(Sorry, I'm repeating my reply because I forgot to include the list.) It's possible that the pattern I saw was '*://*./*' instead of '*://*/*', which I now tested and also works for enabling javascript for all sites.
2020-02-24 4:51 GMT-03:00, Florian Bruhin <[email protected]>: > Hey Javier, > > On Sun, Feb 23, 2020 at 05:53:19PM -0300, Javier Ayres wrote: >> Hi everybody. >> >> I use qutebrowser with javascript disabled and I enable it on a per >> domain basis with "tSH". Lately I was noticing that some banners were >> appearing on my local newspaper's website, which I have never allowed >> to run javascript, and decided to check my autoconfig.yml to discover >> this line under content.javascript.enabled: '*://*/*': true. >> >> Is it possible that hitting "tSH" at the wrong time can add this >> allow-everything line to content.javascript.enabled? > > That's weird. tSH is bound to a config-cycle with *://*.{url:host}/* as > pattern, so I don't think this is possible. > > Similarly, tSh is using a *://{url:host}/* pattern - so for that to happen, > {url:host} would need to be *, which can't happen (qutebrowser would > complain > that the current URL is invalid). > > I also can't think of any other way (other than a literal > ":set -u *://*/* content.javascript.enabled true") how this could have > happened. With a :set without -u, it would land under "global:", not such a > URL > pattern. > > tl;dr: No idea either, sorry! > > Florian > > -- > [email protected] (Mail/XMPP) | https://www.qutebrowser.org > https://bruhin.software/ | https://github.com/sponsors/The-Compiler/ > GPG: 916E B0C8 FD55 A072 | https://the-compiler.org/pubkey.asc > I love long mails! | https://email.is-not-s.ms/ >
