This is a *very* rudimentary implementation lacking most of the
functionality of NamedNodeMap but it's enough to get jQuery 1.12.4 up.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
To get us further along the JavaScript pathway, support the
getter and setter for innerHTML. The getter always returns
an empty string for now, but the setter works.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
The async script completion process needs to complete the
content state machine so that browser throbbers eventually
stop once async scripts have fetched and run, even if that
happens *after* conversion finishes.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
If there is more than one incomplete sync script then it's
important that we don't unpause hubbub too early. This commit
adds a counter so that if there're unfinished sync scripts in
the set, we don't unpause until the last one completes.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
Fixes abort on exit when corestring finalisation tried to unref
what should have been the final ref:
$ ./nsgtk3
corrupted double-linked list
Aborted (core dumped)
HTML contents reference many other objects. The browser window
needs to know if any of them may not be secure, in which case it
needs to report that in its page state. If other content types
might refer to sub-contents, they will need to define the callback
too.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
In order to support persisting SSL data we first have to store it
and support catching up new users.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
This redundant code was added by:
4747bbbfb2 HTML drags now go via content msg.
and then added again with:
c2a718075a A load of refactoring of how content selection and input work.
This was archaic support for rendering images as "overlays",
and avoiding a redraw via the browser window redraw and HTML
contents. Basically it was "plot this image here", but it
was too error prone, so it was removed a long time ago.
These are some last vestiges that made the redraw message
look more complex than it is.
* Changed ETag storage to be time_t, rather than int.
* Changed `If-None-Match` value parsing to use proper
time_t parsing, rather than `atoi`.
We emit FETCH_NOTMODIFIED if the resource hasn't changed.
Any errors from the fetch which are not already handled are
reported with an internal query page instead of a modal
dialog.
This is much less invasive for the user and much more in
keeping with how this is handled by other browsers.
The handler is similar to the timeout handler but the
functionality is kept separate as it is intended timeout
handling be extended in future.
cURL will prevent channel reuse if NTLM auth is enabled because
NTLM authenticates a channel not a request. As such we were
unable to reuse curl handles since we handed off connection
reuse to curl instead of our own handle cache. This mitigates
the effect, though curl authors are looking at fixing it upstream
too.
Fixes: #2707
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
The curl fetcher can operate without openssl library being
available, additionaly curl itself may be compiled with a
different TLS library.
In either case this will simply cause the "unknown" error to be
reported for all TLS failiures and page information to lack any
certificate information.
If dom_to_box is still in progress when we destroy an HTML
content, we need to cancel the conversion otherwise we will
end up with a scheduled callback into infinity.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
Since OpenSSL 1.0.2 there has been hostname verification support
which cURL doesn't turn on for some reason. Turn it on so that
we get better hostname verification handling.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
In doing this, also propagate why the certificates were bad
so that the page can display a reason. We will need FatMessages
for all these.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
We now handle authentication requests via an `about:` page
which presents a nice form built into the browser window.
In order to do this, we add internal navigation as a concept
to the browser window and we strip the 401login support from all
frontends except monkey.
The 401login callback is now intended for password safe type support
rather than an immediately interactive prompt.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
