commit: 530a167cb57cf089f2b235dec08bbd817c6bf7df
parent: 810c9f1d7b82d89a39cf7e377c689bd7f32ec4ea
author: Chris Noxz <chris@noxz.tech>
date: Wed, 22 Mar 2023 14:22:09 +0100
modify how JavaScript is used
* When disabling JavaScript, just disable it for sites (markup) so that DOM
access and user scripts are still available even if JavaScript from external
sources aren't loaded. This seems to be a safe way to access JavaScript
functionality even it seems to be disabled from the perspective of web pages.
This is being done using the setting `enable-javascript-markup` instead of
`enable-javascript`. See:
https://webkitgtk.org/reference/webkit2gtk/stable/property.Settings.enable-javascript-markup.html
* Make it possible to disable JavaScript by default using environment
variables.
4 files changed, 16 insertions(+), 5 deletions(-)
diff --git a/adji.1 b/adji.1
@@ -74,6 +74,13 @@ For a faster, or perhaps a more secure way of browsing the web, setting this
variable provides a method of preventing images from loading automatically.
.TP
.B
+ADJI_DISABLE_JAVASCRIPT
+For a faster, or perhaps a more secure way of browsing the web, setting this
+variable provides a method of preventing JavaScript from loading. However,
+executing user scripts is still possible, as only JavaScript from markup is
+removed.
+.TP
+.B
ADJI_DOWNLOAD_DIR
This variable allows you to specify the directory to where all downloads are
stored according to your preference. By default all downloads are stored at
diff --git a/browser.c b/browser.c
@@ -122,7 +122,7 @@ client_create(const gchar *uri,
CB(c->entry, "icon-release", cb_entry_icon_hid, c);
/* entry must exist before first call */
- set_javascript_policy(c, JSP_ENABLE);
+ set_javascript_policy(c, !(CFG_B(DisableJavaScript)));
/* create vertical box to store the web view and the entry */
c->vbx = gtk_box_new(GTK_ORIENTATION_VERTICAL, 0);
@@ -1101,12 +1101,14 @@ void
set_javascript_policy(struct Client *c,
enum javascript_policy policy)
{
- webkit_settings_set_enable_javascript(c->settings, policy == JSP_TOGGLE
- ? !(webkit_settings_get_enable_javascript(c->settings))
- : policy
+ webkit_settings_set_enable_javascript_markup(
+ c->settings,
+ policy == JSP_TOGGLE
+ ? !(webkit_settings_get_enable_javascript_markup(c->settings))
+ : policy
);
webkit_web_view_reload_bypass_cache(WEBKIT_WEB_VIEW(c->wv));
- if ((webkit_settings_get_enable_javascript(c->settings)))
+ if ((webkit_settings_get_enable_javascript_markup(c->settings)))
gtk_entry_set_icon_from_icon_name(
GTK_ENTRY(c->entry), GTK_ENTRY_ICON_SECONDARY, ICON_JS_ON
);
diff --git a/browser.h b/browser.h
@@ -115,6 +115,7 @@ enum config_name {
DefaultFontSize,
DeveloperExtras,
DisableAutoLoadImages,
+ DisableJavaScript,
DownloadDirectory,
ExternalHandlerFile,
FifoName,
diff --git a/config.h b/config.h
@@ -34,6 +34,7 @@ static Config cfg[LastConfig] = {
[HistoryFile] = { __NAME_UPPERCASE__"_HISTORY_FILE", CFG_STRING, {.s = NULL }},
[HomeUri] = { __NAME_UPPERCASE__"_HOME_URI", CFG_STRING, {.s = "about:blank" }},
[DisableAutoLoadImages] = { __NAME_UPPERCASE__"_DISABLE_AUTO_LOAD_IMAGES", CFG_BOOL, {.b = FALSE }},
+ [DisableJavaScript] = { __NAME_UPPERCASE__"_DISABLE_JAVASCRIPT", CFG_BOOL, {.b = FALSE }},
[MonospaceFont] = { __NAME_UPPERCASE__"_MONOSPACE_FONT", CFG_STRING, {.s = "monospace" }},
[NormalTabFormat] = { NULL, CFG_STRING, {.s = "<span>%s</span>" }},
[ProxyIgnore] = { __NAME_UPPERCASE__"_PROXY_IGNORE", CFG_LIST, {.l = NULL }},
