diff options
| author | Florian Bruhin <me@the-compiler.org> | 2021-03-19 10:11:28 +0100 |
|---|---|---|
| committer | Florian Bruhin <me@the-compiler.org> | 2021-03-19 17:59:47 +0100 |
| commit | de803571a9404a8310d6ef18e4712f0920957a8a (patch) | |
| tree | cb3478d7b958571b399de9375287a986afb623df | |
| parent | 3e4be9ddb7713e4eca601bc286b0ef456f72145c (diff) | |
| download | qutebrowser-de803571a9404a8310d6ef18e4712f0920957a8a.tar.gz qutebrowser-de803571a9404a8310d6ef18e4712f0920957a8a.zip | |
Rename ssl_strict
Closes #5156
| -rw-r--r-- | doc/help/settings.asciidoc | 16 | ||||
| -rw-r--r-- | qutebrowser/browser/shared.py | 20 | ||||
| -rw-r--r-- | qutebrowser/config/configdata.yml | 15 | ||||
| -rw-r--r-- | qutebrowser/config/configfiles.py | 18 | ||||
| -rw-r--r-- | tests/end2end/features/prompts.feature | 22 | ||||
| -rw-r--r-- | tests/end2end/features/test_open_bdd.py | 2 | ||||
| -rw-r--r-- | tests/end2end/features/test_prompts_bdd.py | 2 | ||||
| -rw-r--r-- | tests/end2end/fixtures/quteprocess.py | 3 | ||||
| -rw-r--r-- | tests/unit/config/test_configfiles.py | 15 |
9 files changed, 73 insertions, 40 deletions
diff --git a/doc/help/settings.asciidoc b/doc/help/settings.asciidoc index 8b2964f4f..d4089c915 100644 --- a/doc/help/settings.asciidoc +++ b/doc/help/settings.asciidoc @@ -191,7 +191,7 @@ |<<content.proxy_dns_requests,content.proxy_dns_requests>>|Send DNS requests over the configured proxy. |<<content.register_protocol_handler,content.register_protocol_handler>>|Allow websites to register protocol handlers via `navigator.registerProtocolHandler`. |<<content.site_specific_quirks,content.site_specific_quirks>>|Enable quirks (such as faked user agent headers) needed to get specific sites to work properly. -|<<content.ssl_strict,content.ssl_strict>>|Validate SSL handshakes. +|<<content.tls.certificate_errors,content.tls.certificate_errors>>|How to proceed on TLS certificate errors. |<<content.unknown_url_scheme_policy,content.unknown_url_scheme_policy>>|How navigation requests to URLs with unknown schemes are handled. |<<content.user_stylesheets,content.user_stylesheets>>|List of user stylesheet filenames to use. |<<content.webgl,content.webgl>>|Enable WebGL. @@ -2627,19 +2627,19 @@ Type: <<types,Bool>> Default: +pass:[true]+ -[[content.ssl_strict]] -=== content.ssl_strict -Validate SSL handshakes. +[[content.tls.certificate_errors]] +=== content.tls.certificate_errors +How to proceed on TLS certificate errors. This setting supports URL patterns. -Type: <<types,BoolAsk>> +Type: <<types,String>> Valid values: - * +true+ - * +false+ - * +ask+ + * +ask+: Ask how to proceed for every certificate error (unless non-overridable due to HSTS). + * +block+: Automatically block loading on certificate errors. + * +load-insecurely+: Force loading pages despite certificate errors. This is *insecure* and should be avoided. Instead of using this, consider fixing the underlying issue or importing a self-signed certificate via `certutil` (or Chromium) instead. Default: +pass:[ask]+ diff --git a/qutebrowser/browser/shared.py b/qutebrowser/browser/shared.py index b3a0da51d..a03a4f6e2 100644 --- a/qutebrowser/browser/shared.py +++ b/qutebrowser/browser/shared.py @@ -165,14 +165,13 @@ def ignore_certificate_errors(url, errors, abort_on): Return: True if the error should be ignored, False otherwise. """ - ssl_strict = config.instance.get('content.ssl_strict', url=url) - log.network.debug("Certificate errors {!r}, strict {}".format( - errors, ssl_strict)) + conf = config.instance.get('content.tls.certificate_errors', url=url) + log.network.debug(f"Certificate errors {errors!r}, config {conf}") for error in errors: assert error.is_overridable(), repr(error) - if ssl_strict == 'ask': + if conf == 'ask': err_template = jinja.environment.from_string(""" Errors while loading <b>{{url.toDisplayString()}}</b>:<br/> <ul> @@ -191,18 +190,13 @@ def ignore_certificate_errors(url, errors, abort_on): # prompt aborted ignore = False return ignore - elif ssl_strict is False: - log.network.debug("ssl_strict is False, only warning about errors") + elif conf == 'load-insecurely': for err in errors: - # FIXME we might want to use warn here (non-fatal error) - # https://github.com/qutebrowser/qutebrowser/issues/114 - message.error('Certificate error: {}'.format(err)) + message.error(f'Certificate error: {err}') return True - elif ssl_strict is True: + elif conf == 'block': return False - else: - raise ValueError("Invalid ssl_strict value {!r}".format(ssl_strict)) - raise utils.Unreachable + raise utils.Unreachable(conf) def feature_permission(url, option, msg, yes_action, no_action, abort_on, diff --git a/qutebrowser/config/configdata.yml b/qutebrowser/config/configdata.yml index 45d8d1a7c..6fa1a1c15 100644 --- a/qutebrowser/config/configdata.yml +++ b/qutebrowser/config/configdata.yml @@ -953,11 +953,20 @@ content.register_protocol_handler: desc: Allow websites to register protocol handlers via `navigator.registerProtocolHandler`. -content.ssl_strict: +content.tls.certificate_errors: default: ask - type: BoolAsk + type: + name: String + valid_values: + - ask: Ask how to proceed for every certificate error (unless non-overridable due + to HSTS). + - block: Automatically block loading on certificate errors. + - load-insecurely: Force loading pages despite certificate errors. This is + *insecure* and should be avoided. Instead of using this, consider fixing the + underlying issue or importing a self-signed certificate via `certutil` (or + Chromium) instead. supports_pattern: true - desc: Validate SSL handshakes. + desc: How to proceed on TLS certificate errors. content.user_stylesheets: type: diff --git a/qutebrowser/config/configfiles.py b/qutebrowser/config/configfiles.py index 04aa4ec49..f8566e2d0 100644 --- a/qutebrowser/config/configfiles.py +++ b/qutebrowser/config/configfiles.py @@ -399,6 +399,13 @@ class YamlMigrations(QObject): new_name='statusbar.show', true_value='never', false_value='always') + self._migrate_renamed_bool( + old_name='content.ssl_strict', + new_name='content.tls.certificate_errors', + true_value='block', + false_value='load-insecurely', + ask_value='ask', + ) for setting in ['colors.webpage.force_dark_color_scheme', 'colors.webpage.prefers_color_scheme_dark']: @@ -518,14 +525,21 @@ class YamlMigrations(QObject): def _migrate_renamed_bool(self, old_name: str, new_name: str, true_value: str, - false_value: str) -> None: + false_value: str, + ask_value: str = None) -> None: if old_name not in self._settings: return self._settings[new_name] = {} for scope, val in self._settings[old_name].items(): - new_value = true_value if val else false_value + if val == 'ask': + assert ask_value is not None + new_value = ask_value + elif val: + new_value = true_value + else: + new_value = false_value self._settings[new_name][scope] = new_value del self._settings[old_name] diff --git a/tests/end2end/features/prompts.feature b/tests/end2end/features/prompts.feature index f263615f5..10e7e4ceb 100644 --- a/tests/end2end/features/prompts.feature +++ b/tests/end2end/features/prompts.feature @@ -163,40 +163,40 @@ Feature: Prompts # SSL - Scenario: SSL error with content.ssl_strict = false + Scenario: SSL error with content.tls.certificate_errors = load-insecurely When I clear SSL errors - And I set content.ssl_strict to false + And I set content.tls.certificate_errors to load-insecurely And I load an SSL page And I wait until the SSL page finished loading Then the error "Certificate error: *" should be shown And the page should contain the plaintext "Hello World via SSL!" - Scenario: SSL error with content.ssl_strict = true + Scenario: SSL error with content.tls.certificate_errors = block When I clear SSL errors - And I set content.ssl_strict to true + And I set content.tls.certificate_errors to block And I load an SSL page Then a SSL error page should be shown - Scenario: SSL error with content.ssl_strict = ask -> yes + Scenario: SSL error with content.tls.certificate_errors = ask -> yes When I clear SSL errors - And I set content.ssl_strict to ask + And I set content.tls.certificate_errors to ask And I load an SSL page And I wait for a prompt And I run :prompt-accept yes And I wait until the SSL page finished loading Then the page should contain the plaintext "Hello World via SSL!" - Scenario: SSL error with content.ssl_strict = ask -> no + Scenario: SSL error with content.tls.certificate_errors = ask -> no When I clear SSL errors - And I set content.ssl_strict to ask + And I set content.tls.certificate_errors to ask And I load an SSL page And I wait for a prompt And I run :prompt-accept no Then a SSL error page should be shown - Scenario: SSL error with content.ssl_strict = ask -> abort + Scenario: SSL error with content.tls.certificate_errors = ask -> abort When I clear SSL errors - And I set content.ssl_strict to ask + And I set content.tls.certificate_errors to ask And I load an SSL page And I wait for a prompt And I run :mode-leave @@ -484,7 +484,7 @@ Feature: Prompts Scenario: Interrupting SSL prompt during a notification prompt Given I have a fresh instance When I set content.notifications to ask - And I set content.ssl_strict to ask + And I set content.tls.certificate_errors to ask And I open data/prompt/notifications.html in a new tab And I run :click-element id button And I wait for a prompt diff --git a/tests/end2end/features/test_open_bdd.py b/tests/end2end/features/test_open_bdd.py index 04ab3411f..4100fcb88 100644 --- a/tests/end2end/features/test_open_bdd.py +++ b/tests/end2end/features/test_open_bdd.py @@ -27,7 +27,7 @@ bdd.scenarios('open.feature') @pytest.mark.parametrize('scheme', ['http://', '']) def test_open_s(request, quteproc, ssl_server, scheme): """Test :open with -s.""" - quteproc.set_setting('content.ssl_strict', 'false') + quteproc.set_setting('content.tls.certificate_errors', 'load-insecurely') quteproc.send_cmd(':open -s {}localhost:{}/' .format(scheme, ssl_server.port)) if scheme == 'http://' or not request.config.webengine: diff --git a/tests/end2end/features/test_prompts_bdd.py b/tests/end2end/features/test_prompts_bdd.py index 8c222177c..3b42be4d0 100644 --- a/tests/end2end/features/test_prompts_bdd.py +++ b/tests/end2end/features/test_prompts_bdd.py @@ -66,7 +66,7 @@ def ssl_error_page(request, quteproc): def test_certificate_error_load_status(request, quteproc, ssl_server): """If we load the same page twice, we should get a 'warn' status twice.""" - quteproc.set_setting('content.ssl_strict', 'false') + quteproc.set_setting('content.tls.certificate_errors', 'load-insecurely') for i in range(2): quteproc.open_path('/', port=ssl_server.port, https=True, wait=False, diff --git a/tests/end2end/fixtures/quteprocess.py b/tests/end2end/fixtures/quteprocess.py index 90d7f9647..45d800b3a 100644 --- a/tests/end2end/fixtures/quteprocess.py +++ b/tests/end2end/fixtures/quteprocess.py @@ -647,8 +647,9 @@ class QuteProc(testprocess.Process): ('auto_save.interval', '0'), ('new_instance_open_target_window', 'last-opened') ] + # FIXME needed? if not self.request.config.webengine: - settings.append(('content.ssl_strict', 'false')) + settings.append(('content.tls.certificate_errors', 'load-insecurely')) for opt, value in settings: self.set_setting(opt, value) diff --git a/tests/unit/config/test_configfiles.py b/tests/unit/config/test_configfiles.py index 4d70b7d25..e0d64bffc 100644 --- a/tests/unit/config/test_configfiles.py +++ b/tests/unit/config/test_configfiles.py @@ -601,6 +601,21 @@ class TestYamlMigrations: def test_bool(self, migration_test, setting, old, new): migration_test(setting, old, new) + @pytest.mark.parametrize('ssl_strict, certificate_errors', [ + (True, 'block'), + (False, 'load-insecurely'), + ('ask', 'ask'), + ]) + def test_ssl_strict(self, yaml, autoconfig, ssl_strict, certificate_errors): + autoconfig.write({'content.ssl_strict': {'global': ssl_strict}}) + + yaml.load() + yaml._save() + + data = autoconfig.read() + assert 'content.ssl_strict' not in data + assert data['content.tls.certificate_errors']['global'] == certificate_errors + @pytest.mark.parametrize('setting', [ 'tabs.title.format', 'tabs.title.format_pinned', |