Re (5): Configuring Iceweasel security policies.
From: Scott Ferguson <prettyfly.productions@gmail.com>
Date: Thu, 16 Jun 2011 19:52:12 +1000
> ... lynx doesn't support xhtml by default ... w3m only support xhtml 1.0
>
> Try not using an xhtml file - I suspect you are complicating your tests.
Oops; thanks. The result is the same for C*.html. When lynx and
w3m are given the IP address, they decline to open the file. But
these file links are edge cases; odd behaviour is no surprise.
> I'm not understanding why you are using the ip address - even localhost
> is redundant... with file:/// links localhost is the default root....
Only wondered what the browsers would do when the target is specified
explicitly. Just my inane curiosity.
> Hmm - do you mean that you are using a local copy ... ?
Definitely. If the target is on the Web server, there is no problem
and no reason to test. The problematic case is for the file URI.
> You *did* change the restrictions in Iceweasel (about:config) didn't you?
That's where I started about 5 days ago. In about:config, security.checkloaduri
appears to be changeable but the change doesn't stick and has no effect.
According to the mailing lists, that appears to be intentional. So then
I tried editing /etc/iceweasel/pref/iceweasel.js as "docuemented" in
Mozilla Security Policy. Even when the configuration is set,
about:config security.checkloaduri is true. Either my configuration
is wrong or Iceweasel doesn't implement this as Mozillazine describes.
This is the pertinent content of iceweasel.js.
// Allow my file URI to be opened.
user_pref("capability.policy.policynames", "localfilelinks");
user_pref("capability.policy.localfilelinks.checkloaduri.enabled", "allAccess");
user_pref("capability.policy.localfilelinks.sites", "http://members.shaw.ca/"; "file://142.103.107.137/" );
In chromium-browser, about:config doesn't work. There are files in /etc/chromium-browser
but I haven't had time to chase down the configuration perinent to file URI. Similarly for
the other optional browsers.
> I generally test changes on a server in a virtualbox machine before
> pushing them to the development server (belt and suspenders).
OK, I understand that for testing. Where do you edit the pages?
Which editor?
> For a static site such as yours I suggest you just tar.bzip ...
That would be another procedure in my system of work. Make it
as simple as possible but not simpler.
> A later dated archive always replaces an earlier dated archive. And a
> changes text file can be used to keep track of versions.
I have daily, weekly and monthly backups. Even when the
filesystem on the CF card failed, all data including current
bookkeeping, was recovered in about an hour. Versioning is not
needed for my trivial Web sites.
>> FTP is fast!
>
> Even faster when it's only moving a tar.bz2!
I understand but in many cases I just update one file after an
edit. Updating the dozen or so files comprising a Web site is
still only three mouse clicks in about 5 seconds.
> You may have found a difference between Firefox and Iceweasel....
I must install FF to resolve it.
> I meant the viewer is fooled into thinking the world can see their files
> - at the time there was stories that said it did.
OK, I missed that.
> ... both Category2.html and Category3.html reside in the same location.
Works for me too. No issue. Put your Category2.html on a Web
server and your Category3.html on your workstation. Open Category2.html
in a browser on your workstation. Click on the file link targetting
Category3.html, which is on your workstation. I'll bet Category3.html
will not open. If you can find a configuration setting to allow that
to work, good!
Regards, ... Peter E.
--
Telephone 1 360 450 2132. bcc: peasthope at shaw.ca
Shop pages http://carnot.yi.org/ accessible as long as the old drives survive.
Personal pages http://members.shaw.ca/peasthope/ .
Reply to: