1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-27 14:12:09 +00:00

New note: alternative textual browsers

This commit is contained in:
Rohan Kumar 2022-08-06 19:00:12 -07:00
parent 586d201749
commit 2c133b1870
No known key found for this signature in database
GPG key ID: 1E892DB2A5F84479

View file

@ -0,0 +1,10 @@
---
title: "Alternative textual browsers"
date: 2022-08-06T19:00:03-07:00
---
I've used [many textual browsers]({{<relref "/meta/site-design.md#compatibility-statement">}}), but I'm interested in more hardened options. Browsers parse untrusted content from the Internet but no textual browsers employ sandboxing, continuous fuzzing, or other security measures. Check CVEs for Lynx or w3m and you'll see what I mean.
I'm also looking at alternatives to [my w3m-sandbox script](https://git.sr.ht/~seirdy/bwrap-scripts/tree/trunk/item/w3m-sandbox) to show HTML emails. Pandoc with `commonmark-raw_html` output is an option; Haskell seems like a better choice than un-fuzzed C for this. I'd like a more battle-hardened library for networking, like libcurl (used in Edbrowse).
I considered [Offpunk](https://notabug.org/ploum/offpunk), which uses Readability to extract articles. I'd rather pipe [rdrview](https://github.com/eafer/rdrview) output to w3m-sandbox. rdrview does some sandboxing, and sanitizes input to a subset of HTML.