I’ve used many textual browsers, but I’m interested in more hardened options. Browsers parse untrusted content from the Internet but no textual browsers employ sandboxing, continuous fuzzing, or other security measures. Check CVEs for Lynx or w3m and you’ll see what I mean.

I’m also looking at alternatives to my w3m-sandbox script to show HTML emails. Pandoc with commonmark-raw_html output is an option; Haskell seems like a better choice than un-fuzzed C for this. I’d like a more battle-hardened library for networking, like libcurl (used in Edbrowse).

I considered Offpunk, which uses Readability to extract articles. I’d rather pipe rdrview output to w3m-sandbox. rdrview does some sandboxing, and sanitizes input to a subset of HTML.

#POSSE note from https://seirdy.one/notes/2022/08/06/alternative-textual-browsers/


@Seirdy offpunk's use of shell=True is dangerous.

· · Web · 0 · 0 · 1
Sign in to participate in the conversation

The original server operated by the Mastodon gGmbH non-profit