fmaury/seirdy.one
1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-23 21:02:09 +00:00
Code Issues Projects Releases Wiki Activity

New note: alternative textual browsers

Browse source
This commit is contained in:
Rohan Kumar 2022-08-06 19:00:12 -07:00
parent 586d201749
commit 2c133b1870
No known key found for this signature in database
GPG key ID: 1E892DB2A5F84479
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
content/notes/alternative-textual-browsers.md Normal file
View file

@ -0,0 +1,10 @@
---
title: "Alternative textual browsers"
date: 2022-08-06T19:00:03-07:00
---
I've used [many textual browsers]({{<relref "/meta/site-design.md#compatibility-statement">}}), but I'm interested in more hardened options. Browsers parse untrusted content from the Internet but no textual browsers employ sandboxing, continuous fuzzing, or other security measures. Check CVEs for Lynx or w3m and you'll see what I mean.
I'm also looking at alternatives to [my w3m-sandbox script](https://git.sr.ht/~seirdy/bwrap-scripts/tree/trunk/item/w3m-sandbox) to show HTML emails. Pandoc with `commonmark-raw_html` output is an option; Haskell seems like a better choice than un-fuzzed C for this. I'd like a more battle-hardened library for networking, like libcurl (used in Edbrowse).
I considered [Offpunk](https://notabug.org/ploum/offpunk), which uses Readability to extract articles. I'd rather pipe [rdrview](https://github.com/eafer/rdrview) output to w3m-sandbox. rdrview does some sandboxing, and sanitizes input to a subset of HTML.