From: Daniel Carl <danielcarl@gmx.de>
Date: Wed, 28 May 2014 14:42:15 +0000 (+0200)
Subject: Allow to toggle hsts on and off.
X-Git-Url: https://git.owens.tech/assets/lich_lifts_title_slice.png%20%22Lich%20Lifts%22/assets/lich_lifts_title_slice.png%20%22Lich%20Lifts%22/git?a=commitdiff_plain;h=0334ce6389e94c9de3e0accd22ee7dc00bf094df;p=vimb.git
Allow to toggle hsts on and off.
---
diff --git a/doc/vimb.1 b/doc/vimb.1
index a12281e..9a829e3 100644
--- a/doc/vimb.1
+++ b/doc/vimb.1
@@ -756,6 +756,9 @@ Maximum number of unique items stored in search-, command or URI history.
.B home-page (string)
Homepage that vimb opens if started without a URI.
.TP
+.B hsts (bool)
+Enable or disables the HSTS (HTTP Strict Transport Security) feature.
+.TP
.B input-bg-error (color)
Background color for the inputbox if error is shown.
.TP
diff --git a/src/main.c b/src/main.c
index 8b342a4..04920b6 100644
--- a/src/main.c
+++ b/src/main.c
@@ -946,16 +946,18 @@ static void session_init(void)
g_object_unref(cookie);
#endif
#ifdef FEATURE_HSTS
- HSTSProvider *hsts = hsts_provider_new();
- soup_session_add_feature(vb.session, SOUP_SESSION_FEATURE(hsts));
- g_object_unref(hsts);
+ /* create only the session feature - the feature is added in setting.c
+ * when the setting hsts=on */
+ vb.config.hsts_provider = hsts_provider_new();
#endif
}
static void session_cleanup(void)
{
#ifdef FEATURE_HSTS
- /* remove feature from session to make sure the feature is finalized */
+ /* remove feature from session and unref the feature to make sure the
+ * feature is finalized */
+ g_object_unref(vb.config.hsts_provider);
soup_session_remove_feature_by_type(vb.session, HSTS_TYPE_PROVIDER);
#endif
}
diff --git a/src/main.h b/src/main.h
index 53219d8..3ff9030 100644
--- a/src/main.h
+++ b/src/main.h
@@ -33,6 +33,9 @@
#else
#endif
#include "config.h"
+#ifdef FEATURE_HSTS
+#include "hsts.h"
+#endif
/* size of some I/O buffer */
#define BUF_SIZE 512
@@ -310,6 +313,9 @@ typedef struct {
float default_zoom; /* default zoomlevel that is applied on zz zoom reset */
gboolean fullscreen; /* indicates if full screen mode is on */
gboolean kioskmode;
+#ifdef FEATURE_HSTS
+ HSTSProvider *hsts_provider; /* the hsts session feature that is added to soup session */
+#endif
} Config;
typedef struct {
diff --git a/src/setting.c b/src/setting.c
index deb281e..75f2c2e 100644
--- a/src/setting.c
+++ b/src/setting.c
@@ -24,6 +24,9 @@
#include "util.h"
#include "completion.h"
#include "js.h"
+#ifdef FEATURE_HSTS
+#include "hsts.h"
+#endif
static GHashTable *settings;
@@ -55,6 +58,9 @@ static SettingStatus timeoutlen(const Setting *s, const SettingType type);
static SettingStatus headers(const Setting *s, const SettingType type);
static SettingStatus nextpattern(const Setting *s, const SettingType type);
static SettingStatus fullscreen(const Setting *s, const SettingType type);
+#ifdef FEATURE_HSTS
+static SettingStatus hsts(const Setting *s, const SettingType type);
+#endif
static gboolean validate_js_regexp_list(const char *pattern);
@@ -128,6 +134,9 @@ static Setting default_settings[] = {
{NULL, "nextpattern", TYPE_CHAR, nextpattern, {.s = "/\\bnext\\b/i,/^(>\\|>>\\|»)$/,/^(>\\|>>\\|»)/,/(>\\|>>\\|»)$/,/\\bmore\\b/i"}},
{NULL, "previouspattern", TYPE_CHAR, nextpattern, {.s = "/\\bprev\\|previous\\b/i,/^(<\\|<<\\|«)$/,/^(<\\|<<\\|«)/,/(<\\|<<\\|«)$/"}},
{NULL, "fullscreen", TYPE_BOOLEAN, fullscreen, {.i = 0}},
+#ifdef FEATURE_HSTS
+ {NULL, "hsts", TYPE_BOOLEAN, hsts, {.i = 1}},
+#endif
};
void setting_init(void)
@@ -915,6 +924,33 @@ static SettingStatus fullscreen(const Setting *s, const SettingType type)
return SETTING_OK;
}
+#ifdef FEATURE_HSTS
+static SettingStatus hsts(const Setting *s, const SettingType type)
+{
+ gboolean active;
+ if (type == SETTING_GET) {
+ active = soup_session_has_feature(vb.session, HSTS_TYPE_PROVIDER);
+ print_value(s, &active);
+
+ return SETTING_OK;
+ }
+
+ if (type == SETTING_TOGGLE) {
+ active = !soup_session_has_feature(vb.session, HSTS_TYPE_PROVIDER);
+ print_value(s, &active);
+ } else {
+ active = (s->arg.i != 0);
+ }
+
+ if (active) {
+ soup_session_add_feature(vb.session, SOUP_SESSION_FEATURE(vb.config.hsts_provider));
+ } else {
+ soup_session_remove_feature(vb.session, SOUP_SESSION_FEATURE(vb.config.hsts_provider));
+ }
+ return SETTING_OK;
+}
+#endif
+
/**
* Validated syntax given list of JavaScript RegExp patterns.
* If validation fails, the error is shown to the user.