
+ c->insecure = 1;
+}
+
void
downloadstarted(WebKitWebContext *wc, WebKitDownload *d, Client *c)
{
case 'c':
cookiefile = EARGF(usage());
break;
+ case 'C':
+ stylefile = EARGF(usage());
+ break;
case 'd':
defconfig CSETB(DiskCache, 0);
break;
defconfig CSETB(JavaScript, 1);
break;
case 't':
- stylefile = EARGF(usage());
+ defconfig CSETB(StrictTLS, 0);
+ break;
+ case 'T':
+ defconfig CSETB(StrictTLS, 1);
break;
case 'u':
fulluseragent = EARGF(usage());
break;
case 'v':
- die("surf-"VERSION", ©2009-2015 surf engineers, "
+ die("surf-"VERSION", ©2009-2017 surf engineers, "
"see LICENSE for details\n");
case 'x':
showxid = 1;
