From 1ceb8ac74db19b1b6ef51057275bc7f8f944885d Mon Sep 17 00:00:00 2001
From: Florian Bruhin <git@the-compiler.org>
Date: Sun, 30 Nov 2014 21:57:37 +0100
Subject: [PATCH] Add an ssl-strict=ask option. Closes #16.

---
 qutebrowser/config/configdata.py      |  2 +-
 qutebrowser/config/configtypes.py     | 20 ++++++++++++++++++++
 qutebrowser/network/networkmanager.py | 26 ++++++++++++++++++--------
 3 files changed, 39 insertions(+), 9 deletions(-)

diff --git a/qutebrowser/config/configdata.py b/qutebrowser/config/configdata.py
index 6ba1eb259..abacc46a0 100644
--- a/qutebrowser/config/configdata.py
+++ b/qutebrowser/config/configdata.py
@@ -251,7 +251,7 @@ DATA = collections.OrderedDict([
          "`http://...` URL."),
 
         ('ssl-strict',
-         SettingValue(typ.Bool(), 'true'),
+         SettingValue(typ.BoolAsk(), 'ask'),
          "Whether to validate SSL handshakes."),
 
         ('dns-prefetch',
diff --git a/qutebrowser/config/configtypes.py b/qutebrowser/config/configtypes.py
index 97cfa2095..f3354922c 100644
--- a/qutebrowser/config/configtypes.py
+++ b/qutebrowser/config/configtypes.py
@@ -265,6 +265,26 @@ class Bool(BaseType):
         return [('true', ''), ('false', '')]
 
 
+class BoolAsk(Bool):
+
+    """A yes/no/ask question."""
+
+    def transform(self, value):
+        if value.lower() == 'ask':
+            return 'ask'
+        else:
+            return super().transform(value)
+
+    def validate(self, value):
+        if value.lower() == 'ask':
+            return
+        else:
+            super().validate(value)
+
+    def complete(self):
+        return [('true', ''), ('false', ''), ('ask', '')]
+
+
 class Int(BaseType):
 
     """Base class for an integer setting.
diff --git a/qutebrowser/network/networkmanager.py b/qutebrowser/network/networkmanager.py
index 73b901b72..c19f71db0 100644
--- a/qutebrowser/network/networkmanager.py
+++ b/qutebrowser/network/networkmanager.py
@@ -101,14 +101,24 @@ class NetworkManager(QNetworkAccessManager):
             reply: The QNetworkReply that is encountering the errors.
             errors: A list of errors.
         """
-        if config.get('network', 'ssl-strict'):
-            return
-        for err in errors:
-            # FIXME we might want to use warn here (non-fatal error)
-            # https://github.com/The-Compiler/qutebrowser/issues/114
-            message.error(self._win_id,
-                          'SSL error: {}'.format(err.errorString()))
-        reply.ignoreSslErrors()
+        ssl_strict = config.get('network', 'ssl-strict')
+        if ssl_strict == 'ask':
+            err_string = '\n'.join('- ' + err.errorString() for err in errors)
+            answer = message.ask(
+                self._win_id,
+                'SSL errors - continue?\n{}'.format(err_string),
+                mode=usertypes.PromptMode.yesno)
+            if answer:
+                reply.ignoreSslErrors()
+        elif ssl_strict:
+            pass
+        else:
+            for err in errors:
+                # FIXME we might want to use warn here (non-fatal error)
+                # https://github.com/The-Compiler/qutebrowser/issues/114
+                message.error(self._win_id,
+                              'SSL error: {}'.format(err.errorString()))
+            reply.ignoreSslErrors()
 
     @pyqtSlot('QNetworkReply', 'QAuthenticator')
     def on_authentication_required(self, _reply, authenticator):