Closed nmeum closed 10 years ago
On Sun, Feb 02, 2014 at 04:02:28 -0800, nmeum wrote:
Uzbl already supports a cookie white/blacklist. I would appreciate it if it would support a javascript white/blacklist too.
Agreed. Unfortunately, WebKitGTK doesn't give us such control. The best solution that I've been able to come up with is something like RequestPolicy[1] which can be implemented[2]. This can be used to block external JS, but in-page JS will always (AFAICT) be executed unless WebKitGTK exposes signals for every JS invokation (which would be expensive and probably not worth it).
[1]https://www.requestpolicy.com/ [2]I've started, but performance is abysmal :( .
The xombrero webbrowser is also built on top of webkit and it does have a javascript whitlelist (IRC it also blocks the execution of in-page JS). I don't know how they implemented it, but maybe you could get inspired by their implementation if you read the source code. Unfortunately, I don't have enough C skills to do so, otherwise I would help you with this issue.
Looking at the code, it's a per-site thing, not a per-script setting. Basically, it checks URIs against the lists and toggles enable_scripts based on that. The per-site-settings.py should do the same thing (it executes uzbl commands based on the URI, so you can disable scripts by default then turn it on later).
This can be solved with per-site-settings.py:
*
*
set enable_scripts 0
jsallowedsite.com
/path/to/allowed/pages
set enable_scripts 1
Just wild-card match everything to disable scripts up front then enable it based on the host and path.
Uzbl already supports a cookie white/blacklist. I would appreciate it if it would support a javascript white/blacklist too.