aboutsummaryrefslogtreecommitdiff
path: root/src/hydrilla/proxy/self_doc/policy_selection.html.jinja
diff options
context:
space:
mode:
Diffstat (limited to 'src/hydrilla/proxy/self_doc/policy_selection.html.jinja')
-rw-r--r--src/hydrilla/proxy/self_doc/policy_selection.html.jinja73
1 files changed, 46 insertions, 27 deletions
diff --git a/src/hydrilla/proxy/self_doc/policy_selection.html.jinja b/src/hydrilla/proxy/self_doc/policy_selection.html.jinja
index 4d9b251..687d2bd 100644
--- a/src/hydrilla/proxy/self_doc/policy_selection.html.jinja
+++ b/src/hydrilla/proxy/self_doc/policy_selection.html.jinja
@@ -20,71 +20,90 @@ code in a proprietary work, I am not going to enforce this in court.
#}
{% extends "doc_base.html.jinja" %}
-{% block title %}{{ _('doc.policy_selection.title') }}{% endblock %}
+{% block title %} Policy selection {% endblock %}
{% block main %}
- {{ big_heading(_('doc.policy_selection.h_big')) }}
+ {{ big_heading('Page policy selection') }}
{% call section() %}
{% call paragraph() %}
- {{ _('doc.policy_selection.intro') }}
+ When a web page is opened, Haketilo is capable of either
{% call unordered_list() %}
{% call list_entry() %}
- {{ _('doc.policy_selection.enabled_payload_case') }}
+ blocking page's own scripts and
+ {{ doc_page_link('injecting payload', 'packages') }}
+ configured by the user,
{% endcall %}
{% call list_entry() %}
- {{ _('doc.policy_selection.auto_payload_case') }}
+ blocking page's own scripts and injecting an automatically-chosen
+ payload that is usable with the page,
{% endcall %}
{% call list_entry() %}
- {{ _('doc.policy_selection.ask_payload_case') }}
+ presenting a dialog asking whether to enable an automatically-chosen
+ payload that is usable with the page,
{% endcall %}
{% call list_entry() %}
- {% set fmt = _('doc.policy_selection.block_js_case_{blocking_link}') %}
- {% set link_text = _('doc.policy_selection.html.block_js_case.blocking_link_text') %}
- {% set link = doc_page_link(link_text|e, 'script_blocking') %}
- {{ fmt.format(blocking_link=link)|safe }}
+ {{ doc_page_link('blocking', 'script_blocking') }} page's own scripts
+ or
{% endcall %}
{% call list_entry() %}
- {{ _('doc.policy_selection.allow_js_case') }}
+ allowing page's own scripts to execute normally (i.e. not modifying
+ the page in any meaningful way).
{% endcall %}
{% endcall %}
{% endcall %}
{% endcall %}
{% call section() %}
- {{ medium_heading(_('doc.policy_selection.h_medium.precedence')) }}
+ {{ medium_heading('Policy precedence') }}
{% call paragraph() %}
- {% set fmt = _('doc.policy_selection.html.precedence_general_{patterns_link}') %}
- {% set link_text = _('doc.policy_selection.precedence_general.patterns_link_text') %}
- {% set link = doc_page_link(link_text|e, 'url_patterns') %}
- {{ fmt.format(patterns_link=link)|safe }}
+ User configures Haketilo's behavior by defining script-blocking and
+ -allowing rules and by adding and enabling packages. Each rule and each
+ package payload has a {{ doc_page_link('URL pattern', 'url_patterns') }}.
+ This pattern determines which pages the policy is compatible with.
+ Patterns also have well-defined specificity. When multiple rules and
+ packages are combatible with given page's URL, the one with the most
+ specific pattern "wins". In case of a tie, payload injection is assumed to
+ take precedence over rule application.
{% endcall %}
{% call paragraph() %}
- {% set fmt = _('doc.policy_selection.html.precedence_nonenabled_{settings_link}') %}
- {% set link_text = _('doc.policy_selection.precedence_nonenabled.settings_link_text') %}
- {% set link = hkt_link(link_text|e, 'home.home') %}
- {{ fmt.format(settings_link=link)|safe }}
+ In the absence of suitable rules and enabled packages, Haketilo may
+ consider non-enabled packages that are suitable for use on the
+ currently-visited site. It will either inject package payload
+ automatically, ask the user whether to enable the package or ignore it
+ completely. The user can switch between these 3 behaviors on the Haketilo
+ {{ hkt_link('settings page', 'home.home') }}. Packages that were
+ explicitly marked as disabled will always be ignored. Pattern specificity
+ is also taken into account in case of multiple packages.
{% endcall %}
{% call paragraph() %}
- {% set fmt = _('doc.policy_selection.html.precedence_fallback_{settings_link}') %}
- {% set link_text = _('doc.policy_selection.precedence_fallback.settings_link_text') %}
- {% set link = hkt_link(link_text|e, 'home.home') %}
- {{ fmt.format(settings_link=link)|safe }}
+ When absolutely no explicit policy appears suitable for given page,
+ Haketilo will apply its default script handling behavrior. Whether
+ JavaScript is blocked or allowed by default is also determined by user's
+ choice on the {{ hkt_link('settings page', 'home.home') }}.
{% endcall %}
{% endcall %}
{% call section() %}
- {{ medium_heading(_('doc.policy_selection.special_cases.h_medium')) }}
+ {{ medium_heading('Special cases') }}
{% call paragraph() %}
- {{ _('doc.policy_selection.special_cases.html.exepmt_and_error')|safe }}
+ The sites served by Haketilo itself are exempt from all policies. These
+ are <code>http://hkt.mitm.it</code>, <code>https://hkt.mitm.it</code>
+ and <code>http://mitm.it</code>. Additionally, if Haketilo experiences an
+ internal error (e.g. because it could not parse current URL as sent in by
+ the browser), it will try to block page's JavaScript as a security
+ measure.
{% endcall %}
{% call paragraph() %}
- {{ _('doc.policy_selection.special_cases.internal_policies') }}
+ Internally, Haketilo also has a special high-priority policy for serving
+ files used by payloads and for making its APIs accessible to payload
+ scripts. This is, however, an implementation detail and casual users need
+ not care about it nor understand these nuances.
{% endcall %}
{% endcall %}
{% endblock main %}
generated by cgit