diff options
Diffstat (limited to 'src/hydrilla/proxy/self_doc/policy_selection.html.jinja')
-rw-r--r-- | src/hydrilla/proxy/self_doc/policy_selection.html.jinja | 73 |
1 files changed, 46 insertions, 27 deletions
diff --git a/src/hydrilla/proxy/self_doc/policy_selection.html.jinja b/src/hydrilla/proxy/self_doc/policy_selection.html.jinja index 4d9b251..687d2bd 100644 --- a/src/hydrilla/proxy/self_doc/policy_selection.html.jinja +++ b/src/hydrilla/proxy/self_doc/policy_selection.html.jinja @@ -20,71 +20,90 @@ code in a proprietary work, I am not going to enforce this in court. #} {% extends "doc_base.html.jinja" %} -{% block title %}{{ _('doc.policy_selection.title') }}{% endblock %} +{% block title %} Policy selection {% endblock %} {% block main %} - {{ big_heading(_('doc.policy_selection.h_big')) }} + {{ big_heading('Page policy selection') }} {% call section() %} {% call paragraph() %} - {{ _('doc.policy_selection.intro') }} + When a web page is opened, Haketilo is capable of either {% call unordered_list() %} {% call list_entry() %} - {{ _('doc.policy_selection.enabled_payload_case') }} + blocking page's own scripts and + {{ doc_page_link('injecting payload', 'packages') }} + configured by the user, {% endcall %} {% call list_entry() %} - {{ _('doc.policy_selection.auto_payload_case') }} + blocking page's own scripts and injecting an automatically-chosen + payload that is usable with the page, {% endcall %} {% call list_entry() %} - {{ _('doc.policy_selection.ask_payload_case') }} + presenting a dialog asking whether to enable an automatically-chosen + payload that is usable with the page, {% endcall %} {% call list_entry() %} - {% set fmt = _('doc.policy_selection.block_js_case_{blocking_link}') %} - {% set link_text = _('doc.policy_selection.html.block_js_case.blocking_link_text') %} - {% set link = doc_page_link(link_text|e, 'script_blocking') %} - {{ fmt.format(blocking_link=link)|safe }} + {{ doc_page_link('blocking', 'script_blocking') }} page's own scripts + or {% endcall %} {% call list_entry() %} - {{ _('doc.policy_selection.allow_js_case') }} + allowing page's own scripts to execute normally (i.e. not modifying + the page in any meaningful way). {% endcall %} {% endcall %} {% endcall %} {% endcall %} {% call section() %} - {{ medium_heading(_('doc.policy_selection.h_medium.precedence')) }} + {{ medium_heading('Policy precedence') }} {% call paragraph() %} - {% set fmt = _('doc.policy_selection.html.precedence_general_{patterns_link}') %} - {% set link_text = _('doc.policy_selection.precedence_general.patterns_link_text') %} - {% set link = doc_page_link(link_text|e, 'url_patterns') %} - {{ fmt.format(patterns_link=link)|safe }} + User configures Haketilo's behavior by defining script-blocking and + -allowing rules and by adding and enabling packages. Each rule and each + package payload has a {{ doc_page_link('URL pattern', 'url_patterns') }}. + This pattern determines which pages the policy is compatible with. + Patterns also have well-defined specificity. When multiple rules and + packages are combatible with given page's URL, the one with the most + specific pattern "wins". In case of a tie, payload injection is assumed to + take precedence over rule application. {% endcall %} {% call paragraph() %} - {% set fmt = _('doc.policy_selection.html.precedence_nonenabled_{settings_link}') %} - {% set link_text = _('doc.policy_selection.precedence_nonenabled.settings_link_text') %} - {% set link = hkt_link(link_text|e, 'home.home') %} - {{ fmt.format(settings_link=link)|safe }} + In the absence of suitable rules and enabled packages, Haketilo may + consider non-enabled packages that are suitable for use on the + currently-visited site. It will either inject package payload + automatically, ask the user whether to enable the package or ignore it + completely. The user can switch between these 3 behaviors on the Haketilo + {{ hkt_link('settings page', 'home.home') }}. Packages that were + explicitly marked as disabled will always be ignored. Pattern specificity + is also taken into account in case of multiple packages. {% endcall %} {% call paragraph() %} - {% set fmt = _('doc.policy_selection.html.precedence_fallback_{settings_link}') %} - {% set link_text = _('doc.policy_selection.precedence_fallback.settings_link_text') %} - {% set link = hkt_link(link_text|e, 'home.home') %} - {{ fmt.format(settings_link=link)|safe }} + When absolutely no explicit policy appears suitable for given page, + Haketilo will apply its default script handling behavrior. Whether + JavaScript is blocked or allowed by default is also determined by user's + choice on the {{ hkt_link('settings page', 'home.home') }}. {% endcall %} {% endcall %} {% call section() %} - {{ medium_heading(_('doc.policy_selection.special_cases.h_medium')) }} + {{ medium_heading('Special cases') }} {% call paragraph() %} - {{ _('doc.policy_selection.special_cases.html.exepmt_and_error')|safe }} + The sites served by Haketilo itself are exempt from all policies. These + are <code>http://hkt.mitm.it</code>, <code>https://hkt.mitm.it</code> + and <code>http://mitm.it</code>. Additionally, if Haketilo experiences an + internal error (e.g. because it could not parse current URL as sent in by + the browser), it will try to block page's JavaScript as a security + measure. {% endcall %} {% call paragraph() %} - {{ _('doc.policy_selection.special_cases.internal_policies') }} + Internally, Haketilo also has a special high-priority policy for serving + files used by payloads and for making its APIs accessible to payload + scripts. This is, however, an implementation detail and casual users need + not care about it nor understand these nuances. {% endcall %} {% endcall %} {% endblock main %} |