If the blacklist is only valid for the completion, the setting should also be
under completion.
This also un-renames history.gap_interval and renames
completion.web_history_max_items.
This adds a new CompletionMetaInfo table which is a simple key/value store.
Thanks to Python/sqlite duck typing, we can use that to store values of any
type, even new ones in the future.
Currently, the only allowed key is force_rebuild, which forces a rebuild of the
CompletionHistory table. This will be needed for a future change.
`ListCategory` sorts its completion by default, we are already building
the categories in the right order so don't need that.
The test tests the case of where you have 11 tabs and if the model was
sorted the tabs with index 10 and 11 would be sorted before the one with
index 2.
The `random.sample` bit for the tab url and title is to also make sure
the model isn't being sorted on those columns, whithout haveng to write
and all ten lines.
In ffc29ee043 (part of v1.0.0), a
qute://settings/set URL was added to change settings.
Contrary to what I apparently believed at the time, it *is* possible for
websites to access `qute://*` URLs (i.e., neither QtWebKit nor QtWebEngine
prohibit such requests, other than the usual cross-origin rules).
In other words, this means a website can e.g. have an `<img>` tag which loads a
`qute://settings/set` URL, which then sets `editor.command` to a bash script.
The result of that is arbitrary code execution.
Fixes#4060
See #2332
I think this covers the right path despite not using either of the
backend specific download code. They both either call `set_target()`
directly with a guessed filename or from the prompt question. When
called directly though that basename set by `_init_item()` is used.
It's a little high level but we already know that sanitize_filenames
does, I wanted to test that it gets called.
For the LogFilter tests I just copied some of the examples that were
already being used and reversed them. To do that without even more
duplication I had to add another parameter to the test.
This reverts commit 1956590df84a72c7f9a516e805d01529291fccf8.
Turns out the actual issue wasn't due to *invalid* links - it's with links
which have an unknown scheme.
There's still a change in behavior between Qt 5.10 and 5.11 though: Invalid
links are apparently not passed to acceptNavigationRequest (sometimes?) so we
don't show an error message. Instead, we just load about:blank. However,
Chromium does that too and we can't handle a real click easily, so let's just
ignore that one.
See #3661
Turns out str.isdigit() also handles ² as a digit, but int('²') causes a
ValueError.
Here we use `string.digits` instead, which is '0123456789'.
Fixes#3743
I just want to return something I can refer to the attributes of via dot
syntax without having to pointlessly write the names both when I declare
the data class and when I assign the variables.
Such a stupid warning.
Since the JSCore used by WebKit 602.1 doesn't fully support Proxy and I
can't think of a way to provide isolation otherwise just revert to the
old behaviour in that case. I am checking for the specific WebKit
version because I'm pretty sure that version just happened to be
released when Proxy support was only partially done, any later release
will presumably have a newer JSCore where it works.
There I changed the indentation of a block in the jinja template which
will have inflated the diff.
I added mocking of `objects.backend` to the `webview` and
`webenginewebview` fixtures, I am pretty sure they are mutually
exclusive so don't expect any issues from that.
Because of the feature detection being at template compile time I had to
tweak the test setup to be done via a fixture instead of the setupClass
functionality that I was using before.
The implementation of Proxy in JSCore used by current QtWebkit (webkit
602.1) doesn't support the `set()` handler for whatever reason. So
instead of testing for a specific behaviour that we can't ensure on that
version let's just skip the tests and handle user complaints with
sympathy.
Adds a test to codify what I think greasemonkey scripts expect from
their scope chains. Particularly that they can:
1. access the global `window` object
2. access all of the attributes of the global window object as global
objects themselves
3. see any changes the page made to the global scope
4. write to attributes of `window` and have those attributes, and changes
to existing attributes, accessable via global scope
5. do number 4 without breaking the pages expectations, that is what
`unsafeWindow` is for
There are some other points about greasemonkey scripts' environment that
I believe to be true but am not testing in this change:
* changes a page makes to `window` _after_ a greasemonkey script is
injected will still be visible to the script if it cares to check and
it hasn't already shadowed them
* said changes will not overwrite changes that the greasemonkey script
has made.
The greasemonkey `@match` directive is used to match urls against
chromium url patterns (as opposed to `@include` which treats its
argument as a glob expression). I was using fnmatch for both here
because I am lazy and knew someone else was going to implement chromium
url patterns for me eventually. Now it is done and I should switch to
using them instead. The most common failing case that this will fix is
something matching on `*://*.domain.com/*` because it wouldn't match
the url with no subdomain.
This codepath is only used on webengine 5.7.1 and webkit backends.
Allow completion functions to react dynamically to args as the user
inputs them. This allows config-cycle to filter out values that were
already provided.
Args provided after the maxsplit do not cause the completion to regen.
For example, successive words typed after `:open` just set the filter
pattern and do not spuriously regenerate the completion model.
When a command has positional varargs, keep offering the configured
completion for each successive argument.
Right now this only influences `config-cycle`.
Previously, `config-cycle <option> ` would offer a value completion for
only the first argument after the option. Now it will keep offering
value completion for each successive argument.
This will be useful for passing multiple tags to the new bookmark
commands that will be added for #882.
`prefix` is a string and `seq` is a key sequence, so removing `len(prefix)`
items from `seq` will remove too many if `prefix` contains a special character
(ex "<Ctrl+x>"). Remove the number of characters from `str(seq)` instead.
If we don't do this, when doing:
self.config_stub.val.content.user_stylesheets = css_path
then _update_stylesheet gets called before the stylesheet QWebEngineScript did
run (as there was no load yet), so we get:
[:2] Uncaught TypeError: Cannot read property 'stylesheet' of undefined!
Instead, load the page first and then update the stylesheet.
This tests that live updating works properly, and also makes sure we don't run
into the problem described above.
- Initialize JavaScript in webenginesettings.py instead of webenginetab.py
- Move JavaScript snippet into a .js file
- Make sure scripts can be re-run and do nothing if already run.
- Run scripts on DocumentCreation *and* DocumentReady. Closes#3717.
- Give each script an unique name for debugging.
- Also make custom stylesheets work on chrome:// pages
- Use qutebrowser-editor-backup as the backup file prefix
- Consistently use message.error instead of cmdexc
- Improve test coverage for the backup function
- Fix lint errors in the unit test code
Currently the editor deletes its temp file whenever editing is finished.
With this patch, the file will not be deleted if the editor callback
encounters an exception.
One example is if the tab containing the edited element is closed. The
editor errors with "Edited element vanished", but with this patch it
will also print "Backup at ..." so the user does not lose their work.
Resolves#1596.
Supersedes #3641, using the cleaner approach started in #1677.
1899e313fd as a fix for #3631 broke :unbind, as
the config system treats None and '' equally.
Instead, allow None/'' again, but just handle it as "no binding".
This mostly reverts 4ef5db1bc4 for #1966, but
fixes#3684 by allowing numbers to be bound again. If the user wants to bind
numbers instead of using them for a count, why not let them.
