NOTE: click here if you get an empty page.


XOMBRERO(1)                 Bitrig Reference Manual                XOMBRERO(1)

NAME

xombrero - lightweight web browser

SYNOPSIS

xombrero [-nSTtV] [-f file] [-s session_name] [url ...]

DESCRIPTION

xombrero is a minimalistic web browser that tries to stay out of the way so that valuable screen real estate can be used for much more important stuff. It has sane defaults and does not require one to learn a language to do any configuration. It was written by hackers for hackers and it strives to be small, compact, and fast. xombrero is very simple in its use. Most actions are initiated via key or mouse bindings. Key bindings are based on those of the vi(1) text editor, giving web browsing a similar feel to navigating a text document. The KEY BINDINGS section below documents the various defaults and possible customizations. The options are as follows: -f file Specify an alternative configuration file. -n Open a new tab in a running xombrero for each specified URL. This option requires enable_socket to be enabled. -e command Execute arbitrary command (see the COMMAND MODE section below) in a running xombrero instance. This option requires enable_socket to be enabled. Example run: xombrero -e "tabnew openbsd.org"; xombrero -e tabclose; xombrero -e wq. -S Disable the toolbar. -s session_name Open session that was saved with ":session save" command. -T Disable visualization of tabs. -t Disable tabs. Pages that would open in tabs open in new windows instead. -V Display version and exit.

FAST STARTUP

The following notation is used throughout this page: C- Control S- Shift M1- Meta 1 (sometimes marked Alt) M2- Meta 2 M3- Meta 3 M4- Meta 4 (sometimes marked Windows) M5- Meta 2 MB1 Mouse button 1 To browse to a specific address, either use the mouse to click on the address bar or press F6 to shift the keyboard focus to the address bar. The address is then entered manually. The mouse can be used to navigate the page in the traditional manner, or the keyboard can be used instead. For example, PageUp and PageDown will scroll up and down the page. To follow a link, either click on it or use the f key and have xombrero assign numbers to each link on the page; entering that number on the keyboard will prompt xombrero to follow the link.

KEY BINDINGS

xombrero provides many actions accessed via key or mouse bindings. Most can be reprogrammed using a keybinding entry in the configuration file. Each keyboard shortcut requires exactly one entry in the configuration file. A shortcut can have multiple entries in the configuration file. The format of the keybinding entry is as follows: keybinding = (:)action,(!)keystroke(s) For example, "keybinding = tabnew,C-t" where tabnew is the action and C-t are the keystrokes. Actions may be any xombrero command that can be run from the command prompt. There is one additional action, unbind, which will unbind any previous actions to that keybinding. If the action begins with a colon, the action will be entered into the command prompt instead of being executed. For example, "keybinding = :session open ,M1-s" will open the command prompt with ":open session " entered when using the M1-s keybinding. Keybindings which open the command prompt may also include the string <uri>, which will be replaced by the current tab's URI. For example, "keybinding = :open <uri>,F10" will open the command prompt with <uri> replaced with the current URI. GTK has some default keybindings for manipulating text inside input fields, such as the URI or search entry widget, for example C-w deletes a word. To override these defaults prefix your key with an exclamation mark (!), like this: "keybinding = tabclose,!C-w". The clearall key word is special and is meant to reset the key binding list to the GTK+ and WebKit defaults. This keyword should be the first keybinding entry in the configuration file. Shift should be used sparingly since it gets in the way of non-USA keyboards. See the accompanying configuration file for examples. The various bindings are documented below. The relevant keybinding action is given afterwards, in parentheses. Command mode These commands are used to focus or unfocus input on the default input of a web page. ESC Go to command mode; unfocus current entry on web page. (command_mode) i Go to insert mode; focus on default entry on web page. (insert_mode) Search Commands These commands are used to search for text strings within a web page. / Start a search (search) ? Start a backwards search (searchb) n Next item matching search (searchnext) N Previous item matching search (searchprev) Focus Commands These commands are used to shift the focus of xombrero from one area to another. F6 Focus on address bar (focusaddress) F7 Focus on search entry (focussearch) Command Aliases These commands allow the user to map specific actions to specific keys. F1 Alias for "help" F2 Alias for "proxy toggle" F4 Alias for "toplevel toggle" Prompt Aliases These commands allow the user to open a prompt. These can be useful when the -S option is used. F9 Alias for ":open " F10 Alias for ":open <uri>" F11 Alias for ":tabnew " F12 Alias for ":tabnew <uri>" Navigation Commands These commands allow the user to navigate web pages and, to some extent, control the browser. F5, C-r, C-l Reload page (reload) Backspace, M-Left Previous page (goback) S-BackSpace, M-Right Forward page (goforward) j, Down Next line on page (scrolldown) k, Up Previous line on page (scrollup) G, End Bottom of page (scrollbottom) gg, Home Top of page (scrolltop) Space, C-f, PageDown Page down (scrollpagedown) C-b, PageUp Page up (scrollpageup) l, Right Page right (scrollright) h, Left Page left (scrollleft) $ Page far right (scrollfarright) 0 Page far left (scrollfarleft) M-f Favorites (fav) M-j Cookie jar (cookiejar) M-d Download manager (dl) C-p Print page (print) M-h Global history (history) C-j Toggle Java Script enabled for FQDN (js) C-s Toggle source view (togglesrc) M-c Toggle cookie enabled for FQDN (cookie) M-p Toggle plugins enabled for FQDN (plugin) Tab Manipulation xombrero supports tabbed browsing. That is, web pages may be opened in separate tabs, allowing the user to quickly move from one page to another, and back. These commands then are used to create, destroy, and move between tabs. C-MB1 Open new tab with the clicked link C-t Create new tab with focus in URL entry (tabnew) C-T Create new tab with focus in URL entry as the last tab in the browser (999tabnew) C-w Destroy current tab (tabclose) U Undo close tab (tabundoclose) C-Left, C-PageUp Go to the previous tab (tabprevious) C-Right, C-PageDown Go to the next tab (tabnext) C-[1..9] Jump to page N (tabnext [1..9]) C-< Jump to first page (tabfirst) C-> Jump to last page (tablast) C-minus Zoom out by 4% (focusout) C-plus, C-equal Zoom in by 4% (focusin) C-0 Set zoom level to 100% (focusreset) Yanking and pasting These commands copy and paste text to and from the clipboard. p Paste the contents of the clipboard into the address bar (pasteuricur) P Paste the contents of the clipboard into a new tab (pasteurinew) y Yank the current URL into the clipboard (yankuri) Hyperlink Following This allows the user to follow hyperlinks without using a mouse. Enter the corresponding number to follow the link. Alternatively one can type the name of the link and when there are no more possibilities xombrero will follow the link. f, '.' Highlight all links and prefix them with a number. (hinting) F, ',' Highlight all links and prefix them with a number but open in a new tab. (hinting_newtab) Exiting Commands to exit the browser. C-q Quit (quitall) Low-Contrast Color Scheme These commands toggle the page style between the default CSS and a low- contrast color scheme with light grey text on a dark grey background. If the userstyle setting is changed, that stylesheet will be used instead of the low-contrast color scheme. s Toggle the current tab's style. (userstyle) S Toggle the global page style mode. Will also affect new tabs. (userstyle_global) Insert-mode commands The following commands are only available when editing an input-field C-i Edit the contents of the currently active input-element in an external editor. (editelement)

COMMAND MODE

Command mode works in a similar fashion to the vi(1) editor; it is entered by typing a colon and exited by typing Esc. The commands and their descriptions are listed below. about, version Show the "About" page. buffers, ls, tabs Displays the currently open tabs and lets the user switch tab by typing the tab number or using the mouse. ca Display CA certificates. cert, cert show Download and display certificates of domain on tab. cert save Save certificate into a local store. The next time the site is visited it is compared against the store. If the certificate matches, the address bar will be blue; if it doesn't the bar will be red. cookie The cookie command is used to manipulate the cookie whitelist. Used by itself it expands to cookie show all. cookiejar Show cookie jar contents. cookie purge Remove all cookies from the cookie jar. cookie save, cookie save fqdn Save the current fully qualified domain name (FQDN) to the persistent whitelist. For example, the www.peereboom.us domain would result in saving www.peereboom.us. cookie save domain Save the top level domain name to the persistent whitelist. For example, the www.peereboom.us domain would result in saving .peereboom.us. This action enables cookies if it is currently disabled for this entry. cookie show all Show all persistent and session entries in the cookie whitelist. cookie show persistent Show all persistent entries in the cookie whitelist. cookie show session Show all session entries in the cookie whitelist. cookie toggle domain Toggle cookie support for the current top level domain. cookie toggle, cookie toggle fqdn Toggle cookie support for the current FQDN. dl Show download manager. encoding <encoding> If <encoding> is set the tab's encoding will be set to <encoding> and xombrero reloads the tab. If <encoding> is not set xombrero will display the current tab encoding. editsrc Opens the source for the current tab in the editor specified by the setting external_editor and then checks for changes to the file opened. If it is changed, the page will be updated. editelement If a text-element is currently active (<input> or <textarea>), it's contents will be opened in the same fashion as for the command editsrc above fav Show favorites. favadd Add the current page to favorites. favedit Shows favorites list and links to remove entries. fullscreen, f Toggle hiding tabs and url entry toolbar. h, hist, history Show global history. help Show help page. home Go to home URL. https The https command is used to manitulate the items in the HTTPS force list. Used by itself it expands to https show all. https save, save fqdn Saves the FQDN to the persistent force HTTPS list. For example, the www.peereboom.us domain would result in saving www.peereboom.us. https save domain Saves the top level domain name to the persistent whitelist. For example, the www.peereboom.us domain would result in saving .peereboom.us. https show all Show all persistent ans session entries in the HTTPS force list. https show persistent Shows all persistent entries in the HTTPS force list. https show session Shows all session entries in the HTTPS force list. https toggle, https toggle fqdn Toggle this FQDN in the HTTPS force list. https toggle domain Toggle the top level domain in the HTTPS force list. js The js command is used to manipulate the Java Script whitelist. Used by itself it expands to js show all. js save, save fqdn Saves the FQDN to the persistent whitelist. For example, the www.peereboom.us domain would result in saving www.peereboom.us. js save domain Saves the top level domain name to the persistent whitelist. For example, the www.peereboom.us domain would result in saving .peereboom.us. This action enables Java Script if it is currently disabled for this entry. js show all Shows all persistent and session entries in the JS whitelist. js show persistent Shows all persistent entries in the JS whitelist. js show session Shows all session entries in the JS whitelist. js toggle, js toggle fqdn Toggle Java Script execution for the current FQDN. js toggle domain Toggle Java Script execution for the current top level domain. loadimages If auto_load_images is disabled, load all images for current site. open, op, o URL Open URL. plugin The plugin command is used to manipulate the plugin whitelist. Used by itself it expands to plugin show all. plugin save, save fqdn Saves the FQDN to the persistent whitelist. For example, the www.peereboom.us domain would result in saving www.peereboom.us. plugin save domain Saves the top level domain name to the persistent whitelist. For example, the www.peereboom.us domain would result in saving .peereboom.us. This action enables plugins if they are currently disabled for this entry. plugin show all Shows all persistent and session entries in the plugin whitelist. plugin show persistent Shows all persistent entries in the plugin whitelist. plugin show session Shows all session entries in the plugin whitelist. plugin toggle, plugin toggle fqdn Toggle plugin execution for the current FQDN. plugin toggle domain Toggle plugin execution for the current top level domain. print Print page. proxy The proxy command is used to manipulate the currently set proxy. Used by itself it expands to proxy show. proxy show Displays the current http_proxy setting. proxy toggle Enables or disables the proxy for xombrero. Note that http_proxy must be set before it can be toggled. qa, qall, quitall Quit xombrero. quit, q Close current tab and quit xombrero if it is the last tab. restart Restart xombrero and reload all current tabs. run_script [path_to_script] Runs the script path_to_script with the current uri as the argument. If path_to_script is not provided, the value of default_script is used instead. script [filename] Run an external JavaScript script file in the current tab context. session, session show Display the current session name. By default the session name is main_session. To create a new session use the session save command. A session is defined as the lifetime of the browser application. session delete <session_name> Delete session session_name from persistent storage. If session_name is the current session then the session will revert to main_session. session open <session_name> Open session_name and close all currently open tabs. Going forward this session is named session_name. session save <session_name> Save current tabs to session_name session. This will close the current session and going forward this session is named session_name. set The set command is used to inspect, clear or change runtime options. There are 3 methods to use :set. When used by itself as :set the command displays all options as currently set. To set a value use :set option=value. For example, :set http_proxy=http://127.0.0.1:8080. To clear a value use :set option=. For example, :set http_proxy=. Note, not all options can be set at runtime. stats Show blocked cookie statistics. These statistics vary based on settings and are not persistent. statustoggle, statust Toggle status bar. stop Stop loading the current web page. tabclose Close current tab. tabhide Hide tabs. tabnew, tabedit [URL] Create new tab and optionally open provided URL. tabnext Go to the next tab. tabonly Close all tabs except the currently focused one. tabprevious Go to the previous tab. tabshow Show tabs in GUI. toplevel, toplevel toggle Toggle the top level domain name cookie and JS session whitelist. This is to enable/disable short lived full site functionality without permanently adding the top level domain to the persistent whitelist. urlhide, urlh Hide url entry and tool bar. urlshow, urls Show url entry and tool bar. userstyle <stylesheet> Toggle the current tab between using a custom stylesheet and the page's default CSS. If there is no stylesheet argument to this command, the stylesheet specified by the userstyle setting will be used instead. This userstyle setting is set by default to a low-contrast color scheme. If a stylesheet is specified, the current tab will be toggled with this stylesheet instead. If the userstyle setting is left unchanged, this command without any arguments will toggle between the default page's CSS and the low-contrast color scheme. Additional stylesheets may be used in addition to the low- contrast color scheme by specifying additonal keybindings. For example, keybinding = userstyle ~/style.css,v keybinding = userstyle_global ~/style.css,V will map toggling between ~/style.css to the v and V keys while keeping the low-contrast feature mapped to the s and S keys. userstyle_global <stylesheet> Same as userstyle but the change affects all open tabs, and newly created tabs will use this style. w Save open tabs to current session. The tabs will be restored next time the session is opened. See the session command for additional details. wq Save open tabs and quit. The tabs will be restored next time xombrero the session is opened. See the session command for additional details.

BUFFER COMMANDS

In addition to shortcuts and commands xombrero provides buffer commands. Buffer commands are short, multi character vi-like commands, often requiring an argument. Partial buffer commands are displayed in the buffer command statusbar element (see statusbar_elems). Pressing Esc or switching to another tab cancels a partially entered buffer command. In the following list arg denotes the argument a buffer command accepts. Buffer commands are defined as extended regular experssions. Note that if a character is used as a shortcut it will not be interpreted as the beginning of a buffer command. This is the case with 0. gg go to the top of the page gG go to the bottom of the page [0-9]+% go to the arg percent of the page zz go to 50% of the page [0-9]*gu go arg levels up. If arg is missing, 1 is assumed. Going a level up means going to a URI obtained from the current one by removing the last slash ('/') character and everything that follows it gU go to the root level, i.e. going up as many levels as possible. gh open the home page in the current tab m[a-zA-Z0-9] set a mark denoted by arg at the current page position. These marks behave like those in vi or less. ['][a-zA-Z0-9'] go to the position where mark arg was set. The special mark "'" points to the previous page position, after a "gg", "gG", "zz", "%" or "'" buffer command. M[a-zA-Z0-9] set the current uri as quickmark arg go[a-zA-Z0-9] open the uri marked as quickmark arg in the current tab gn[a-zA-Z0-9] open the uri marked as quickmark arg in a new tab [0-9]+t activate tab number g0 go to first tab g$ go to last tab [0-9]*gt go to the arg next tab [0-9]*gT go to the arg previous tab arg ZZ quit xombrero ZR restart xombrero zi zoom in by 4% zo zoom out by 4% z0 set zoom level to 100% [0-9]+Z set zoom level to arg %

QUICKMARKS

Quickmarks are like bookmarks, except they are refered to by a single character (a letter or a digit), instead of a longer name. See the M[a-zA-Z0-9], go[a-zA-Z0-9] and gn[a-zA-Z0-9] buffer commands for usage. Quickmarks are stored in ~/.xombrero/quickmarks and are saved automatically after each M[a-zA-Z0-9] buffer command.

ABOUT SCREENS

The about screens are internally generated web pages by xombrero for user interaction. These are entered in the address bar and the format is about:screen where screen is the desired screen to display. For example about:favorites. Any about screen can be used as the home page as specified by home in the configuration file. about show the about screen blank show a blank screen cookiewl show the cookie whitelist screen cookiejar show the cookiejar screen downloads show the downloads screen favorites show the favorites screen help show the help web page history show the history screen jswl show the Java Script whitelist screen set show the settings screen stats show the statistics screen

WHITELISTS

This section describes advanced usage settings. Most users should use browser_mode instead to setup xombrero and skip over this section. xombrero has a number of whitelists to control blocking cookies and Java Script execution for FQDNs or domains. When properly enabled these whitelists require either the FQDN or top level domain to exist in the whitelists in order to allow cookies to be stored or Java Script to execute. Both Java Script and cookies have two whitelists associated with them. The whitelists are called session and persistent. Items in the session whitelists are only allowed for the lifetime of the xombrero instance. Items in the persistent whitelists are stored on disk and are restored upon restarting. Setting up the whitelists is a little tricky due to intricacies of WebKit. In fact the semantics are different for cookies and Java Script. Cookie whitelist requires the following configuration to be set: cookies_enabled This is a WebKit setting and must be set to 1 (ENABLED) in order to be able to use a cookie whitelist. enable_cookie_whitelist This needs to be set to 1 to enable the cookie whitelist functionality. cookie_wl These entries in the configuration file are the actual domains names in the cookie whitelist. Java Script whitelist requires the following configuration to be set: enable_scripts This is a WebKit setting and must be set to 0 (DISABLED) in order to be able to use a Java Script whitelist. enable_js_whitelist This needs to be set to 1 to enable the Java Script whitelist functionality. js_wl These entries in the configuration file are the actual domains names in the Java Script whitelist. Plugin whitelist requires the following configuration to be set: enable_plugins This is a WebKit setting and must be set to 1 (ENABLED) in order to be able to use a plugin whitelist. enable_plugin_whitelist This needs to be set to 1 to enable the plugin whitelist functionality. pl_wl These entries in the configuration file are the actual domains names in the plugin whitelist. See the FILES section for additional configuration file entries and details that alter runtime behavior.

FILES

~/.xombrero.conf xombrero user specific settings. ~/.xombrero xombrero scratch directory. xombrero tries to open the user specific file, ~/.xombrero.conf. If that file is unavailable, it then uses built-in defaults. Any settings saved at runtime will be saved to the file ~/.xombrero/runtime and will be loaded as well. The format of the file is <keyword> = <setting>. For example: http_proxy = http://127.0.0.1:8080 Enabling or disabling an option is done by using 1 or 0 respectively. The file supports the following keywords: alias Defines an alias for a given URL, so that the URL is loaded when the alias is entered in the address bar. If the aliased URL includes a %s format specifier, then any argument given after the alias on the address bar is substituted. For example, if g,http://www.google.com/search?q=%s is defined as an alias, then the URL http://www.google.com/search?q=foo is loaded when navigating to "g foo". allow_insecure_content If set, all content referenced by a page will be loaded. If unset, encrypted pages will refuse to load content that is linked from an insecure location. allow_insecure_scripts If set, all scripts referenced by a page will be loaded and run using the current javascript policy. If unset, encrypted pages will refuse to run scripts that are linked from an insecure location. allow_volatile_cookies If set cookies are stored in the session cache but will be discarded once xombrero exits. Unfortunately enabling this does allow for some limited tracking on the web. anonymize_headers If set, HTTP headers taken from the Bitrig website: https://www.bitrig.org/ will be used to feed additional values to the xombrero HTTP header settings. Currently only the User-Agent and Http- Accept headers are modified, corresponding to the user_agent and http_accept settings, respectively. These headers are set after any header settings are read in from your ~/.xombrero.conf. Default is 0. append_next When set a new tab is appended after the current tab instead of being appended as the last tab. auto_load_images If disabled, images will not be loaded automatically. autofocus_onload When set a tab that is loaded will attempt to autofocus the default input entry. This is only done for tabs that are currently visible. browser_mode The xombrero browser has 3 default operating modes: normal (the default), whitelist and kiosk. In the normal mode the browser allows all cookies, plugins and Java Script as any other browser would. This means that all cookies are saved to persistent storage and that all Java Script and plugins run. On the other hand, using the whitelist mode enables whitelists. This requires the user to add all the required cookie_wl, js_wl and pl_wl items. If a domain does not appear in the whitelists xombrero disallows cookies, Java Script and plugin execution. If insecure web content or scripts are referenced by a secure website, they will be blocked from loading or running. In kiosk mode the browse works just like normal mode however the toolbar only has the backward, forward and home button. This setting must be the first entry in ~/.xombrero.conf because it sets advanced settings that can be overridden later in the file. See the default config file for more details. cmd_alias This setting is used to define an alias for a command. The syntax of this setting is cmd_alias = alias,cmd. For example, if you wanted to set an alias for the tabnew command to tn, add the line cmd_alias = tn,tabnew to your ~/.xombrero.conf. This setting may not begin with a number. cmd_font Set the command prompt font. E.g. cmd_font = monospace normal 9. color_visited_uris When enabled (the default) xombrero will color visited links. This is done while the web page loads using JavaScript, rather than WebKit's (broken, see bug #51747) built-in facility for coloring visited links. The JavaScript approach is (probably) slower and is not consistent across tabs (unless the tabs are reloaded), but has the advantage of not leaking history data to web pages (see http://wtikay.com/docs/details.html). cookie_policy This field delineates the cookie policy. Possible values are: no3rdparty, reject 3rd party cookies. accept, accept all cookies. reject, reject all cookies. cookie_wl This is a cookie whitelist item. Use multiple times to add multiple entries. Valid entries are for example *.moo.com and the equivalent .moo.com. This matches both moo.com, as well as all subdomains. A fully qualified host is also valid and is for example www.moo.com or moo.com. Fully qualified hosts do not modify whitelist settings for any subdomains. Unix extended regular expressions may also be used to match any set of FQDNs. Regular expressions must begin with the prefix "re:". As an example, the regular expression equivalent to moo.com would be ^moo.com$, and the equivalent to .moo.com would be ^(.*.)*moo.com$. If using regular expressions for whitelist items, be careful to not accidentally match other domains; you will almost always want to add the ^ and $ characters to the beginning and end of the regex so that, for example, moo.com would not match not-moo.com. cookies_enabled Enable cookies. ctrl_click_focus Give focus in newly created tab instead of opening it in the background. custom_uri This setting provides the ability to run custom executables for special URIs. The syntax for this setting is custom_uri = protocol,command. The URI is passed as a single argument to command to be parsed and executed. For example, to add the ability to use custom mailto URIs, add the setting custom_uri = mailto,command where command is a program that will parse the mailto URI and open your mail client. default_script Path to the script used as the default value for the run_script command. default_zoom_level Set the default browsing zoom level. do_not_track Sets the HTTP Do Not Track header to tell sites that you wish to be opted- out of 3rd-party tracking for the use of behavioral advertising. Not all sites currently support this header, and this is only a suggestion of a user preference. Sites may still perform 3rd-party tracking even when this feature is enabled. download_dir Locations where files are downloaded to. This directory must exist and xombrero validates that during startup. download_mode Controls how downloads are handled. Possible values are: start - automatically start download. ask - ask user for confirmation. add - add to downloadmanager, but do not start. The default is "start". download_notifications When enabled a message is shown when downloads are finished. Default is 0. enable_autoscroll When enabled clicking MB3 will spawn the autoscroll ball, scrolling can then proceed by dragging the mouse away from the ball. enable_cookie_whitelist When enabled all cookies must be in the whitelist or they are rejected. Additionally whitelisted cookies also enable HTML5 local storage for the domain. enable_cache When enabled (disabled by default), web content will be cached into memory. enable_favicon_entry When enabled (the default) xombrero displays the favicon of the web page at the URI entry. This setting affects both normal and compact tabs. enable_favicon_tabs When enabled (disabled by default) xombrero displays favicons at each tab. This setting only affects compact tabs. enable_js_autorun Enables support for autorunning JavaScript after page loads. When enabled, ~/.xombrero/js/ will be searched for default.js and host.domain.js. If host.domain.js does not exist, domain.js will be tried instead. The content of the both default and host/domain files are read and executed on each page load. Default is 1. As an example, if you add the line alert("Hello, world"); to your default.js, a pop-up displaying "Hello, world" will be shown on every page reload. While not useful, any javascript can be run through this mechanism, making it useful for global or site-specific modifications. enable_js_whitelist When enabled all domains must be in the js whitelist in order to run Java Script. NOTE: Make sure enable_scripts is set to 0. enable_plugin_whitelist When enabled all domains must be in the plugin whitelist in order to run plugins. NOTE: Make sure enable_plugins is set to 0. enable_plugins Enable external plugins such as Flash and Java. enable_strict_transport Enable support for the Strict- Transport-Security HTTP-header. When enabled, sites that set this flag will only be visited via HTTPS. Default value is 1 enable_scripts Enable Java Script. enable_socket When enabled the first instance of xombrero will create a socket in the ~/.xombrero directory. Using the -n url option on subsequent xombrero invocations will cause the specified URL to be loaded in a new tab. Only a user with identical UID and GID can use this option. enable_localstorage Enable html5 Local Storage. enable_spell_checking Enables spell checking. Preferred languages can be set using spell_check_languages option. encoding Set the default encoding. E.g. encoding = ISO-8859-1. external_editor Set which editor to use for external editing. the string <file> will be replaced by the current filename. E.g. external_editor = gvim -f <file> Note! xombrero relies on the editor not forking into the background. fancy_bar Enables a backward, forward, and stop button to the toolbar. Additionally if search_string is set it'll enable an entry box for searches. force_https This setting is used to define the domains of sites that should be only accessed over the HTTPS scheme. Any requests to these domains over HTTP will be rewritten to use HTTPS instead. See cookie_wl for semantics. gnutls_priority_string If set, this string sets the G_TLS_GNUTLS_PRIORITY environmental variable to define the GnuTLS priority string that is used when initializing the GnuTLS session. This may be used to change the supported TLS/SSL versions and the ciphers that are used when making HTTPS connections. Full details on how to modify this setting may be found in the GnuTLS documentation, Section 8.9: Priority Strings. For example, to disable the 128-bit RC4 cipher, change this setting to NORMAL:!ARCFOUR-128. If your glib-networking package is older than version 2.33.10, or if the G_TLS_GNUTLS_PRIORITY environmental variable is already set, this setting has no effect. guess_search When enabled xombrero will try to guess if the string you entered, in the URI entry widget or the command widget, is term you want to search for using search_string (see above). If the string does not contain a dot nor a slash, is not a path to a local file and does not resolves to an IP then it is assumed to be a search term. gui_mode To simplify configuring xombrero allows you pick between two GUI modes: classic (the default) and minimal. In the classic mode the GUI looks similar to that of most mainstream browsers. While in minimal mode the GUI looks more vi- like. One can get a GUI between the two by tweaking the low-level GUI settings found under the advanced GUI setting section in the configuration file. history_autosave When enabled xombrero will save all command and search history. Upon restarting xombrero the saved command and search history will be restored. home Homepage in URL format. http_proxy Proxy server in URL format. xombrero overrides http_proxy if it is specified as an environment variable. It must be noted that on older webkit versions one MUST use an IP address and not a FQDN. This works as expected with webkit 1.4.2. If using libsoup 2.42.2 or newer, one may use a socks proxy directly. For example: http_proxy = socks5://127.0.0.1:9050 Otherwise, an intermediary tool, such as polipo or tsocks, must be used. http_accept If set, the HTTP Accept header will be modified for each text/html request. If this setting is set multiple times, the Accept header will be changed in a round-robin order for every text/html request on a tab. Because this setting rotates through Accept headers on each text/html request, a single page may rotate through more than one Accept header if multiple text/html requests are made. Please be aware that not all websites report browser headers correctly. Most notably, EFF's panopticlick service also reports the HTTP Accept-Encoding headers on the same line as the Accept headers. If you are trying to find the headers of another browser to model that browser's fingerprint, it is recommended to not use panopticlick for this reason. Note that this setting only rewrites the Accept header for text/html requests. Other requests will use WebKit's default Accept header. http_proxy_starts_enabled If set to 0, the http_proxy will be disabled at startup. The user can later enable the proxy with the proxy toggle command or keybinding. icon_size Permits icon sizes to be changed if fancy_bar is enabled. Size 1 is small; 2 is normal; 3 through 6 are progressively larger. include_config This must be a path to another configuration file. Configuration files are usually read from top to bottom, however, if this option is set, xombrero will begin reading the included file at this location and continue reading the rest of the configuation after the included file has finished being read. Any simple settings set before the include may be overridden by settings in the included file, and any simple settings set in the included file may be overridden later by settings after the include or at runtime using the :set command. However, database settings (for example, cookie_wl, js_wl, pl_wl, and keybinding) are only ever added to the database, and so the order of an included configuration file is not pertinent to these database settings. This feature is likely best used as the last item in ~/.xombrero.conf. js_auto_open_windows If enabled, javascripts will be allowed to automatically open windows based on the current browser_mode. If disabled, it will never be allowed. The default setting is 1 (enabled). js_wl This is a Java Script whitelist item. See cookie_wl for semantics and more details. max_connections The maximum number of connections that xombrero can open at once. max_host_connections The maximum number of connections that xombrero can open at once to a given host. mime_type Sets an action for a specific or default MIME type. For example, to download and view a pdf using kpdf set mime_type = application/pdf,kpdf. To set a default value use *, for example, mime_type = video/*,mplayer. Note that the action is only passed the URL and not all applications are capable of dealing with a URL and therefore one might have to create a wrapper script to download the content first. Alternatively one can add the @ in front of the MIME type to indicate "download first". For example, mime_type = @application/pdf,xpdf. When @ is use the file will be downloaded to the download_dir before the MIME handler is called. The special binary name "donothing" may be used to ignore a MIME type without displaying any warnings from being unable to execute the binary. oops_font Set the font used to display error messages. E.g. oops_font = monospace normal 9. pl_wl This is a plugin whitelist item. See cookie_wl for semantics and more details. preload_strict_transport If enabled, a preloaded list of sites which set the HTTP Strict Transport Security header will be used to automatically set the force_https setting for these sites. This is used to prevent SSL stripping attacks when first visiting these sites, before they have been added to the strict-transport file. This list is comprised of domains chosen by the xombrero authors, as well as domains included in Chromium's preloaded HSTS list. Default is 1. read_only_cookies Mark cookies file read-only and discard all cookies once the session is terminated. refresh_interval Refresh interval while in the download manager. The default is 10. referer Control how 'Referer' is handled in http-requests. always - always send referer never - never send referer same-domain - only send referer if it's for the same public suffix - this means that it's ok for subdomains to refer to each other same-fqdn - only send referer if it's FQDN match Any other value that is also a valid URL will use this custom value as referer. (E.g. you could set it to http://no-referer.com) The default value is "always" resource_dir Directory that contains various xombrero resources such as icons. This is OS-specific and should be handled by the porter. save_global_history If set the global history will be saved to ~/.xombrero/history when quitting and restored at startup. See the KEY BINDINGS section above for how the global history is accessed. Global history is not saved to disk by default. save_rejected_cookies Saves rejected cookies in cookie format in {work_dir}/rejected.txt. All cookies are saved and unlike a cookie jar they are never replaced. Make sure there is enough disk space to enable this feature. search_string Default search engine string. See the xombrero.conf file for details. session_autosave Enable session auto-saving when changing state (e.g. adding or removing a tab). The session name is what is currently in use and is described in the session save and session open commands. session_timeout This value is the time that is added in seconds to a session cookie. show_tabs Enable or disable showing tabs. show_url Enable or disable showing the url and toolbar. show_scrollbars Enable or disable the showing of the horizontal and vertical scrollbars. Disabling this setting requires GTK3. show_statusbar Enable or disable showing the status bar. single_instance If set and enable_socket is enabled only one xombrero will be permitted to run. If there is a URL specified it will be opened in a new tab in the already running xombrero session. spell_check_languages The languages to be used for spell checking, separated by commas. For example, en_US. ssl_ca_file If set to a valid PEM file all server certificates will be validated against it. The URL bar will be colored green (or blue when saved) when the certificate is trusted and yellow when untrusted. If ssl_ca_file is not set, the URL bar will be colored red if the certificate has not been saved, or blue if it has been saved. WebKit only supports a single PEM file. Many OS' or distributions have many PEM files. One can simply concatenate all separate files into one large one. E.g. for i in `ls`; do cat $i >> cert.pem; done and use the resulting cert.pem file as the input to ssl_ca_file. It is advisable to periodically recreate the cert.pem file. ssl_strict_certs If this value is set connections to untrusted sites will be aborted. This value is only used if ssl_ca_file is set. statusbar_elems Define the components of the status bar. The possible components are: | - separator P - page progress percent p - proxy enabled/disabled B - buffer command Z - page zoom level T - current tab number The default is "BP". These components show nothing if there is nothing worth showing, like zoom amount 100%. statusbar_font Set the status bar font. E.g. statusbar_font = monospace normal 9. statusbar_style Set the status bar style to either url - display the current url, or title - display the page title. The default is url. tab_style Set the tab style to either normal - the default gtk notebook tabs, or compact for an alternative. You can switch the tab style with the tabnextstyle command. tabbar_font Set the compact tab bar font. E.g. tabbar_font = monospace normal 9. tabless Disable tabs, and open new windows instead. Note that this feature does not disable the display of tabs. Change your show_tabs setting also if you wish to disable the display of tabs. Default is 0. url_regex This is the regular expression that is used to match what constitutes a valid URL when using guess_search. user_agent Set to override the default xombrero user-agent string. May be specified several times for switching between user-agents. userstyle Set the stylesheet to be used as a default for the userstyle and userstyle_global commands when no extra parameters are given. The default is a low-contrast stylesheet. userstyle_global When enabled new tabs will automatically be displayed using the custom stylesheet specified by the userstyle setting. warn_cert_changes When enabled all SSL certificates from HTTPS websites will be cached in the ~/.xombrero/certs_cache/ directory. On each page load, if the remote certificate differs from the cached local version, a warning page with options of what to do next will be displayed instead of the requested page. This feature may be used in addition to the coloring of the URL bar and can be used to help prevent against man-in-the-middle attacks, even if the new remote certificate is signed by a trusted certificate authority in ssl_ca_file. Default is 0. window_height Set the default height of the browser window. window_width Set the default width of the browser window. window_maximize Maximize the browser window at startup. work_dir Set the work directory where all xombrero scratch files are stored. Default is ~/.xombrero.

HISTORY

xombrero was inspired by vimprobable2 and the bloat in other UNIX web browsers.

AUTHORS

xombrero was written by Marco Peereboom <marco@peereboom.us>, Stevan Andjelkovic <stevan@student.chalmers.se>, Edd Barrett <vext01@gmail.com>, Todd T. Fries <todd@fries.net>, Raphael Graf <r@undefined.ch>, Michal Mazurek <akfaew@jasminek.net>, and Josh Rickmar <jrick@devio.us>. Bitrig 0.1 August 23, 2012 Bitrig 0.1

1994 Man-cgi 1.15, Panagiotis Christias <christia@theseas.ntua.gr>