Hi, if you're using qutebrowser from git with --backend webengine and have general -> developer-extras enabled, the inspector runs on a port bound to localhost (which is the only way to access it currently).
However, this is not as unproblematic as it might seem, and might actually allow any website to access the inspector (and thus control other websites): http://bouk.co/blog/hacking-developers/ Until there's a better solution in QtWebEngine, I'd recommend not enabling the web inspector when navigating to untrusted websites. The newest git commit now disables the web inspector (even with developer-extras enabled) and requires a --enable-webengine-inspector commandline switch to enable it. If you can't update for some reason, disabling developer-extras and restarting qutebrowser will have the same effect. If you aren't using --backend webengine, or aren't using qutebrowser from git, or have developer-extras disabled, this does not affect you in any way. Florian -- http://www.the-compiler.org | [email protected] (Mail/XMPP) GPG: 916E B0C8 FD55 A072 | http://the-compiler.org/pubkey.asc I love long mails! | http://email.is-not-s.ms/
signature.asc
Description: PGP signature
