Hi, Update for Xombrero to 1.3.0:
* [NEW] force_https setting and https command to force a given domain to always use HTTPS * [NEW] Use force_https to provide a preloaded HSTS list to help avoid the ssl stripping attack. Sites in this list are taken from Chromium's preloaded HSTS list, and additional domains added by the xombrero authors. * [NEW] Added an about:runtime page and :runtime command to view and change runtime settings * [NEW] Added a link to view the cached HTTPS certificate in addition to the new remote certificate * [NEW] Added a new setting, gnutls_priority_string, to modify the GnuTLS priority string that it used by glib-networking. This may be used to fix sites that break when the browser advertises newer TLS versions, and enable or disable specific ciphersuites. This has no effect with glib-networking versions < 2.33.10. * [NEW] Modify the about:favorites page to remove the X links to remove links. A new favedit command has been added to show the Rm links. * [NEW] Added a special 'unbind' keybinding action to remove any previously bound actions to a keybinding. * Add a workaround to fix a GTK focus bug until it has been fixed upstream (see https://bugzilla.gnome.org/show_bug.cgi?id=677329) * Each tab now owns its own session key for internal xombrero links, instead of a session key for the type of operation. Session keys are destroyed after they are no longer needed. This prevents rogue sites from even being able to correctly guess a sesion key to run an internal xombrero command. * Fix several issues that were the result of our back/forward handling. Reloading pages should now always work after loading a page from an about page (for example, about:favorites). * Prevent the loading of unsafe uris (for example, javascript: or data:) when following links. This measure is to prevent against bait-and-switch attacks (see http://lcamtuf.coredump.cx/switch/ for an example). * Fix the following of clicking links when they attempt to open in a new tab (target="_blank"), whitelist mode is enabled, and the current site is not in the javascript whitelist. * Make middle clicking in the command and hinting prompt paste from the PRIMARY clipboard * Make the GTK3 tabs even smaller (like how they were in the GTK2 version) * Prevent tabs from growing to twice their height when using P (pasteurinew) to paste a link with a newline at the end. * Fix the background of insensitive icons in context menues by coloring their backgrounds transparent. * Modify the reminder message on about:about so it's clear the browser must be restarted. * Modify the about:allthethings output to a more C-like syntax * Remove the usage of relying on some deprecated webkitgtk signals * Prevent spitting out warnings of deprecated gcrypt functions when building * Prevent a crash when using editsrc on about:blank or any other blank page * Many various code cleanups **Upgrading Notice** The way domains and subdomains of whitelist items are handled has been changed. In previous versions, whitelisting example.com would automatically expand to .example.com (which matches example.com and all subdomains). This has been fixed in this version. If your xombrero configuration includes whitelists without a leading period, and you intend for subdomains to also be included in the whitelist, you will need to manually update your configuration to add the leading periods. Tested on amd64. Ok? Comments? Cheers. -- Sending from my VCR...
Index: Makefile =================================================================== RCS file: /cvs/ports/www/xombrero/Makefile,v retrieving revision 1.3 diff -u -p -r1.3 Makefile --- Makefile 10 Aug 2012 14:12:58 -0000 1.3 +++ Makefile 1 Sep 2012 21:13:45 -0000 @@ -1,7 +1,7 @@ # $OpenBSD: Makefile,v 1.3 2012/08/10 14:12:58 gonzalo Exp $ COMMENT= vi-like minimalists web browser -DISTNAME= xombrero-1.2.2 +DISTNAME= xombrero-1.3.0 CATEGORIES= www EPOCH= 1 Index: distinfo =================================================================== RCS file: /cvs/ports/www/xombrero/distinfo,v retrieving revision 1.3 diff -u -p -r1.3 distinfo --- distinfo 10 Aug 2012 14:12:58 -0000 1.3 +++ distinfo 1 Sep 2012 21:13:45 -0000 @@ -1,2 +1,2 @@ -SHA256 (xombrero-1.2.2.tgz) = fNLRF0I5teP4l0c8pp78H7MDSR1u1gvwaCY637drFko= -SIZE (xombrero-1.2.2.tgz) = 242038 +SHA256 (xombrero-1.3.0.tgz) = QtgxlTzQEagdHFkU6p4UsUviQLQAwe2UxMwmuon53eI= +SIZE (xombrero-1.3.0.tgz) = 253343
