web browser choice for FreeBSD

[Deleted member 9563]

Try www/surf, it is even more minimalistic.

I made the mistake of installing the package. Wrong! That's a different "surf" which is for drawing curves. There is no package for www/surf and when I then went to compile the port it wouldn't because it conflicts with the first due to install space collision. Removing the curve drawing program fixed that. Yes, surf looks like a nice browser. For a quick start, just hit ctrl-g and a command line will appear at the top of the screen.

 

[Deleted member 48958]

Yes, it's easy to make a mistake, because in pkg repository surf named as surf-browser

But also it is always posible to install it like this
# pkg ins www/surf

 

[Gdan]

I have always liked the original Netscape/Mozilla suite. It may be a bit of a juggernaut, but it is RICH with features and usability. I went to Firefox for awhile, but it didn't take me long to return to Seamonkey.

 

[rigoletto@]

As cpm@ pointed here, the Iridium Browser has been ported to FreeBSD.

But yes, it is blink based: https://iridiumbrowser.de/

 

[fernandel]

As cpm@ pointed here, the Iridium Browser has been ported to FreeBSD.

But yes, it is blink based: https://iridiumbrowser.de/

I am using it and it is faster than Firefox which I decided to remove from my computer. I did check both browsers on panopticlick.com and have almost identical score. I did turn off ScriptSafe on the both browsers before test.

 

[james122333]

I think www/surf is the best minimalistic browser(no zombie process...support style/js...official patch...) but surf-webkit2 is not in port...
Ublock/Adblock like feature can be achieved by www/privoxy...you can convert rules to privoxy by adblock2privoxy
https://projects.zubr.me/wiki/adblock2privoxy
There are some examples in the website...

 

[rigoletto@]

Anyone using syncserver to run a local Firefox sync service instead of using the mozilla one?

It is not in ports yet.

 

[aragats]

I installed the www/uzbl browser. So far so good

I tried it a few years go and liked it, but...
Now checking it again: some sites are completely unusable, e.g. accuweather.com:

....
ReferenceError: Can't find variable: jQuery
TypeError: undefined is not a function (evaluating '$(document)')
TypeError: undefined is not a function (evaluating '$('.vid-headline-box')')
TypeError: undefined is not a function (evaluating 'jQuery('#ad-links')')
....

Also it's not possible to paste text from a terminal with Shift-Insert or mouse middle button.
A hate java script, but that's the reality nowadays...

 

[Deleted member 9563]

some sites are completely unusable, e.g. accuweather.com:

It's a problem alright. Whenever possible I boycott sites that use java script as it shows a disregard for visitors. However, I find I need the full features of a big browser like Firefox anyway. I use these little browsers just for variety and they're handy for a default browser which is best when it just pops up right away.

Very late edit: I should also say that although Uzbl browser has a nice look and works fine, it also takes an extraordinarily long time to open, so is really only useful as a primary, always open, browser. It will not be a workable solution for a default browser.

 

[drhowarddrfine]

java script

JavaScript. One word. Completely unrelated to Java.

it shows a disregard for visitors.

No it doesn't. However, a lot of sites use javascript the wrong way and poorly. So they do have a disregard for visitors.

But get used to it. It's everywhere now and will be more ubiquitous as time goes on very quickly.

 

[fernandel]

I have always liked the original Netscape/Mozilla suite. It may be a bit of a juggernaut, but it is RICH with features and usability. I went to Firefox for awhile, but it didn't take me long to return to Seamonkey.

I give a try to seamonkey too and it works great but I don't know how are about updates.

pkg audit
pkg audit
seamonkey-2.46_8 is vulnerable:
mozilla -- multiple vulnerabilities
CVE: CVE-2016-9077
CVE: CVE-2016-9076
CVE: CVE-2016-9075
CVE: CVE-2016-9074
CVE: CVE-2016-9073
CVE: CVE-2016-9072
CVE: CVE-2016-9071
CVE: CVE-2016-9070
CVE: CVE-2016-9068
CVE: CVE-2016-9067
CVE: CVE-2016-9066
CVE: CVE-2016-9065
CVE: CVE-2016-9064
CVE: CVE-2016-9063
CVE: CVE-2016-9062
CVE: CVE-2016-9061
CVE: CVE-2016-5299
CVE: CVE-2016-5298
CVE: CVE-2016-5297
CVE: CVE-2016-5296
CVE: CVE-2016-5295
CVE: CVE-2016-5294
CVE: CVE-2016-5293
CVE: CVE-2016-5292
CVE: CVE-2016-5291
CVE: CVE-2016-5290
CVE: CVE-2016-5289
WWW: https://vuxml.FreeBSD.org/freebsd/d1853110-07f4-4645-895b-6fd462ad0589.html

seamonkey-2.46_8 is vulnerable:
mozilla -- multiple vulnerabilities
CVE: CVE-2016-9893
CVE: CVE-2016-9080
CVE: CVE-2016-9903
CVE: CVE-2016-9902
CVE: CVE-2016-9901
CVE: CVE-2016-9904
CVE: CVE-2016-9900
CVE: CVE-2016-9898
CVE: CVE-2016-9897
CVE: CVE-2016-9896
CVE: CVE-2016-9895
CVE: CVE-2016-9899
CVE: CVE-2016-9894
WWW: https://vuxml.FreeBSD.org/freebsd/512c0ffd-cd39-4da4-b2dc-81ff4ba8e238.html

seamonkey-2.46_8 is vulnerable:
mozilla -- multiple vulnerabilities
CVE: CVE-2017-5396
CVE: CVE-2017-5395
CVE: CVE-2017-5394
CVE: CVE-2017-5393
CVE: CVE-2017-5392
CVE: CVE-2017-5391
CVE: CVE-2017-5390
CVE: CVE-2017-5389
CVE: CVE-2017-5388
CVE: CVE-2017-5387
CVE: CVE-2017-5386
CVE: CVE-2017-5385
CVE: CVE-2017-5384
CVE: CVE-2017-5383
CVE: CVE-2017-5382
CVE: CVE-2017-5381
CVE: CVE-2017-5380
CVE: CVE-2017-5379
CVE: CVE-2017-5378
CVE: CVE-2017-5377
CVE: CVE-2017-5376
CVE: CVE-2017-5375
CVE: CVE-2017-5374
CVE: CVE-2017-5373
WWW: https://vuxml.FreeBSD.org/freebsd/e60169c4-aa86-46b0-8ae2-0d81f683df09.html

seamonkey-2.46_8 is vulnerable:
mozilla -- multiple vulnerabilities
CVE: CVE-2017-5398
CVE: CVE-2017-5399
CVE: CVE-2017-5422
CVE: CVE-2017-5421
CVE: CVE-2017-5405
CVE: CVE-2017-5420
CVE: CVE-2017-5419
CVE: CVE-2017-5418
CVE: CVE-2017-5427
CVE: CVE-2017-5426
CVE: CVE-2017-5425
CVE: CVE-2017-5417
CVE: CVE-2017-5416
CVE: CVE-2017-5415
CVE: CVE-2017-5414
CVE: CVE-2017-5413
CVE: CVE-2017-5412
CVE: CVE-2017-5408
CVE: CVE-2017-5409
CVE: CVE-2017-5411
CVE: CVE-2017-5410
CVE: CVE-2017-5407
CVE: CVE-2017-5406
CVE: CVE-2017-5404
CVE: CVE-2017-5403
CVE: CVE-2017-5402
CVE: CVE-2017-5401
CVE: CVE-2017-5400
WWW: https://vuxml.FreeBSD.org/freebsd/96eca031-1313-4daf-9be2-9d6e1c4f1eb5.html

And it is about 10 days ):

 

[kpedersen]

I tend to run firefox and chrome from within a Jail called "/usr/jail/cesspit" and then use Xvnc to pass the graphics back (I find X11 forwarding a bit too fiddly).
This is quite nice and I even feel safe turning on Javascript (if I don't mind getting a warm laptop haha). I used to do similar with a VirtualBox VM but it was a pain to extract any files downloaded from it, unlike the jail where I just copy and paste.

I assume a few others here have a similar setup? I personally find starting up the jail and getting the resolv.conf, ip and finally Xvnc and firefox running a but of a faff, has anyone here perhaps invented a clever way of doing this automatically?

 

[Maxnix]

I assume a few others here have a similar setup? I personally find starting up the jail and getting the resolv.conf, ip and finally Xvnc and firefox running a but of a faff, has anyone here perhaps invented a clever way of doing this automatically?

I run my browser jailed too. What problems do you have? Did you "build" your jail and set its configuration in /etc/jail.conf? You can copy your /etc/resolv.conf file from the host if you do not have a particular setup (e.g. you use unbound), and the ip address of the interface that you bind to the jail should be set in /etc/rc.conf.

 

[kpedersen]

I suppose I don't have any specific problem, it is perhaps just a bit awkward when using WiFi on laptop with different networks. i.e they assign me a random IP address and I currently have to manually edit my /etc/rc.conf to match that with my interface device. I have a script to automatically copy across /etc/resolv.conv but if something could be done similar for the Jail IP that would be really nice

How do you forward out the graphics? Do you also use something like Xvnc or X11 forwarding?

 

[Maxnix]

I suppose I don't have any specific problem, it is perhaps just a bit awkward when using WiFi on laptop with different networks. i.e they assign me a random IP address and I currently have to manually edit my /etc/rc.conf to match that with my interface device. I have a script to automatically copy across /etc/resolv.conv but if something could be done similar for the Jail IP that would be really nice

I would suggest to create a clone of the loopback interface (lo1 in my case), then assign a static private IP address to it (e.g. 10.0.0.1) and use NAT to connect the jail to internet. This will solve the problem of assigning the correct IP everytime.
This is what I have in /etc/rc.conf:

cloned_interfaces="lo1"
ifconfig_lo1="inet 10.0.0.1/29"

and, since I use PF, this are the relevant parts of my /etc/pf.conf:

# Here I refer to interface:ip-address/mask as localnet1.
localnet1=lo1:network

# If you do NOT want to filter your LOCAL jail traffic, tell PF to skip your cloned interface.
set skip on lo1

# This rule will tell to PF to NAT $localnet1 to the actual defined external interface.
# In case you have more than one, and want to refer to the actual used, use (egress).
nat on $ext_if inet from $localnet1 to any -> ($ext_if)

# This will serve you if you WANT to filter your LOCAL traffic on lo1.
# Your TCP traffic.
pass quick on lo1 inet proto tcp from 10.0.0.1 to 10.0.0.1 port { <your list of ports> }
# Settings for DNS.
pass quick on lo1 inet proto udp from 10.0.0.1 to 10.0.0.1 port { 53 }

About /etc/resolv.conf instead, I guess that you use DHCP and your DNS settings are overwritten everytime, right? In this case you can tell dhclient to stick with your DNS servers of choice; simply add this to your /etc/dhclient.conf:

prepend domain-name-servers $ip1,$ip2 ;

How do you forward out the graphics? Do you also use something like Xvnc or X11 forwarding?

I use X11 forwarding, never used Xvnc. Exists sysutils/jailme that let unprivileged users to run programs inside jails, but you should make Xorg listen for TCP connections (personally I don't like this solution).

EDIT: If you don't want/cannot rely on NAT, and want to automate the IP address change in /etc/rc.conf, you can set exec.prestart = "<command to run>"; in /etc/jail.conf, where <command to run> can be a shell script to change the IP address with, in example, sed -i "" 's/$old_ip/$new_ip/' /etc/rc.conf. In this way the OS will run your script before starting the jail. Refer to jail(8) for other parameters accepted in /etc/jail.conf.

HTH

 

[kpedersen]

Awesome, thanks for that. I have reworked my existing system to use your suggestions and the whole experience is now a lot more pleasant

Cloning localhost and using pf to redirect the traffic seems a lot more robust than any scripts I attempted to write.

Thanks again.

 

[Deleted member 48958]

I think www/surf is the best minimalistic browser(no zombie process...support style/js...official patch...) but surf-webkit2 is not in port...

But www/luakit already exists in ports tree, it is based on webkit2-gtk3 and it is also very minimalistic, like surf-browser, also it has tabs support.


o — address line
ctrl+t — new tab
ctrl+w — close tab
ctrl+PgDn — next tab
ctrl+PgUp — prev tab

 

[tobik@]

www/surf was updated recently and it now uses www/webkit2-gtk3 as well.

 

[Deleted member 48958]

Anyway, IMHO luakit is more usable as web browser .

BTW, www/epiphany also uses webkit2-gtk3,
not bad browser too, with integrated adblock (luakit includes adblock too!). It is possible to customize default adblock list,
in older versions you had to create ~/.config/epiphany/adblock/filters.list,
but this method doesn't work any more for me. This is how I changed default adblock filters list:

# cd /usr/ports/www/epiphany
# make fetch extract patch
# cd /usr/ports/www/epiphany/work/epiphany-3.24.2/

Then change all lines with "https://easylist.to/easylist/easylist.txt" in ./lib/ephy-uri-tester-shared.h to your custom adblock list. Then return to /usr/ports/www/epiphany and execute # make install clean.


EDIT:
Now it seems it is possible to add epiphany adblock filters via dconf-editor — org.gnome.Epiphany - adblock-filters!
So no need to rebuild it from source.

 

[Deleted member 30996]

I use www/firefox due to the extensions available for it. NoScript, Change Referrer Button, HTTPSEverywhere, Privacy Badger, User Agent Switcher, uBlock Origin and DownloadThemAll!.

But before I ever start using it I tweak about:config settings to enhance privacy features:

browser.cache.offline.enable = false
browser.safebrowsing.malware.enabled = false
browser.safebrowsing.phishing.enabled = false
browser.send_pings = false
browser.sessionstore.max_tabs_undo = 0
dom.battery.enabled = false
dom.event.clipboardevents.enabled = false
geo.enabled = false
geo.wifi.uri - Modify = http://127.0.0.1
media.peerconnection.enabled = false
network.IDN_show_punycode - type punycode in search field and toggle to "true"
privacy.trackingprotection.enabled = true
webgl.disabled = true

browser.send_pings may already be set to false.
dom.battery.enabled is for laptops only.
PunyCode is used to obfuscate URL's.

 

[Deleted member 9563]

I use www/firefox due to the extensions available for it. NoScript, Change Referrer Button, HTTPSEverywhere, Privacy Badger, User Agent Switcher, uBlock Origin and DownloadThemAll!.

But before I ever start using it I tweak about:config settings to enhance privacy features:

I'm with you. I don't think any other browsers can set tabs vertically. I do use other browsers all the time, and they're often superior, except with tabs side by side, they're not really suitable for serious use.

BTW in your about:config, you might want to look at browser.fixup. That's the part that does that annoying intervention when you use a fqdn that Mozilla does not condone.

 

[rigoletto@]

THIS the source I use for Firefox privacy settings. However, I modify it to suit my taste.

 

[fernandel]

THIS the source I use for Firefox privacy settings. However, I modify it to suit my taste.

Thank you for the link. I did try to use but the Firefox open two windows all the time after I did copy user.js file. I do not know what is the problem. If I delete a file everything is okay again.

 

[rigoletto@]

I never had this problem here, but currently I do the changes manually because I can test them one by one.

Some of the changes in there can really complicate the usage. Pinterest (e.g.) does not work with if user_pref("network.http.referer.spoofSource", true);.

 

[fernandel]

I never had this problem here, but currently I do the changes manually because I can test them one by one.

Some of the changes in there can really complicate the usage. Pinterest (e.g.) does not work with if user_pref("network.http.referer.spoofSource", true);.

user_pref("privacy.clearOnShutdown.openWindows",<------><------>false); solved my problem. But the other two are:
Firefox doesn't remember size of window (I will check user.js) and I do now how to import bookmarks fro Seamonkey and/or Iridium. If I use "Import the data from another browser" doesn't find anything.

Thank you.