changeset: 773:253c889c4799
user: Nick White <hg_AT_njw.me.uk>
date: Mon Sep 26 22:43:12 2011 +0100
files: surf.suckless.org/patches/ssl.md surf.suckless.org/patches/surf-0.4.1-ssl.diff
description:
Add surf SSL patch
diff -r 7ab47b218393 -r 253c889c4799 surf.suckless.org/patches/ssl.md
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/surf.suckless.org/patches/ssl.md Mon Sep 26 22:43:12 2011 +0100
_AT_@ -0,0 +1,22 @@
+SSL Verification
+================
+
+Description
+-----------
+
+Adds basic SSL verification to surf. The status bar is blue for plain HTTP pages,
+green for verified HTTPS pages, and red for HTTPS pages which can't be verified.
+
+Optionally, you can set strictssl to true in config.h, which will cause attempts
+to connect to unverifiable HTTPS pages to fail, rather than just change the status
+bar color.
+
+Download
+--------
+
+* [surf-0.4.1-ssl.diff](surf-0.4.1-ssl.diff) (2.8k) (20110926)
+
+Author
+------
+
+* Nick White <[
http://njw.me.uk](
http://njw.me.uk)>
diff -r 7ab47b218393 -r 253c889c4799 surf.suckless.org/patches/surf-0.4.1-ssl.diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/surf.suckless.org/patches/surf-0.4.1-ssl.diff Mon Sep 26 22:43:12 2011 +0100
_AT_@ -0,0 +1,81 @@
+diff -r 71388899ac09 config.def.h
+--- a/config.def.h Tue Jun 08 09:06:10 2010 +0200
++++ b/config.def.h Mon Sep 26 22:28:36 2011 +0100
+_AT_@ -1,11 +1,14 @@
+ /* modifier 0 means no modifier */
+ static char *useragent = "Surf/"VERSION" (X11; U; Unix; en-US) AppleWebKit/531.2+ Compatible (Safari)";
+-static char *progress = "#FF0000";
++static char *progress = "#0066FF";
++static char *progress_untrust = "#FF0000";
+ static char *progress_trust = "#00FF00";
+ static char *stylefile = ".surf/style.css";
+ static char *scriptfile = ".surf/script.js";
+ static char *cookiefile = ".surf/cookies.txt";
+ static time_t sessiontime = 3600;
++static char *cafile = "/etc/ssl/certs/ca-certificates.crt";
++static char *strictssl = FALSE;
+ #define NOBACKGROUND 0
+
+ #define SETPROP(p, q) { .v = (char *[]){ "/bin/sh", "-c", \
+diff -r 71388899ac09 surf.c
+--- a/surf.c Tue Jun 08 09:06:10 2010 +0200
++++ b/surf.c Mon Sep 26 22:28:36 2011 +0100
+_AT_@ -38,6 +38,7 @@
+ char *title, *linkhover;
+ const char *uri, *needle;
+ gint progress;
++ gboolean sslfailed;
+ struct Client *next;
+ gboolean zoomed;
+ } Client;
+_AT_@ -250,8 +251,11 @@
+ w = c->indicator;
+ width = c->progress * w->allocation.width / 100;
+ gc = gdk_gc_new(w->window);
+- gdk_color_parse(strstr(uri, "https://") == uri ?
+- progress_trust : progress, &fg);
++ if(strstr(uri, "https://") == uri)
++ gdk_color_parse(c->sslfailed ?
++ progress_untrust : progress_trust, &fg);
++ else
++ gdk_color_parse(progress, &fg);
+ gdk_gc_set_rgb_fg_color(gc, &fg);
+ gdk_draw_rectangle(w->window,
+ w->style->bg_gc[GTK_WIDGET_STATE(w)],
+_AT_@ -367,9 +371,24 @@
+
+ void
+ loadstatuschange(WebKitWebView *view, GParamSpec *pspec, Client *c) {
++ WebKitWebFrame *frame;
++ WebKitWebDataSource *src;
++ WebKitNetworkRequest *request;
++ SoupMessage *msg;
++ char *uri;
++
+ switch(webkit_web_view_get_load_status (c->view)) {
+ case WEBKIT_LOAD_COMMITTED:
+- setatom(c, AtomUri, geturi(c));
++ uri = geturi(c);
++ if(strstr(uri, "https://") == uri) {
++ frame = webkit_web_view_get_main_frame(c->view);
++ src = webkit_web_frame_get_data_source(frame);
++ request = webkit_web_data_source_get_request(src);
++ msg = webkit_network_request_get_message(request);
++ c->sslfailed = soup_message_get_flags(msg)
++ ^ SOUP_MESSAGE_CERTIFICATE_TRUSTED;
++ }
++ setatom(c, AtomUri, uri);
+ break;
+ case WEBKIT_LOAD_FINISHED:
+ c->progress = 0;
+_AT_@ -698,6 +717,10 @@
+ soup_session_remove_feature_by_type(s, soup_cookie_jar_get_type());
+ g_signal_connect_after(G_OBJECT(s), "request-started", G_CALLBACK(newrequest), NULL);
+
++ /* ssl */
++ g_object_set(G_OBJECT(s), "ssl-ca-file", cafile, NULL);
++ g_object_set(G_OBJECT(s), "ssl-strict", strictssl, NULL);
++
+ /* proxy */
+ if((proxy = getenv("http_proxy")) && strcmp(proxy, "")) {
+ new_proxy = g_strrstr(proxy, "http://") ? g_strdup(proxy) :
changeset: 774:2ae53d9f27d1
tag: tip
user: Nick White <hg_AT_njw.me.uk>
date: Mon Sep 26 22:44:12 2011 +0100
files: surf.suckless.org/failing_sites.md surf.suckless.org/index.md
description:
Removed 'what works' section of surf page, added 'failing sites' page
diff -r 253c889c4799 -r 2ae53d9f27d1 surf.suckless.org/failing_sites.md
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/surf.suckless.org/failing_sites.md Mon Sep 26 22:44:12 2011 +0100
_AT_@ -0,0 +1,7 @@
+A few websites don't yet work correctly with surf.
+
+Rapidshare
+==========
+Downloads from Rapidshare and similar javascript-heavy download sites don't
+tend to work. Building downloads into surf directly rather than calling an
+external tool should fix this.
diff -r 253c889c4799 -r 2ae53d9f27d1 surf.suckless.org/index.md
--- a/surf.suckless.org/index.md Mon Sep 26 22:43:12 2011 +0100
+++ b/surf.suckless.org/index.md Mon Sep 26 22:44:12 2011 +0100
_AT_@ -10,21 +10,6 @@
> until I forced myself to use surf for a week. I am now much less distracted
> and more focused when browsing the web. dwm + surf <3
-What Works
-----------
-* [Bitbucket](
http://bitbucket.org)
-* [Facebook](
http://facebook.com)
-* [Github](
http://github.com)
-* [Google Calendar](
http://calendar.google.com)
-* [Google Code](
http://code.google.com)
-* [Google Docs](
http://docs.google.com)
-* [Google Mail](
http://mail.google.com)
-* [Google Maps](
http://maps.google.com)
-* [Google Reader](
http://reader.google.com)
-* [Google Translate](
http://translate.google.com)
-* [YouTube](
http://youtube.com)
-* phbb v2 forums
-
Links
-----
* [Man page](
http://man.suckless.org/surf/1/surf)
Received on Mon Sep 26 2011 - 23:29:11 CEST