As mentioned in https://github.com/tridactyl/tridactyl/issues/1229, this
userChrome file isn't kept up to date. It's probably better to remove it
and only support modifying the userChrome with `:guiset`, which is
slightly more tested.
Before this commit, if Tridactyl failed to execute :editor (e.g. because
editorcmd isn't defined), the edited element would keep its
TridactylEditing class.
Closes https://github.com/tridactyl/tridactyl/issues/1298
Before this commit, Tridactyl checked if `nativeopen` was currently
supported in `tabopen` rather than in nativeopen itself. This was a
problem because nothing prevented a user from manually calling
`:nativeopen`. The check has been moved to `nativeopen`.
Another issue was that in case of failure, Tridactyl wouldn't properly
clean up event handlers created in nativeopen. This would result in new
tabs being moved to surprising indexes. This wasn't a big deal because
said event handlers removed themselves after executing once but it'd
still result in a bug. This has been fixed too.
Apparently, on github,
`document.querySelectorAll("a,link[rel='alternate']")` can return
anchors that are actually svg elements. This would be fine if these
elements had string hrefs, but that's not the case. These elements have
svg hrefs and this makes getRssLinks() fail, which in turn makes opening
the command line fail because of completions. The easy solution is to
simply make sure elements have a string href. The hard solution is
creating a proper statusline where errors will be logged without taking
over the command line.
https://github.com/tridactyl/tridactyl/issues/1197 is a bug where
settings aren't properly loaded on `:source` because tridactyl performs
concurrent writes on the config. Making sure every function/excmd
returns its last promise restores synchronicity when it's needed and
should thus fix#1197.
https://github.com/tridactyl/tridactyl/issues/1288 reports that
Tridactyl will happily overwrite a setting the type of which is
`object` with a string. This was caused by not checking whether
the setting being overwritten was a top-level object or a member of said
object. This commit fixes that.
Closes#1288.
https://github.com/straker/html-tagged-template/issues/26 discusses
authorizing the data:// protocol. The gist of it is that it's dangerous
because data:text/html can be used for XSS attacks. We circumvent this
problem by only explicitly allowing a few image formats formatted as
base64.
html-tagged-template.js forbids every protocol except http:// when
sanitizing urls. This prevents Tridactyl from loading its icons from
moz-extension urls. This commit fixes that (ignore prettier reformatting
the file, the only line I actually changed was line 314 before prettier
which became line 467 after prettier).
