Standalone Browser Component of Safe-Exam-Browser

This is the core browser component for Safe-Exam-Browser. For SEB binary releases please refer to http://www.safeexambrowser.org

Refactored seb:

general code refactoring
splitted seb.jsm into functional modules
getting rid of xullib.jsm
improved config mode
improved nodejs based seb server with native html5 support without binaryjs and jquery

OS Support

Windows 32/64Bit
Linux 32/64Bit
OSX 10.x 64Bit

Requirements

Cloning seb2 repo:

git clone https://github.com/eqsoft/seb2.git

Firefox installation

Since Mozilla canceled the provisioning of xulrunner binaries, we restricted seb2 hosting to a native Firefox 52.x ESR.

Download Firefox ESR binaries: https://www.mozilla.org/en-US/firefox/organizations/all/
Proceed a USER DEFINED(!) installation setup to the prepared Firefox folders, otherwise your local Browser installation will be damaged!

./firefox/YOUR_OS/XXBit/

!WARNING: deny automatic (re)starting of Firefox after installation setup is finished, otherwise your local Firefox profile will be damaged!

you may start the standalone Firefox for testing or upgrading the ESR Firefox binaries, so manually replacing 52.x ESR versions is not required:

./firefox/YOUR_OS/firefoxXXBit.bat (or firefoxXXBit.sh for linux and mac)

The start script populates the local profile folders:

./firefox/YOUR_OS/firefoxProfileXXBit/

Quick Start

After cloning the repo and installation of a local Firefox 52.x ESR you can start seb2 with a default config:

./browser/bin/YOUR_OS/XXBit/start.sh

debug mode:

./browser/bin/YOUR_OS/XXBit/debug.sh

The debug mode creates a log file: ./browser/bin/YOUR_OS/sebProfileXXBit/seb.log.

You can increase the verbosity of the logfile in the debug.sh:

-debug 2

Closing seb2:

Right click on the taskbar icon to close the main browser window. The default password is: password.

Configuration

seb2 first loads a set of default configuration params in ./browser/app/default.json and then looks for a runtime config in the commandline param -config PARAM. The commandline parameter might be:

any absolute path
any url with file:// or http(s) protocol to a local or remote config json file.
the param can also be a stringified or a base64 encoded json object. A base64 encoded string param is used by windows SEB configuration of the embedded seb2
just a filename p.e. config.dev.json placed in ./browser/app/config.*.json

The custom config object is merged into the default config object with the precedence of custom config params.

There are three kinds of configuration params:

only used in standalone seb (prefixed with seb*)
only used in embedded seb
used in both modes

The params are listed in alphabetical order:

Parameter

type: datatype (default)
description
optional examples
optional links to acssociated params

seb2 (only standalone, not handled by Windows SEB)

sebAllCARootTrust

type: boolean (true)
All embedded ca certificates are treated as trusted root, so only the ca-signing cert of the requested server cert needs to be included. If set to false (experimental) the root cert and all intermediate certs must be embedded.
see also: embeddedCertificates

sebBrowserRequestHeader

type: string ("X-SafeExamBrowser-RequestHash")
If sendBrowserExamKey is true a custom request header field is added to each request. It is not recommanded to change the name of the header field for compatibility issues.
The corresponding header key value is described in: browserExamKey

sebDisableOCSP

type: boolean (true)
Disables the browser requesting any OCSP Server (Online Certificate Status Protocol). Enabling is not recommanded, because seb might hang up if the ocsp server can not be reached caused by firewall rules, server down etc. The param is mapped to the native firefox pref "security.OCSP.enabled":0|1

sebErrorPage

type: boolean (true)
If false internal error page is disabled

sebMainBrowserWindowTitlebarEnabled

type: boolean (false)
Set or disables a titlebar frame around the main window. It is NOT recommanded to change this value because it is altered internally dependant on other parameter conditions.
see also: browserView, touchOptimized

sebMainBrowserWindowMaximized

type: boolean (true)
Enables a maximized main window. It is NOT recommanded to change this value because it is altered internally dependant on other parameter conditions.
see also: browserView, touchOptimized

sebNewBrowserWindowByLinkTitlebarEnabled

type: boolean (true)
Set or disables a titlebar frame around any new window. It is NOT recommanded to change this value because it is altered internally dependant on other parameter conditions.
see also: touchOptimized

sebNewBrowserWindowMaximized

type: boolean (false)
Enables a maximized new window. It is NOT recommanded to change this value because it is altered internally dependant on other parameter conditions.
see also: touchOptimized

sebPdfJsEnabled

type: boolean (true)
Use embedded pdfjs library for displaying inline PDF documents

sebPrefs

type: object
default:

"sebPrefs": {
    "network.proxy.type"    : 0,
    "network.proxy.no_proxies_on" : "localhost,127.0.0.1",
    "layout.spellcheckDefault" : 2,
    "spellchecker.dictionary": "en-US",
    "extensions.ui.dictionary.hidden": false,
    "media.navigator.video.enabled" : false,
    "media.getusermedia.audiocapture.enabled" : false
},

generic default firefox preferences, maybe overridden by other config params.
see also: sebPrefsMap

sebPrefsMap

type: object
default:

"sebPrefsMap": {
    "browser.download.dir"      : "downloadDirectoryWIN",
    "dom.disable_open_during_load"  : "blockPopUpWindows",
    "javascript.enabled"        : "enableJavaScript",
    "media.navigator.video.enabled" : "allowVideoCapture",
        "media.getusermedia.audiocapture.enabled" : "allowAudioCapture",
    "general.useragent.override"    : { "cb" : "browserUserAgent"},
    "browser.zoom.full"         : { "cb" : "browserZoomFull" },
    "zoom.maxPercent"       : { "cb" : "zoomMaxPercent" },
    "zoom.minPercent"       : { "cb" : "zoomMinPercent" },
    "plugin.state.flash"        : { "cb" : "pluginEnableFlash" },
    "plugin.state.java"     : { "cb" : "pluginEnableJava" },
    "layout.spellcheckDefault"  : { "cb" : "spellcheckDefault" }
},

Generic Firefox preferences values are dedicated to seb config params or callback functions for extended processing. They are iterated in app/modules/SebConfig.jsm.

sebRebootKeyEnabled

type: boolean (false)
Key for reboot the OS (default: Ctrl-Alt-Shift-F10, see browser/app/chrome/content/seb/seb.xul). Only used in Linux environments.

sebServer

type: object
default:

{
    "url"    : "https://www.simple.org:8442/websocket/index.html",
    "socket" : "wss://www.simple.org:8442"
},

websocket server: Only used in Linux environments and development mode.

sebScreenshot (not used, experimental)

type: boolean (false)

sebScreenshotImageType (not used, experimental)

type: string ("image/jpeg")

sebScreenshotSound (not used, experimental)

type: boolean (false)

SebServerEnabled

type: boolean (false)
see also: sebServer

sebSSlSecurityPolicy

type: integer (1)
SSL_SEC_NONE = 0 : allow all http and https and mixed contents
SSL_SEC_BLOCK_MIXED_ACTIVE = 1 : default: block mixed active contents (scripts...), display contents are allowed (img, css...) = firefox default behaviour
SSL_SEC_BLOCK_MIXED_ALL = 2 : block all mixed contents
SSL_SEC_FORCE_HTTPS = 3 : try redirecting http to https. Beware! this is not a common browser behaviour! The web app should be fixed instead of rewriting the request on the client side!
SSL_SEC_BLOCK_HTTP = 4 : block all http requests

SEB (handled by both: Windows SEB and embedded seb2 )

additionalResources

type: object ({})
nested object tree with additional embedded ressources from different types.
examples:
An external ressource is triggered by another embedded link. The same external ressource can also be triggered by pressing Ctrl-L.

{
    "identifier": "0",
    "additionalResources": [],
    "active": true,
    "autoOpen": false,
    "title": "LinkURL",
    "url": "https://www.simple.org:8443/demo/index.html",
    "resourceDataFilename": "",
    "resourceDataLauncher": 0,
    "resourceData":"",
    "linkURL" : "https://www.simple.org:8443/linkurl",
    "refererFilter":"test.html",
    "resetSession":true,
    "allowLoadingNewSettings":false,
    "key":"L",
    "modifiers":"control",
    "confirm":true,
    "showButton":""
}

In standalone mode ARS p.e. may be used to trigger a quitURL by an embedded link or system keys (here only keys Ctrl-Q):

{
    "identifier": "1",
    "additionalResources": [],
    "active": true,
    "autoOpen": false,
    "title": "quitURL",
    "url": "https://www.simple.org:8443/quit",
    "resourceDataFilename": "",
    "resourceDataLauncher": 0,
    "resourceData":"",
    "linkURL" : "",
    "refererFilter":"test.html",
    "resetSession":true,
    "allowLoadingNewSettings":false,
    "key":"Q",
    "modifiers":"control",
    "confirm":true,
    "showButton":""
}

the example above should work in development mode.
The ARS are used in Windows SEB mainly for accessing embedded ressources or seb files for reconfiguration.

allowAudioCapture

type: boolean (true)
capturing system sound
see also: sebPrefsMap

allowBrowsingBackForward

type: boolean (false)
If true: shows navigation elements in browser toolbar of the main window (if enableBrowserWindowToolbar is generally enabled).

allowQuit

type: boolean (true)
If set to false, the quit function will be disabled. The param will be ignored if the the quit event is fired by the windows (hostForceQuit) host or a quitURL is detected. The quit concepts are really complicated see: seb.jsm "quit: function"
see also: quitURL, quitURLRefererFilter, hashedQuitPassword

allowSpellCheck

type: boolean (false)
allows spellchecking in input fields (, <input type="text">, ...) </li> <li><strong>false</strong> is mapped to layout.spellcheckDefault:0, <strong>true</strong> is mapped layout.spellcheckDefault:2 (in multi and single line inputfields)</li> <li>see also: <a href="#sebprefsmap">sebPrefsMap</a>, <a rel="noreferrer nofollow" target="_blank" href="http://kb.mozillazine.org/Layout.spellcheckDefault">http://kb.mozillazine.org/Layout.spellcheckDefault</a></li> </ul> <h4>allowSpellCheckDictionary (not in use?)</h4> <ul> <li>type: string ("de-DE")</li> </ul> <h4>blacklistURLFilter</h4> <ul> <li>type: string|array ([])</li> <li>array or semicolon seperated list of blocked url rules. The rules are processed before whitelistURLFilter. </li> <li>see also: <a rel="noreferrer nofollow" target="_blank" href="https://github.com/eqsoft/seb2/blob/master/whitelisturlfilter">whitelistURLFilter</a>, <a href="#urlfilterregex">urlFilterRegex</a>, <a href="#urlfiltertrustedcontent">urlFilterTrustedContent</a></li> </ul> <h4>blockPopUpWindows (not implemented)</h4> <h4>browserExamKey</h4> <ul> <li>type: string ("SEBKEY")</li> <li>If <a href="#sendbrowserexamkey">sendBrowserExamKey</a> is <strong>true</strong> each seb request adds a special key as request-header value of <a href="#sebbrowserrequestheader">sebBrowserRequestHeader</a>. If <a href="#browserurlsalt">browserURLSalt</a> is <strong>true</strong>, the key value is prefixed by the requested url+key before hashing.</li> </ul> <h4>browserLanguage</h4> <ul> <li>type: string ("en-US")</li> <li>set the default language of the browser gui (does not work on internal browser messages which depends on the language of the browser binary; needs additional spec)</li> </ul> <h4>browserMessagingPingTime (only used in embedded seb)</h4> <ul> <li>type: number (120000)</li> <li>Every 2 minutes (120000 ms) a keepalive ping is sent from seb2 to windows host</li> </ul> <h4>browserMessagingSocket (only used in embedded seb)</h4> <ul> <li>type: string (ws://www.simple.org:8706)</li> <li>websocket server connection for ipc communication with windows host</li> </ul> <h4>browserMessagingSocketEnabled</h4> <ul> <li>type: boolean (embedded=true | standalone=false)</li> <li>enables messaging websocket server</li> </ul> <h4>browserScreenKeyboard (only used in embedded seb)</h4> <ul> <li>type: boolean (false)</li> <li>If <strong>true</strong> creates eventhandler for input fields in html document for OnScreenKeyboard handling in windows touch devices.</li> </ul> <h4>browserURLSalt (only used in embedded seb)</h4> <ul> <li>type: boolean (true)</li> <li>If true the browserExamKey is prefixed by the request url before hashing</li> <li>see also: <a href="#browserexamKey">browserExamKey</a></li> </ul> <h4>browserUserAgent</h4> <ul> <li>type: string ("SEB 2.2")</li> <li>If not empty the browserUserAgent string is appended to the DEFAULT or CUSTOM UserAgent strings.</li> <li>see next params:</li> </ul> <h4>browserUserAgentWinDesktopMode (used if <strong>touchOptimized=false</strong>)</h4> <ul> <li>type: number (0 default | 1) ? should 0 be the default value</li> <li>0=BROWSER_UA_DESKTOP_DEFAULT : The default UserAgent string from the underlying firefox browser is detected, "seb" is replaced by "Firefox" and everything is suffixed with <a href="#browserUserAgent">browserUserAgent</a></li> <li>1=BROWSER_UA_DESKTOP_CUSTOM : A custom UserAgent string from <a href="#browseruseragentwindesktopmodecustom">browserUserAgentWinDesktopModeCustom</a> which is suffixed with <a href="#browserUserAgent">browserUserAgent</a></li> </ul> <h4>browserUserAgentWinTouchMode</h4> <ul> <li>type: number (0 default | 1) ? should 0 be the default value</li> <li>0=BROWSER_UA_TOUCH_DEFAULT : The default UserAgent string from the underlying firefox browser is detected, "seb" is replaced by "Firefox" and everything suffixed with ";Touch " and <a href="#browserUserAgent">browserUserAgent</a></li> <li>1=BROWSER_UA_TOUCH_IPAD : A custom UserAgent string from <a href="#browseruseragentwintouchmodeipad">browserUserAgentWinTouchModeIPad</a> which is suffixed with <a href="#browseruseragent">browserUserAgent</a> </li> <li>2=BROWSER_UA_TOUCH_CUSTOM : A custom UserAgent string from <a href="#browseruseragentwintouchmodecustom">browserUserAgentWinTouchModeCustom</a> which is suffixed with <a href="#browseruseragent">browserUserAgent</a></li> </ul> <h4>browserUserAgentWinDesktopModeCustom</h4> <ul> <li>type: string ("")</li> <li>Custom UserAgent string in Windows Desktop Mode</li> </ul> <h4>browserUserAgentWinTouchModeIPad</h4> <ul> <li>type: string ("")</li> <li>Custom UserAgent string in iPad Touch Mode</li> </ul> <h4>browserUserAgentWinTouchModeCustom</h4> <ul> <li>type: string ("")</li> <li>Custom UserAgent string in Touch Mode</li> </ul> <h4>browserViewMode</h4> <ul> <li>type: number (0|1 default)</li> <li>0 = The main window is NOT maximized to fullscreen and the window can manually be resized by dragging the titlebar around the frame. Size and position settings are processed <a href="#mainbrowserwindowheight">mainBrowserWindowHeight</a>, <a href="#mainbrowserwindowpositioning">mainBrowserWindowPositioning</a>, <a href="#mainbrowserwindowwidth">mainBrowserWindowWidth</a>.</li> <li>1 = The main window is maximized to fullscreen without any frame around it and any size and position settings (see above) are ignored.</li> <li>If <a href="#touchoptimized">touchOptimized</a> is <strong>true</strong> the browserViewMode setting is ignored internally set to 1 (= maximized) for all windows</li> </ul> <h4>browserWindowAllowReload</h4> <ul> <li>type: boolean (true)</li> <li>If true: allows to reload the main window, either with reload button or websocket event.</li> <li>See also: <a href="#enablebrowserwindowtoolbar">enableBrowserWindowToolbar</a>, <a href="#enablebrowserwindowtoolbar">newBrowserWindowAllowReload</a></li> </ul> <h4>browserWindowTitleSuffix</h4> <ul> <li>type: string ("")</li> <li>If not empty the window title is suffixed with browserWindowTitleSuffix</li> </ul> <h4>downloadDirectoryWin (not implemented)</h4> <h4>embeddedCertificates</h4> <ul> <li>type: array of cert objects ([])</li> <li>cert objects: { ("certificateDataBase64"|"certificateDataWin") : base64string, "type": number (see TYPE_ENUM), "name": string (only mandatory on type:3(=CERT_SSL_DEBUG) }</li> </ul> <p>TYPE_ENUM:</p> <ul> <li>CERT_SSL = <strong>0</strong>, normal SSL cert, needs anyway a trusted ca in the cert storage. Server certs actually not need to be embedded if a trusted ca is in the storage.</li> <li>CERT_USER = <strong>1</strong>, reserved to windows host, not implemented?</li> <li>CERT_CA = <strong>2</strong>, CA cert</li> <li>CERT_SSL_DEBUG = <strong>3</strong>, debug SSL cert, any untrusted, expired or self-signed cert will be registered for trusted accessing the given "name":"DOMAIN" attribute. Same effect if you add an cert exception by importing a server cert in the firefox cert manager, which in fact adds this exception rule to the cert_override.txt in memory. This is really helpful if you need to access self-signed or expired ssl certs. The CERT_SSL_DEBUG is only recommanded in case of emergency or debugging.</li> </ul> <p>CA embedding example: <code>./browser/app/config.dev.json</code> with embedded root and signing ca certs from <code>./pki/ca/(root|signing)-ca.crt</code> </p> <h4>enableBrowserWindowToolbar</h4> <ul> <li>type: boolean (true)</li> <li>enables a browser toolbar in all windows</li> <li><strong>main window</strong>: if at least one of the following configs is true: <a href="#allowbrowsingbackforward">allowBrowsingBackForward</a> or <a href="#browserwindowallowreload">browserWindowAllowReload</a></li> <li><strong>popup window</strong>: if at least one of the following configs is true: <a href="#allowbrowsingbackforward">allowBrowsingBackForward</a> or <a href="#browserwindowallowreload">browserWindowAllowReload</a> </li> </ul> <h4>enableJava</h4> <ul> <li>type: boolean (false)</li> <li>enables JavaPlugin</li> </ul> <h4>enableJavaScript (not implemented)</h4> <h4>enablePlugIns</h4> <ul> <li>type: boolean (false)</li> <li>enables FlashPlugin</li> </ul> <h4>enableZoomPage (bundled)</h4> <h4>enableZoomText (bundled)</h4> <ul> <li>type: boolean (true)</li> <li>if <strong>false</strong> zooming factor for both max and min is 100%=disabled</li> <li>see also <a href="#zoommode">zoomMode</a></li> </ul> <h4>hashedQuitPassword</h4> <ul> <li>type: base64String ("5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8" = "password")</li> <li>If not empty a password dialog needs to be confirmed before browser quit (ignored on quitURL)</li> </ul> <h4>mainBrowserWindowHeight</h4> <ul> <li>type: string|number ("NUMBER%"|"NUMBER"|NUMBER) </li> <li>Setting the height of the main window either in "%" or pixel size. Do not append "px" to the numbers, because the setting is implicit treated as px data.</li> <li>On default the setting is ignored (see <a href="#browserviewmode">browserViewMode</a> = 1)</li> <li>see also <a href="#touchoptimized">touchOptimized</a></li> </ul> <h4>mainBrowserWindowPositioning</h4> <ul> <li>type: number (0=left|1=center (default)|2=right)</li> <li>On default the setting is ignored (see <a href="#browserviewmode">browserViewMode</a> = 1)</li> <li>see also <a href="#touchoptimized">touchOptimized</a></li> </ul> <h4>mainBrowserWindowWidth</h4> <ul> <li>type: string|number ("NUMBER%"|"NUMBER"|NUMBER) </li> <li>Setting the width of the main window either in "%" or pixel size. Do not append "px" to the numbers, because the setting is implicit treated as px data.</li> <li>On default the setting is ignored (see <a href="#browserviewmode">browserViewMode</a> = 1)</li> <li>see also <a href="#touchoptimized">touchOptimized</a></li> </ul> <h4>newBrowserWindowAllowReload</h4> <ul> <li>type: boolean (true)</li> <li>If true: allows to reload popup windows, either with reload button or websocket event.</li> <li>See also: <a href="#browserwindowallowreload">browserWindowAllowReload</a>, <a href="#enablebrowserwindowtoolbar">enableBrowserWindowToolbar</a></li> </ul> <h4>newBrowserWindowByLinkBlockForeign</h4> <ul> <li>not implemented</li> </ul> <h4>newBrowserWindowByLinkHeight</h4> <ul> <li>type: string|number ("NUMBER%"|"NUMBER"|NUMBER) </li> <li>Setting the height of any new window either in "%" or pixel size. Do not append "px" to the numbers, because the setting is implicit treated as px data.</li> <li>On <a href="#touchoptimized">touchOptimized</a> = <strong>true</strong> the size settings will be ignored (all windows = maximized)</li> </ul> <h4>newBrowserWindowByLinkPolicy</h4> <ul> <li>not implemented</li> </ul> <h4>newBrowserWindowByLinkPositioning</h4> <ul> <li>type: number (0=left|1=center (default)|2=right)</li> <li>On <a href="#touchoptimized">touchOptimized</a> = <strong>true</strong> the size settings will be ignored (all windows = maximized)</li> </ul> <h4>newBrowserWindowByLinkWidth</h4> <ul> <li>type: string|number ("NUMBER%"|"NUMBER"|NUMBER) </li> <li>Setting the width of any new window either in "%" or pixel size. Do not append "px" to the numbers, because the setting is implicit treated as px data.</li> <li>On <a href="#touchoptimized">touchOptimized</a> = <strong>true</strong> the size settings will be ignored (all windows = maximized)</li> </ul> <h4>newBrowserWindowByScriptBlockForeign</h4> <ul> <li>not implemented</li> </ul> <h4>newBrowserWindowByScriptPolicy</h4> <ul> <li>not implemented</li> </ul> <h4>newBrowserWindowNavigation</h4> <ul> <li>type: boolean (false)</li> <li>If true: shows navigation elements in browser toolbar in popup windows (if <a href="#enablebrowserwindowtoolbar">enableBrowserWindowToolbar</a> is generally enabled).</li> <li>See also <a href="#browserwindowallowreload">browserWindowAllowReload</a></li> </ul> <h4>pinEmbeddedCertificates</h4> <ul> <li>type: boolean (false)</li> <li>Setting to true will remove ALL trusted default certificates from mozilla cert storage. I don't think this setting is very usefull because in my opinion it is cleaner to restrict access to any sites with white- or blacklists (). The restriction / pinning to the embedded certs by removing all trusted root ca certs might lead to uncomely error messages (try: set pinEmbeddedCertificates:true and startURL:"<a rel="noreferrer nofollow" target="_blank" href="https://www.google.com">https://www.google.com</a>" :-|)</li> </ul> <h4>proxies</h4> <ul> <li>type : object ({})</li> <li>example:</li> </ul> <pre><code>"proxies": { "ExceptionsList" : [ "*.local", "169.254/16" ], "HTTPProxy":"www.simple.org", "HTTPPort" : 8337, "HTTPEnable": true, "Auth":true, "AuthType": "basic", "Realm": "Basic Area", "User":"demo", "Password":"demo" },</code></pre> <ul> <li>the example above should work in development mode (see <a href="#infos_for_developer">Infos for Developer</a></li> </ul> <h4>proxySettingsPolicy</h4> <ul> <li>type: integer (1)</li> <li>0 = SEB Config Proxy Settings (not recommanded, should be tested on client and network infrastructure before!)</li> <li>1 = System Proxy</li> </ul> <h4>quitURL</h4> <ul> <li>type: string ("")</li> <li>A quitURL request will shutdown the browser. The quit</li> <li>See also <a href="#quiturlrefererfilter">quitURLRefererFilter</a>, <a href="#additionalresources">additionalResources</a></li> </ul> <h4>quitURLRefererFilter</h4> <ul> <li>type: string ("")</li> <li>If not empty the quitURL will only be executed if the current page url contains the quitURLRefererFilter string.</li> </ul> <h4>removeBrowserProfile</h4> <ul> <li>type: boolean (false)</li> <li>Removes the content of the profile folder after quit.</li> </ul> <h4>restartExamPasswordProtected (not implemented)</h4> <h4>restartExamText (not implemented)</h4> <h4>restartExamURL (not implemented)</h4> <h4>restartExamUseStartURL (not implemented)</h4> <h4>sendBrowserExamKey</h4> <ul> <li>type: boolean (true)</li> <li>if <strong>true</strong> a special request header is added to each request, so the server might block any invalid and unauthorized requests.</li> <li>see also: <a href="#sebbrowserrequestheader">sebBrowserRequestHeader</a>, <a href="#browserexamkey">browserExamKey</a>, <a href="#browserurlsalt">browserURLSalt</a></li> </ul> <h4>showReloadWarning</h4> <ul> <li>type: boolean (false)</li> <li>If true shows a Reload Warning before reloading the page</li> </ul> <h4>showTaskBar</h4> <ul> <li>type boolean (false)</li> <li>If <strong>true</strong> shows a taskbar around the window. It is not recommanded to set this parameter because the taskbar is handled by other params like <a href="#browserviewmode">browserViewMode</a> and <a href="#touchoptimzed">touchOptimzed</a></li> </ul> <h4>startURL</h4> <ul> <li>type: string ("<a rel="noreferrer nofollow" target="_blank" href="https://github.com/eqsoft/seb2">https://github.com/eqsoft/seb2</a>")</li> <li>The start url of the browser</li> </ul> <h4>taskBarHeight</h4> <ul> <li>type: number (0)</li> <li>Sets the height of the taskbar. It is not recommanded to set this parameter because the taskbar is handled by other params like <a href="#browserviewmode">browserViewMode</a> and <a href="#touchoptimzed">touchOptimzed</a></li> </ul> <h4>touchOptimized</h4> <ul> <li>type: boolean (false)</li> <li>Optmizes some gui features in touch mode</li> </ul> <h4>urlFilterTrustedContent</h4> <ul> <li>type: boolean (true)</li> <li>If set to <strong>false</strong> EVERY resource request (html, css, js, images ....) request is validated by the whitelistURLFilter and blacklistURLFilter. Invalid document requests are blocked with alert message, invalid embedded ressources are blocked silently. The default setting <strong>true</strong> only validates the document url and validation check is skipped for embedded ressources.</li> </ul> <h4>urlFilterRegex</h4> <ul> <li>type: boolean (false)</li> <li>If set to <strong>true</strong> the filter rules are treated as regex patterns</li> <li>see also: <a rel="noreferrer nofollow" target="_blank" href="https://github.com/eqsoft/seb2/blob/master/blacklisturlfilter">blacklistURLFilter</a>, <a rel="noreferrer nofollow" target="_blank" href="https://github.com/eqsoft/seb2/blob/master/whitelisturlfilter">whitelistURLFilter</a></li> </ul> <h4>whitelistURLFilter</h4> <ul> <li>type: string|array ([])</li> <li>array or semicolon seperated list of allowed url rules. The rules are processed after blacklistURLFilter.</li> <li>see also: <a rel="noreferrer nofollow" target="_blank" href="https://github.com/eqsoft/seb2/blob/master/blacklisturlfilter">blacklistURLFilter</a>, <a href="#urlfilterregex">urlFilterRegex</a>, <a href="#urlfiltertrustedcontent">urlFilterTrustedContent</a></li> </ul> <h4>zoomMode</h4> <ul> <li>type: number (0)</li> <li>0=browserZoomFull=true 1=browserZoomFull=false</li> </ul> <h2>Websocket Handler</h2> <h2>Infos for Developer</h2></div> </div> <div class="footer"> <ul class="body"> <li>© <script> document.write(new Date().getFullYear()) </script> Githubissues.</li> <li>Githubissues is a development platform for aggregating issues.</li> </ul> </div> <script src="https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js"></script> <script src="/githubissues/assets/js.js"></script> <script src="/githubissues/assets/markdown.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/highlight.min.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/languages/go.min.js"></script> <script> hljs.highlightAll(); </script> </body> </html>

eqsoft / seb2

readme