- Update to version 1.8.2
Fixed
* Unbinding keys via config.bind(key, None) accidentally worked
in v1.7.0 but raises an exception in v1.8.0. It now works
again, but is deprecated and shows an error. Note that
:config-py-write did write such invalid lines before v1.8.0,
so existing config files might need adjustments.
* The readability-js userscript now handles encodings correctly
(which it didn't before for some websites).
* can now be used to paste text starting with a hyphen.
* Following hints via the number keypad now works properly again.
* Errors while reading the state file are now displayed instead
of causing a crash.
* Crash when using :debug-log-level without a console attached.
* Downloads are now hidden properly when the browser is in
fullscreen mode.
* Crash when setting colors.webpage.bg to an empty value with
QtWebKit.
* Crash when the history database file is not a proper sqlite
database.
OBS-URL: https://build.opensuse.org/request/show/750898
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=36
Fixed
* Unbinding keys via config.bind(key, None) accidentally worked
in v1.7.0 but raises an exception in v1.8.0. It now works
again, but is deprecated and shows an error. Note that
:config-py-write did write such invalid lines before v1.8.0,
so existing config files might need adjustments.
* The readability-js userscript now handles encodings correctly
(which it didn't before for some websites).
* can now be used to paste text starting with a hyphen.
* Following hints via the number keypad now works properly again.
* Errors while reading the state file are now displayed instead
of causing a crash.
* Crash when using :debug-log-level without a console attached.
* Downloads are now hidden properly when the browser is in
fullscreen mode.
* Crash when setting colors.webpage.bg to an empty value with
QtWebKit.
* Crash when the history database file is not a proper sqlite
database.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=75
- Update to version 1.8.1
Added
* New userscripts:
+ readability-js which uses Mozilla's node.js readability
library.
+ qute-bitwarden which integrates the Bitwarden CLI.
Changed
* The statusbar text for passthrough mode now shows all
configured bindings to leave the mode, not only one.
* When :config-source is used with a relative filename, the file
is now searched in the config directory instead of the current
working directory.
* HTML5 inputs with date/time types now enter insert mode when
selected.
* dictcli.py now shows where dictionaries are installed to and
complains when running it as root if doing so would result in
a wrong installation path.
* Changes to userscripts:
+ qute-pass: Don't run pass if only a username is requested.
+ qute-pass: Support private domains like myrouter.local.
+ readability: Improved CSS styling.
* Performance improvements in various areas:
+ Loading config files
+ Typing without any completion matches
+ General keyboard handling
+ Scrolling
* :version now shows details about the loaded
autoconfig.yml/config.py.
* Hosts are now additionally looked up including their ports in
netrc files.
OBS-URL: https://build.opensuse.org/request/show/740914
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=35
Added
* New userscripts:
+ readability-js which uses Mozilla's node.js readability
library.
+ qute-bitwarden which integrates the Bitwarden CLI.
Changed
* The statusbar text for passthrough mode now shows all
configured bindings to leave the mode, not only one.
* When :config-source is used with a relative filename, the file
is now searched in the config directory instead of the current
working directory.
* HTML5 inputs with date/time types now enter insert mode when
selected.
* dictcli.py now shows where dictionaries are installed to and
complains when running it as root if doing so would result in
a wrong installation path.
* Changes to userscripts:
+ qute-pass: Don't run pass if only a username is requested.
+ qute-pass: Support private domains like myrouter.local.
+ readability: Improved CSS styling.
* Performance improvements in various areas:
+ Loading config files
+ Typing without any completion matches
+ General keyboard handling
+ Scrolling
* :version now shows details about the loaded
autoconfig.yml/config.py.
* Hosts are now additionally looked up including their ports in
netrc files.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=73
- Update to version 1.7.0
Added
* New settings:
+ colors.tabs.pinned.* to control colors of pinned tabs.
+ hints.leave_on_load which allows disabling leaving of hint
mode when a new page is loaded.
+ colors.completion.item.selected.match.fg which allows
configuring the text color for the matching text in the
currently selected completion item.
+ tabs.undo_stack_size to limit how many undo entries are kept
for closed tabs.
* New commands:
+ :reverse-selection (o in caret mode) to swap the
stationary/moving ends of a selection.
* New commandline replacements:
+ {url:domain}, {url:auth}, {url:scheme}, {url:username},
{url:password}, {url:host}, {url:port}, {url:path},
{url:query} for the respective parts of the current URL.
+ {title} for the current page title.
* The {title} field in tabs.title.format,
tabs.title.format_pinned and window.title_format got renamed to
{current_title} (mirroring {current_url}) in order to not
conflict with the new {title} commandline replacement.
* New delete target for :hint which removes the hinted element
from the DOM.
* New --config-py commandline argument to use a custom config.py
file.
* Qt 5.13: Support for notifications (shown via system tray).
Changed
* The desktop file qutebrowser.desktop is now renamed to
org.qutebrowser.qutebrowser.desktop.
* Pinned tabs now always show a favicon (even if the site doesn't
provide one) when shrinking.
* Setting downloads.location.directory now changes the directory
displayed in the download prompt even if
downloads.location.remember is set.
* The yank command gained a new inline argument, which allows to
e.g. use :yank inline [{title}]({url}).
* Duplicate consecutive history entries with the same URL are now
ignored.
* More detailed error messages when spawning a process failed.
* The content.pdfjs setting now supports domain patterns.
* Improved process status output with :spawn -o.
* The colors.tabs.bar.bg setting is now of type QssColor and thus
supports gradients.
* The :fullscreen command now understands a new --enter flag
which causes it to always enter fullscreen instead of toggling
the current state.
* --debug-flag stack is now needed to show stack traces on
renderer process crashes.
* --debug-flag chromium can be used to easily turn on verbose
Chromium logging.
* Permission prompts can now be answered with
Y (:prompt-accept --save yes) and N (:prompt-accept --save no)
to save the answer as a per-domain setting.
* content.dns_prefetch is now turned off by default, as it causes
crashes inside QtWebEngine.
* The (still unofficial) interceptor plugin API now contains
resource_type for a request and allows redirecting requests.
* :bookmark-remove now shows a message for consistency with
:bookmark-add.
* Very early segfaults are now also caught by the crash handler.
* The appdata XML now contains proper release information and an
(empty) OARS content rating.
* Improved Linux distribution detection.
* Qt 5.13: Request filtering now happens in the UI rather than
IO thread.
* Qt 5.13: Support for PDFium (Chromium's PDF viewer) is disabled
for now so that PDFs can still be downloaded
(or shown with PDF.js) properly.
* Various performance improvements (e.g. for showing hints or
the :open completion).
Deprecated
* :yank markdown got deprecated, as :yank inline [{title}]({url})
can now be used instead.
Fixed
* Various QtWebEngine load signals are now handled differently,
which should fix issues with insert mode being left while
typing on sites like Google Translate.
* Race condition causing a colored statusbar in normal mode when
entering/exiting caret mode quickly.
* Using 100% for a hue in a hsv(...) config value now corresponds
to 359 (rather than 255), matching the fixed behavior in
Qt 5.13.
* Chaining commands with ;; used to abort with some failing
commands. It now runs the second command no matter whether the
first one succeeded or not.
* Handling of profiles and private windows (and resulting crashes
with Qt 5.12.2).
* Fixes for corner-cases when using :navigate increment/decrement
* The type for the colors.hints.match.fg setting was changed to
QtColor.
* Gradients were never supported for this setting, and with this
change, values like rgb(0, 0, 0) now work as well.
* Permission prompts now show a properly normalized URL with
QtWebKit.
* Crash on start when PyQt was built without SSL support with
Qt >= 5.12.
* Minor memory leaks.
OBS-URL: https://build.opensuse.org/request/show/716618
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=34
Added
* New settings:
+ colors.tabs.pinned.* to control colors of pinned tabs.
+ hints.leave_on_load which allows disabling leaving of hint
mode when a new page is loaded.
+ colors.completion.item.selected.match.fg which allows
configuring the text color for the matching text in the
currently selected completion item.
+ tabs.undo_stack_size to limit how many undo entries are kept
for closed tabs.
* New commands:
+ :reverse-selection (o in caret mode) to swap the
stationary/moving ends of a selection.
* New commandline replacements:
+ {url:domain}, {url:auth}, {url:scheme}, {url:username},
{url:password}, {url:host}, {url:port}, {url:path},
{url:query} for the respective parts of the current URL.
+ {title} for the current page title.
* The {title} field in tabs.title.format,
tabs.title.format_pinned and window.title_format got renamed to
{current_title} (mirroring {current_url}) in order to not
conflict with the new {title} commandline replacement.
* New delete target for :hint which removes the hinted element
from the DOM.
* New --config-py commandline argument to use a custom config.py
file.
* Qt 5.13: Support for notifications (shown via system tray).
Changed
* The desktop file qutebrowser.desktop is now renamed to
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=71
Fixed
* Crash when hinting and changing/closing the tab before hints
are displayed.
* Crash on redirects with Qt 5.13.
* Hide bogus AA_ShareOpenGLContexts warning with Qt 5.12.4.
* Workaround for renderer process crashes with Qt 5.12.4.
If you're unable to update, you can remove ~/.cache/qutebrowser
for the same result.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=69
Fixed
* Crash when SQL errors occur while using the completion.
* Crash when cancelling a download prompt started in an already
closed window.
* Crash when many prompts are opened at the same time.
* Running without Qt installed now displays a proper error again.
* High CPU usage when using the keyhint widget with a low delay.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=67
- Update to version 1.6.1
Fixed
* Crash when using :config-{dict,list}-{add,remove} with an invalid setting.
* Functionality like hinting on pages with an element with ID _qutebrowser
(such as qutebrowser.org) on Qt 5.12.
* The .desktop file in v1.6.0 was missing the "Actions" key.
* The SVG icon now has a size of 256x256px set to comply with freedesktop
standards.
* Setting colors.statusbar.*.bg to a gradient now has the expected effect of
the gradient spanning the entire statusbar.
OBS-URL: https://build.opensuse.org/request/show/686851
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=30
Fixed
* Crash when using :config-{dict,list}-{add,remove} with an invalid setting.
* Functionality like hinting on pages with an element with ID _qutebrowser
(such as qutebrowser.org) on Qt 5.12.
* The .desktop file in v1.6.0 was missing the "Actions" key.
* The SVG icon now has a size of 256x256px set to comply with freedesktop
standards.
* Setting colors.statusbar.*.bg to a gradient now has the expected effect of
the gradient spanning the entire statusbar.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=62
- Update to version 1.6.0
Added
* New settings:
+ tabs.new_position.stacking which controls whether new tabs
opened from a page should stack on each other or not.
+ completion.open_categories which allows to configure which
categories are shown in the :open completion, and how they
are ordered.
+ tabs.pinned.frozen to allow/deny navigating in pinned tabs.
+ hints.selectors which allows to configure what CSS selectors
are used for hints, and also allows adding custom hint groups
+ input.insert_mode.leave_on_load to turn off leaving insert
mode when a new page is loaded.
* New config manipulation commands:
+ :config-dict-add and :config-list-add to a new element to a
dict/list setting.
+ :config-dict-remove and :config-list-remove to remove an
element from a dict/list setting.
+ New :yank markdown feature which yanks the current URL and
title in markdown format.
+ Support for new QtWebEngine features in Qt 5.12:
~ Basic support for client certificates. Selecting the
certificate to use when there are multiple matching
certificates isn't implemented yet.
~ Support for DNS prefetching (plus new content.dns_prefetch
setting).
Changed
* :q now closes the current window instead of quitting
qutebrowser completely (:close), while :qa quits (:quit).
The behavior of :wq remains unchanged (:quit --save), as
closing a window while saving the session doesn't make sense.
* Completion highlighting is now done differently (using
QSyntaxHighlighter), which should fix some highlighting
corner-cases.
* The QtColor config type now also understands colors like
rgb(...).
* :yank now has a --quiet option which causes it to not display
a message.
* The :open completion now also shows search engines by default.
* The content.host_blocking.enabled setting now supports URL
patterns, so the adblocker can be disabled on a given page.
* Elements with a tabindex attribute now also get hints by
default.
* Various small performance improvements for hints and the
completion.
* The Wayland check for QtWebEngine is now disabled on
Qt >= 5.11.2, as those versions should work without any issues.
* The JavaScript console object is now available in PAC files.
* PAC proxies currently don't work properly on QtWebEngine (and
never did), so an error is now shown when trying to configure
a PAC proxy.
* The metainfo file qutebrowser.appdata.xml is now renamed to
org.qutebrowser.qutebrowser.appdata.xml.
* The qute-pass userscript now understands domains in gpg
filenames in addition to directory names.
* The autocompletion for content.headers.user_agent got updated
to only include the default and Chrome, as setting the UA to
Firefox has various bad side-effects.
* Combining Qt 5.12 with an older PyQt can lead to issues, so a
warning is now shown when starting qutebrowser with that
combination.
Fixed
* Invalid world IDs now get rejected for :jseval and GreaseMonkey
scripts.
* When websites suggest download filenames with invalid
characters, those are now correctly replaced.
* Invalid hint length calculation in certain rare cases.
* Dragging tabs in the tab bar (which was broken in v1.5.0)
* Using Shift-Home in command mode now works properly.
* Workaround for a Qt bug which prevented
content.cookies.accept = no-3rdparty from working properly on
some pages like GMail. However, the default for
content.cookies.accept is still all to be in line with what
other browsers do.
* :navigate not incrementing in anchors or queries.
* Crash when trying to use a proxy requiring authentication with
QtWebKit.
* Slashes in search terms are now percent-escaped.
* When scrolling.bar = True was set in versions before v1.5.0,
this now correctly gets migrated to always instead of
when-searching.
* Completion highlighting now works again on Qt 5.11.3 and 5.12.1
* The non-standard header X-Do-Not-Track is no longer sent.
* PAC proxies were never correctly supported with QtWebEngine,
but are now explicitly disallowed.
* Issues with fullscreen handling when exiting a video player.
* Various fixes for Qt 5.12 issues:
+ A javascript error on page load was fixed.
+ window.print() works with Qt 5.12 now.
+ Fixed handling of duplicate download filenames.
+ Fixed broken qute://history page.
+ Fixed PDF.js not working properly.
+ The download button in PDF.js now works (it's not possible
to make it work with earlier Qt versions).
+ Since Greasemonkey scripts modifying the DOM fail when being
run at document-start, some known-broken scripts (Iridium,
userstyles.org) are now forced to run at document-end.
- Require python3-qtwebengine-qt5 on TW
(package split since PyQt5 5.12)
OBS-URL: https://build.opensuse.org/request/show/684447
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=29
Added
* New settings:
+ tabs.new_position.stacking which controls whether new tabs
opened from a page should stack on each other or not.
+ completion.open_categories which allows to configure which
categories are shown in the :open completion, and how they
are ordered.
+ tabs.pinned.frozen to allow/deny navigating in pinned tabs.
+ hints.selectors which allows to configure what CSS selectors
are used for hints, and also allows adding custom hint groups
+ input.insert_mode.leave_on_load to turn off leaving insert
mode when a new page is loaded.
* New config manipulation commands:
+ :config-dict-add and :config-list-add to a new element to a
dict/list setting.
+ :config-dict-remove and :config-list-remove to remove an
element from a dict/list setting.
+ New :yank markdown feature which yanks the current URL and
title in markdown format.
+ Support for new QtWebEngine features in Qt 5.12:
~ Basic support for client certificates. Selecting the
certificate to use when there are multiple matching
certificates isn't implemented yet.
~ Support for DNS prefetching (plus new content.dns_prefetch
setting).
Changed
* :q now closes the current window instead of quitting
qutebrowser completely (:close), while :qa quits (:quit).
The behavior of :wq remains unchanged (:quit --save), as
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=60
Fixed:
* Flickering when opening/closing tabs (as soon as more than
10 are open) on some pages.
* Improved logging for PDF.js resources which fail to load.
* Crash when closing a tab after doing a search.
* Tabs appearing when hidden after e.g. closing tabs.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=55
- Update to version 1.5.0:
Added:
* Rewritten PDF.js support:
+ PDF.js support and the content.pdfjs setting are now
available with QtWebEngine.
+ Opening a PDF file now doesn't start a second request
anymore.
+ Opening PDFs on https:// sites now works properly.
+ New --pdfjs flag for prompt-open-download, so PDFs can be
opened in PDF.js with <Ctrl-P> in the download prompt.
* New settings:
+ content.mouse_lock to handle HTML5 pointer locking.
+ completion.web_history.exclude which hides a list of URL
patterns from the completion.
+ qt.process_model which can be used to change Chromium's
process model.
+ qt.low_end_device_mode which turns on Chromium's low-end
device mode. This mode uses less RAM, but the expense of
performance.
+ content.webrtc_ip_handling_policy, which allows more
fine-grained/restrictive control about which IPs are
exposed via WebRTC.
+ tabs.max_width which allows to have a more "normal" look
for tabs.
+ content.mute which allows to mute pages (or all tabs) by
default.
* Running qutebrowser with QtWebKit or Qt < 5.9 now shows a
warning (only once), as support for those is going to be
removed in a future release.
* New t[iI][hHu] default bindings (similar to tsh etc.) to
toggle images.
* The qute-pass userscript now has optional OTP support.
* When :spawn --userscript is called with a count, that count
is now passed to userscripts as $QUTE_COUNT.
Changed:
* Various performance improvements when many tabs are opened.
* The content.headers.referer setting now works on QtWebEngine.
* The :repeat command now takes a count which is multiplied
with the given "times" argument.
* The default keybinding to leave passthrough mode was changed
from <Ctrl-V> to <Shift-Escape>, which makes pasting from the
clipboard easier in passthrough mode and is also unlikely to
conflict with webpage bindings.
* The app_id is now set to qutebrowser for Wayland.
* Using :set option now shows the value of the setting
(like :set option? already did).
* The completion.web_history_max_items setting got renamed to
completion.web_history.max_items.
* Regenerating completion history now shows a progress dialog.
* The content.autoplay setting now supports URL patterns on
Qt >= 5.11.
* The content.host_blocking.whitelist setting now takes a list
of URL patterns instead of globs.
* In passthrough mode, Ctrl + Mousewheel now also gets passed
through to the page instead of zooming.
* Editing text in an external editor now simulates a JS "input"
event, which improves compatibility with websites reacting
via JS to input.
* The qute://settings page is now properly sorted on Python 3.5
* :zoom, :zoom-in and :zoom-out now have a --quiet switch which
causes them to not display a message.
* The scrolling.bar setting now takes three values instead of
being a boolean: always, never, and when-searching (which
only displays it while a search is active).
* '@@' now repeats the last run macro.
* The content.host_blocking.lists setting now accepts a file://
URL to a directory, and reads all files in that directory.
* The :tab-give and :tab-take command now have a new flag
--keep which causes them to keep the old tab around.
* :navigate now clears the URL query.
Fixed:
* qute:// pages now work properly on Qt 5.11.2
* Error when passing a substring with spaces to :tab-take.
* Greasemonkey scripts which start with an UTF-8 BOM are now
handled correctly.
* When no documentation has been generated, the plaintext
documentation now can be shown for more files such as
qute://help/userscripts.html.
* Crash when doing initial run on Wayland without XWayland.
* Crash when trying to load an empty session file.
* :hint with an invalid --mode= value now shows a proper error.
* Rare crash on Qt 5.11.2 when clicking on <select> elements.
* Rare crash related to the completion.
Removed:
* Support for importing pre-v1.0.0 history files has been
removed.
* The content.webrtc_public_interfaces_only setting has been
removed and replaced by content.webrtc_ip_handling_policy.
OBS-URL: https://build.opensuse.org/request/show/639810
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=26
Added:
* Rewritten PDF.js support:
+ PDF.js support and the content.pdfjs setting are now
available with QtWebEngine.
+ Opening a PDF file now doesn't start a second request
anymore.
+ Opening PDFs on https:// sites now works properly.
+ New --pdfjs flag for prompt-open-download, so PDFs can be
opened in PDF.js with <Ctrl-P> in the download prompt.
* New settings:
+ content.mouse_lock to handle HTML5 pointer locking.
+ completion.web_history.exclude which hides a list of URL
patterns from the completion.
+ qt.process_model which can be used to change Chromium's
process model.
+ qt.low_end_device_mode which turns on Chromium's low-end
device mode. This mode uses less RAM, but the expense of
performance.
+ content.webrtc_ip_handling_policy, which allows more
fine-grained/restrictive control about which IPs are
exposed via WebRTC.
+ tabs.max_width which allows to have a more "normal" look
for tabs.
+ content.mute which allows to mute pages (or all tabs) by
default.
* Running qutebrowser with QtWebKit or Qt < 5.9 now shows a
warning (only once), as support for those is going to be
removed in a future release.
* New t[iI][hHu] default bindings (similar to tsh etc.) to
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=53
- Update to version 1.4.2:
Changed:
* The content.xss_auditing setting is now enabled by default,
to mirror Chromium's rather than Qt's default behavior.
* Long URLs in the statusbar are now elided at the end rather
than in the middle, to make sure the hostname is completely
visible whenever possible.
Fixed:
* Crash in Qt 5.7.1 when a website uses window.print().
* The workaround for Nouveau graphic drivers now works properly
again.
* Crash when using :follow-selected with a link which is
outside of the view.
* Workaround for windows not showing as urgent with some window
managers (like i3).
* Crash when opening URLs with some unicode characters
(IDNA 2008). Those URLs still won't open though, due to
missing support in Qt.
* Crash when a download directory which can't be created is
configured.
* Crash in the importer.py script when importing Chrome
bookmarks from newer Chrome versions.
* The content.webrtc_public_interfaces_only option didn't work
on Qt 5.11 previously (it now does). Note it still does not
work on Qt 5.10 (due to a Qt bug) and Qt < 5.9.2.
* Repeated escaping of entries in qute://log when refreshing
page.
* The host blocker doesn't block 0.0.0.0 anymore.
* Crash when using :// as URL pattern.
* The :buffer completion now sorts tabs with indices >= 10
correctly again.
OBS-URL: https://build.opensuse.org/request/show/632747
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=25
Changed:
* The content.xss_auditing setting is now enabled by default,
to mirror Chromium's rather than Qt's default behavior.
* Long URLs in the statusbar are now elided at the end rather
than in the middle, to make sure the hostname is completely
visible whenever possible.
Fixed:
* Crash in Qt 5.7.1 when a website uses window.print().
* The workaround for Nouveau graphic drivers now works properly
again.
* Crash when using :follow-selected with a link which is
outside of the view.
* Workaround for windows not showing as urgent with some window
managers (like i3).
* Crash when opening URLs with some unicode characters
(IDNA 2008). Those URLs still won't open though, due to
missing support in Qt.
* Crash when a download directory which can't be created is
configured.
* Crash in the importer.py script when importing Chrome
bookmarks from newer Chrome versions.
* The content.webrtc_public_interfaces_only option didn't work
on Qt 5.11 previously (it now does). Note it still does not
work on Qt 5.10 (due to a Qt bug) and Qt < 5.9.2.
* Repeated escaping of entries in qute://log when refreshing
page.
* The host blocker doesn't block 0.0.0.0 anymore.
* Crash when using :// as URL pattern.
* The :buffer completion now sorts tabs with indices >= 10
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=51
Security:
* CVE-2018-10895: Fix CSRF issue on the qute://settings page,
leading to possible arbitrary code execution.
See the related GitHub issue for details:
https://github.com/qutebrowser/qutebrowser/issues/4060
Fixed:
* Rare crash when an error occurs in downloads.
* Newlines are now stripped from the :version pastebin URL.
* Worked around a Qt issue which redirects to a
chrome-error:// page when trying to use U2F.
* The link_pyqt.py script now works correctly with PyQt 5.11.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=47
- Update %description
- Update to version 1.4.0:
Added:
* Support for the bundled sip module in PyQt 5.11 and other
changes in Qt/PyQt 5.11.x.
* New --debug-flag log-requests to log requests to the debug
log for debugging.
* New --first flag for :hint (bound to gi for inputs) which
automatically selects the first hint.
* New input.escape_quits_reporter setting which can be used to
avoid accidentally quitting the crash reporter when pressing
escape.
* New qute-lastpass userscript which uses the LastPass CLI to
fill passwords.
* The Makefile now installs a
/usr/share/metainfo/qutebrowser.appdata.xml file.
* QtWebEngine: Support for printing from webpages via
window.print.
* QtWebEngine: Support for muting tabs:
+ New {audio} field for window.title_format and
tabs.title.format which displays [M]/[A] for
muted/recently audible tabs.
+ New :tab-mute command (bound to <Alt-m>) to mute/unmute a
tab.
* QtWebEngine: Support for content.cookies.accept with
third-party cookies blocked by default (requires Qt 5.11).
* QtWebEngine: New settings:
+ Support for requesting persistent storage via
navigator.webkitPersistentStorage.requestQuota with a new
content.persistent_storage setting (requires Qt 5.11).
This setting also supports URL patterns.
+ Support for registering custom protocol handlers via
navigator.registerProtocolHandler with a new
content.register_protocol_handler setting (requires
Qt 5.11). This setting also supports URL patterns.
+ Support for WebRTC screen sharing with a new
content.desktop_capture setting (requires Qt 5.10).
This setting also supports URL patterns.
+ New content.autoplay setting to enable/disable automatic
video playback (requires Qt 5.10).
+ New content.webrtc_public_interfaces_only setting to only
expose public interfaces over WebRTC (requires Qt 5.9.2
or 5.11).
+ New content.canvas_reading setting to disable reading from
canvas elements.
Changed:
* The following settings now support URL patterns:
+ content.headers.do_not_track
+ content.headers.custom
+ content.headers.accept_language
+ content.headers.user_agent
+ content.ssl_strict
+ content.geolocation
+ content.notifications
+ content.media_capture
* New short flags for commandline arguments: -B and -T for
--basedir and --temp-basedir; -d and -D for --debug and
--debug-flag.
* Deleting history items via :history-clear or
:completion-item-del now also removes that URL from
QtWebEngine's visited links.
* There's now completion for commands taking a variable count
of arguments (like :config-cycle).
* QtWebEngine: On Qt 5.11.1, no reloads are needed anymore
when switching between pages with changed settings
(e.g. content.javascript.enabled).
* The qt.force_software_rendering setting changed from a
boolean to taking different values (software-opengl,
qt-quick and chromium) for different kinds of software
rendering workarounds.
* On Qt 5.11, using wayland with QtWebEngine is now possible
when using software rendering.
* GreaseMonkey scripts now get their own global scope (based on
the page's one), which allows scripts like OneeChan to work.
* Rapid hinting is now supported with the yank and yank-primary
targets, copying newline-separated links.
* QtWebEngine: On Qt 5.11, the developer tools (inspector) can
now be used securely and without requiring the
--enable-webengine-inspector option.
* The <Enter> key (:follow-selected) now follows the currently
focused element if there's no selection.
* The --logfilter argument now can be prepended with an
exclamation mark (e.g. --logfilter '!init,destroy') to
invert the filter.
* :view-source now has a --pygments flag which uses the "old"
way of rendering sources even with QtWebEngine.
* Improved error messages when a setting needs a newer Qt
version.
* QtWebEngine: Various improvements to make the cursor more
visible in caret browsing.
* When a prompt is opened in insert/passthrough mode, the mode
is restored after closing the prompt.
* On Qt 5.10 or newer, dictionaries are now read from the
qutebrowser data directory (e.g. ~/.local/share/qutebrowser)
instead of /usr/share/qt.
Existing dictionaries are copied over.
* If an error while parsing ~/.netrc occurs, the cause of the
error is now logged.
* On Qt 5.9 or newer, certificate errors now show Chromium's
detailed error page.
* Greasemonkey scripts now support a "@qute-js-world" tag to
run them in a different JavaScript context.
Fixed:
* Various subtle keyboard focus issues.
* The security fix in v1.3.3 caused URLs with ampersands
(www.example.com?one=1&two=2) to send the wrong arguments
when clicked on the qute://history page.
* Crash when opening a PDF page with PDF.js enabled
(on QtWebKit), but no PDF.js installed.
* Crash when closing a tab shortly after opening it.
Removed:
* :tab-detach which has been deprecated in v1.1.0 has been
removed.
* The content.developer_extras setting got removed.
On QtWebKit, developer extras are now automatically enabled
when opening the inspector.
OBS-URL: https://build.opensuse.org/request/show/620511
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=22
- Update to version 1.4.0:
Added:
* Support for the bundled sip module in PyQt 5.11 and other
changes in Qt/PyQt 5.11.x.
* New --debug-flag log-requests to log requests to the debug
log for debugging.
* New --first flag for :hint (bound to gi for inputs) which
automatically selects the first hint.
* New input.escape_quits_reporter setting which can be used to
avoid accidentally quitting the crash reporter when pressing
escape.
* New qute-lastpass userscript which uses the LastPass CLI to
fill passwords.
* The Makefile now installs a
/usr/share/metainfo/qutebrowser.appdata.xml file.
* QtWebEngine: Support for printing from webpages via
window.print.
* QtWebEngine: Support for muting tabs:
+ New {audio} field for window.title_format and
tabs.title.format which displays [M]/[A] for
muted/recently audible tabs.
+ New :tab-mute command (bound to <Alt-m>) to mute/unmute a
tab.
* QtWebEngine: Support for content.cookies.accept with
third-party cookies blocked by default (requires Qt 5.11).
* QtWebEngine: New settings:
+ Support for requesting persistent storage via
navigator.webkitPersistentStorage.requestQuota with a new
content.persistent_storage setting (requires Qt 5.11).
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=45
- Update to version 1.3.3:
Security:
* An XSS vulnerability on the qute://history page allowed
websites to inject HTML into the page via a crafted title
tag. This could allow them to steal your browsing history.
If you're currently unable to upgrade, avoid using :history.
This issue has been assigned CVE-2018-1000559.
Fixed:
* Crash in a workaround for a Qt 5.11 bug in rare
circumstances.
* Workaround for a Qt bug which preserves searches between page
loads.
OBS-URL: https://build.opensuse.org/request/show/618472
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=21
Security:
* An XSS vulnerability on the qute://history page allowed
websites to inject HTML into the page via a crafted title
tag. This could allow them to steal your browsing history.
If you're currently unable to upgrade, avoid using :history.
A CVE request for this issue is pending.
Fixed:
* Crash in a workaround for a Qt 5.11 bug in rare
circumstances.
* Workaround for a Qt bug which preserves searches between page
loads.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=42
- Update to version 1.3.2:
* QtWebEngine: Improved workaround for a bug in Qt 5.11 where
only the top/bottom half of the window is used.
* QtWebEngine: Work around a bug in Qt 5.11 where an endless
loading-loop is triggered when clicking a link with an unknown
scheme.
* QtWebEngine: When switching between pages with changed
settings, less unnecessary reloads are done now.
* QtWebEngine: It's now possible to open external links such as
magnet:// or mailto: via hints.
OBS-URL: https://build.opensuse.org/request/show/616627
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=20
* QtWebEngine: Improved workaround for a bug in Qt 5.11 where
only the top/bottom half of the window is used.
* QtWebEngine: Work around a bug in Qt 5.11 where an endless
loading-loop is triggered when clicking a link with an unknown
scheme.
* QtWebEngine: When switching between pages with changed
settings, less unnecessary reloads are done now.
* QtWebEngine: It's now possible to open external links such as
magnet:// or mailto: via hints.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=39
- Update to version 1.3.1:
* Work around a bug in Qt 5.11 where only the top/bottom half of
the window is used. This workaround is incomplete, but fixes
the majority of the cases where this happens.
* Work around keyboard focus issues with Qt 5.11.
* Work around an issue in Qt 5.11 where e.g. activating
JavaScript per-domain needed a manual reload in some cases.
* Don't crash when a ² key is pressed (e.g. on AZERTY keyboards).
* Don't crash when a tab is opened and quickly closed again.
OBS-URL: https://build.opensuse.org/request/show/612820
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=19
* Work around a bug in Qt 5.11 where only the top/bottom half of
the window is used. This workaround is incomplete, but fixes
the majority of the cases where this happens.
* Work around keyboard focus issues with Qt 5.11.
* Work around an issue in Qt 5.11 where e.g. activating
JavaScript per-domain needed a manual reload in some cases.
* Don't crash when a ² key is pressed (e.g. on AZERTY keyboards).
* Don't crash when a tab is opened and quickly closed again.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=37
- Use upstream Makefile to install
* Package scripts and manpage
- Package AppStream metadata
- Update to version 1.3.0:
Added:
* New :scroll-to-anchor command to scroll to an anchor in the
document.
* New url.open_base_url option to open the base URL of a
searchengine when no search term is given.
* New tabs.min_width setting to configure the minimal width
for tabs.
* New userscripts:
+ getbib to download bibtex information for DOIs on a page.
+ qute-keepass to get passwords from KeePassX.
Changed:
* QtWebEngine: Support for JavaScript Shared Web Workers have
been disabled on Qt versions older than 5.11 because of
security issues in in Chromium. You can get the same effect
in earlier versions via
":set qt.args ['disable-shared-workers']". An equivalent
workaround is also contained in Qt 5.9.5 and 5.10.1.
* The file dialog for downloads now has basic tab completion
based on the entered text.
* :version now shows OS information for POSIX OS other than
Linux/macOS.
* When there's an error inserting the text from an external
editor, a backup file is now saved.
* The window.hide_wayland_decoration setting got renamed to
window.hide_decoration and now also works outside of wayland.
* The tabs.favicons.show setting now can take three values:
'always' (was True), 'never' (was False) and 'pinned'
(to only show favicons for pinned tabs).
* Hover tooltips on tabs now always show the webpage's title.
* The default value for content.host_blocking.lists was
changed to only include https://github.com/StevenBlack/hosts
which combines various sources.
* Error messages when trying to wrap when tabs.wrap is False
are now logged to debug instead of messages.
Fixed:
* Using hints before a page is fully loaded is now possible
again.
* Selecting hints with the number keypad now works again.
* Tab titles for tabs loaded from sessions should now really be
correct instead of showing the URL.
* Loading URLs with customized settings from a session now
avoids an additional reload.
* The window icon and title now get set correctly again.
* The tabs.switching_delay setting now has a correct maximum
value limit set.
* The taskadd script now works properly when there's multi-line
output.
* QtWebEngine: Worked around issues with
GreaseMonkey/stylesheets not being loaded correctly in some
situations.
* The statusbar now more closely reflects the caret mode state.
* The icon on Windows should now be displayed in a higher
resolution.
* The QtWebEngine development tools (inspector) now also work
when JavaScript is disabled globally.
* Building .exe files now works when upx is installed on the
system.
* The keyhint widget now shows the correct text for chained
modifiers.
* Loading GreaseMonkey scripts now also works with Jinja2 2.8
(e.g. on Debian Stable).
* Adding styles with GreaseMonkey on fast sites now works
properly.
* Window ID 0 is now excluded properly from ":tab-take"
completion.
* A rare crash when cancelling a download has been fixed.
* The Makefile (intended for packagers) now supports PREFIX
properly.
* The workaround for a black window with Nvidia graphics is now
enabled on non-Linux systems (like FreeBSD) as well.
* Initial support for Qt 5.11.
* Checking for a new version after sending a crash report now
works properly again.
* "@match" in Greasemonkey scripts now more closely matches the
proper pattern syntax.
* Searching via / or ? now doesn't handle any characters in a
special way.
* Fixed crash when trying to retry some failed downloads on
QtWebEngine.
* An invalid spellcheck dictionary filename now doesn't crash
anymore. When no spellcheck dictionaries are configured,
it's now disabled internally. This works around an issue with
entering special characters on Facebook messenger.
OBS-URL: https://build.opensuse.org/request/show/604030
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=18
Added:
* New :scroll-to-anchor command to scroll to an anchor in the
document.
* New url.open_base_url option to open the base URL of a
searchengine when no search term is given.
* New tabs.min_width setting to configure the minimal width
for tabs.
* New userscripts:
+ getbib to download bibtex information for DOIs on a page.
+ qute-keepass to get passwords from KeePassX.
Changed:
* QtWebEngine: Support for JavaScript Shared Web Workers have
been disabled on Qt versions older than 5.11 because of
security issues in in Chromium. You can get the same effect
in earlier versions via
":set qt.args ['disable-shared-workers']". An equivalent
workaround is also contained in Qt 5.9.5 and 5.10.1.
* The file dialog for downloads now has basic tab completion
based on the entered text.
* :version now shows OS information for POSIX OS other than
Linux/macOS.
* When there's an error inserting the text from an external
editor, a backup file is now saved.
* The window.hide_wayland_decoration setting got renamed to
window.hide_decoration and now also works outside of wayland.
* The tabs.favicons.show setting now can take three values:
'always' (was True), 'never' (was False) and 'pinned'
(to only show favicons for pinned tabs).
* Hover tooltips on tabs now always show the webpage's title.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=34
- Update to version 1.2.1:
Fixed:
* qutebrowser now starts properly when the PyQt5
QOpenGLFunctions package wasn't found.
* The keybinding cheatsheet on the quickstart page is now
loaded from a local qute:// URL again.
* Unbinding keys which were bound in older qutebrowser versions
now doesn't crash anymore.
* Fixed a crash when reloading a page which wasn't fully
loaded with v1.2.0
* Keys on the numeric keypad now fall back to the same bindings
without Num+ if no Num+ binding was found.
* Fixed hinting on some pages with Qt < 5.10.
* Titles are now displayed correctly again for tabs which are
cloned or loaded from sessions.
OBS-URL: https://build.opensuse.org/request/show/587069
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=17
Fixed:
* qutebrowser now starts properly when the PyQt5
QOpenGLFunctions package wasn't found.
* The keybinding cheatsheet on the quickstart page is now
loaded from a local qute:// URL again.
* Unbinding keys which were bound in older qutebrowser versions
now doesn't crash anymore.
* Fixed a crash when reloading a page which wasn't fully
loaded with v1.2.0
* Keys on the numeric keypad now fall back to the same bindings
without Num+ if no Num+ binding was found.
* Fixed hinting on some pages with Qt < 5.10.
* Titles are now displayed correctly again for tabs which are
cloned or loaded from sessions.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=32
- Update keyring
- Update to version 1.2.0:
Added:
* Initial implementation of per-domain settings:
+ :set and :config-cycle now have a -u/--pattern argument
taking a URL match pattern for supported settings.
+ config.set in config.py now takes a third argument which is
the pattern.
+ New with config.pattern('...') as p: context manager for
config.py to use the shorthand syntax with a pattern.
+ New tsh keybinding to toggle scripts for the current host.
With a capital S, the toggle is saved. With a capital H,
subdomains are included. With u instead of h, the exact
current URL is used.
+ New tph keybinding to toggle plugins, with the same
additional binding described above.
* New QtWebEngine features:
+ Caret/visual mode
+ Authentication via ~/.netrc
+ Retrying downloads with Qt 5.10 or newer
+ Hinting and other features inside same-origin frames
* New flags for existing commands:
+ :session-load has a new --delete flag which deletes the
session after loading it.
+ New --no-last flag for :tab-focus to not focus the last tab
when focusing the currently focused one.
+ New --edit flag for :view-source to open the source in an
external editor.
+ New --select flag for :follow-hint which acts like the
given string was entered but doesn't necessary follow the
hint.
* New special pages:
+ qute://bindings (opened via :bind) which shows all
keybindings.
+ qute://tabs (opened via :buffer) which lists all tabs.
* New settings:
+ statusbar.widgets to configure which widgets should be
shown in which order in the statusbar.
+ tabs.mode_on_change which replaces
tabs.persist_mode_on_change. It can now be set to restore
which remembers input modes (input/passthrough) per tab.
+ input.insert_mode.auto_enter which makes it possible to
disable entering insert mode automatically when an editable
element was clicked. Together with
input.forward_unbound_keys, this should allow for
emacs-like "modeless" keybindings.
* New :prompt-yank command (bound to Alt-y by default) to yank
URLs referenced in prompts.
* The hostblock_blame script which was removed in v1.0 was
updated for the new config and re-added.
* New cycle-inputs.js script in scripts/ which can be used with
:jseval -f to cycle through inputs.
Changed:
* Complete refactoring of key input handling, with various
effects:
+ emacs-like keychains such as <Ctrl-X><Ctrl-C> can now be
bound.
+ Key chains can now be bound in any mode (this allows
binding unused keys in hint mode).
+ Yes/no prompts don't use keybindings from the prompt
section anymore, they have their own yesno section instead.
+ Trying to bind invalid keys now shows an error.
+ The bindings.default setting can now only be set in a
config.py, and existing values in autoconfig.yml are
ignored.
* Improvements for GreaseMonkey support:
+ @include and @exclude now support regex matches.
With QtWebEngine and Qt 5.8 and newer, Qt handles the
matching, but similar functionality will be added in
Qt 5.11.
+ Support for @requires
+ Support for the GreaseMonkey 4.0 API
* The sqlite history now uses write-ahead logging which should
be a performance and stability improvement.
* When an editor is spawned with :open-editor and :config-edit,
the changes are now applied as soon as the file is saved in
the editor.
* The hist_importer.py script now only imports URL schemes
qutebrowser can handle.
* Deleting a prefix (:, / or ?) via backspace now leaves
command mode.
* Angular 1 elements and <summary>/<details> now get hints
assigned.
* :tab-only with pinned tabs now still closes unpinned tabs.
* The url.incdec_segments option now also can take port as
possible segment.
* QtWebEngine: :view-source now uses Chromium's view-source:
scheme.
* Tabs now show their full title as tooltip.
* When there are multiple unknown keys in a autoconfig.yml,
they now all get reported in one error.
* More performance improvements when opening/closing many tabs.
* The :version page now has a button to pastebin the
information.
* Replacements like {url} can now be escaped as {{url}}.
Fixed:
* QtWebEngine bugfixes:
+ Improved fullscreen handling with Qt 5.10.
+ Hinting and scrolling now works properly on special
view-source: pages.
+ Scroll positions are now restored correctly from sessions.
+ :follow-selected should now work in more cases with
Qt > 5.10.
+ Incremental search now flickers less and doesn't move to
the second result when pressing Enter.
+ Keys like Ctrl-V or Shift-Insert are now correctly
handled/filtered with Qt 5.10.
+ Fixed hangs/segfaults on exit with Qt 5.10.1.
+ Fixed favicons sometimes getting cleared with Qt 5.10.
+ Qt download objects are now cleaned up properly when a
download is removed.
+ JavaScript messages are now not double-HTML escaped anymore
on Qt < 5.11
* QtWebKit bugfixes:
+ Fixed GreaseMonkey-related crashes.
+ :view-source now displays a valid URL.
* URLs containing ampersands and other special chars are now
shown correctly when filtering them in the completion.
* :bookmark-add "" foo can now be used to save the current URL
with a custom title.
* :spawn -o now waits until the process has finished before
trying to show the output. Previously, it incorrectly showed
the previous output immediately.
* Suspended pages now should always load the correct page when
being un-suspended.
* Exception types are now shown properly with :config-source
and :config-edit.
* When using :bookmark-add --toggle, bookmarks are now saved
properly.
* Crash with an empty completion.timestamp_format.
* Crash when completion.min_chars is set in some cases.
* HTML/JS resource files are now read into RAM on start to
avoid crashes when changing qutebrowser versions while it's
open.
* Setting bindings.key_mappings to an empty value is now
allowed.
* Bindings to an empty commands are now ignored rather than
crashing.
Removed:
* QUTE_SELECTED_HTML is now not set for userscripts anymore
except when called via hints.
* The qutebrowser_viewsource userscript has been removed as
:view-source --edit can now be used.
* The tabs.persist_mode_on_change setting has been removed and
replaced by tabs.mode_on_change.
OBS-URL: https://build.opensuse.org/request/show/585199
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/qutebrowser?expand=0&rev=16
Added:
* Initial implementation of per-domain settings:
+ :set and :config-cycle now have a -u/--pattern argument
taking a URL match pattern for supported settings.
+ config.set in config.py now takes a third argument which is
the pattern.
+ New with config.pattern('...') as p: context manager for
config.py to use the shorthand syntax with a pattern.
+ New tsh keybinding to toggle scripts for the current host.
With a capital S, the toggle is saved. With a capital H,
subdomains are included. With u instead of h, the exact
current URL is used.
+ New tph keybinding to toggle plugins, with the same
additional binding described above.
* New QtWebEngine features:
+ Caret/visual mode
+ Authentication via ~/.netrc
+ Retrying downloads with Qt 5.10 or newer
+ Hinting and other features inside same-origin frames
* New flags for existing commands:
+ :session-load has a new --delete flag which deletes the
session after loading it.
+ New --no-last flag for :tab-focus to not focus the last tab
when focusing the currently focused one.
+ New --edit flag for :view-source to open the source in an
external editor.
+ New --select flag for :follow-hint which acts like the
given string was entered but doesn't necessary follow the
hint.
OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=29
