Open in Qube 3.0 beta released!
119 views
Skip to first unread message
Raffaele Florio
Sep 14, 2018, 1:02:09 PM9/14/18
to qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Dear Qubes community,
I've released a new version of "Open in Qube" (aka qubes-url-redirector) [v3.0_beta]. The repository is at [repo].
This is a browser extension inspired by [gsoc idea] and it's written using standard WebExtension APIs. Each customization is done via the browser because it's highly integrated in it.
### What does it do
The extension allows you to choose which URLs are whitelisted in the browser, with a lot of flexibility. Indeed you can specify allowed URLs also with regular expression. Non whitelisted URLs are treated in a custom way: you can choose to block them only, or to block and redirect them to a specific/disposable qube. In this way unwanted/malicious URLs will not be opened in the current browser, so in the current qube.
Furthermore there are three context menu entry ([menu issue]) through which you can choose how to handle specific link. Then there is the toolbar's popup that allows you to whitelist a **specific** resource currently blocked in the **active** tab. In the popup is indicated the URL and the type (i.e. image, stylesheet, script, xhr and so on..) of each resource.
In the repo there are some screenshot and other infos. Furthermore after the first installation the browser will open a welcome page whose will guide you.
### Installation
Installation is really easy and it's covered in the [repo]. As you can see in [contrib issue] its integration in Qubes OS is scheduled for the 4.1 release.
I hope that it will be useful to a lot of us and for whatever issue don't hesitate to contact me! :D
[menu issue] = https://github.com/QubesOS/qubes-issues/issues/4105
[contrib_issue] = https://github.com/QubesOS/qubes-issues/issues/3152
Best Regards,
Raffaele.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEXw2ov1HEFPFo+AVy07vJZYtrAOMFAlub6M0ACgkQ07vJZYtr
AOP5aA//XX9JjfdsgMB06XWEcNHSNLVa31Ut9Xm2ecSztb2G10NvFNYkv6R11woQ
E49IDHmMR62wqXUec2GKbXimR4Qc0+ohN82uepM1o264SvHDVg9IUETFvkQQU608
GnzJOBPsCIdmuvzhwwWUEdjJHfPahLCQS8SnVbVPO9UA8E7zLfviV5F0rY2mz3Sp
n8HxKjAyVeByM+cEib12zSI7IQpA7hORwatFXErXkNMQ5TMTGfP5Zj/LVRqnSHVa
Yr4j358pgW+PgzjMHKHTY8Swh7R74xV4T7JSqBF2U4ZjJuho3nRT7UIPA0/468FN
k0k/oHUYoLzca13ns3upBPA32ybgdrDYb0dIeeI78xyzqyHz5GoWpkial2+yjyyF
KN8ClJxRm1GAor4KZKgXKen7mWWN1cxTjpLGObD0WSm+k6sz2oSAQN2QsdskgKcD
dI3shJnB53c/b/SRdlz0lnxGutfADu9EYQ8HUWazGCA4rkn/Vy9ErpwH89suzLGf
E61OpjX5p3dbNfOeFJeNU43yOiJg0izmCVjI2nJGBhPZ5+faop1BoNXnzC6PnWz3
CihG00xgte6vCeRbhQBAA3q5EUzuQDCWTH7goPCQCLMwgIvxqRlskq2TdFfSTJVM
/4OsYJpDrR26j18uJA1yqbqkoK75oR2h/e6eqlfdS+zj/aU8mq4=
=eP+x
-----END PGP SIGNATURE-----
John S.Recdep
Sep 14, 2018, 2:31:24 PM9/14/18
to qubes...@googlegroups.com
On 09/14/2018 07:02 AM, 'Raffaele Florio' via qubes-users wrote:
> Dear Qubes community,
> I've released a new version of "Open in Qube" (aka qubes-url-redirector) [v3.0_beta]. The repository is at [repo].
> This is a browser extension inspired by [gsoc idea] and it's written using standard WebExtension APIs. Each customization is done via the browser because it's highly integrated in it.
>
> ### What does it do
> The extension allows you to choose which URLs are whitelisted in the browser, with a lot of flexibility. Indeed you can specify allowed URLs also with regular expression. Non whitelisted URLs are treated in a custom way: you can choose to block them only, or to block and redirect them to a specific/disposable qube. In this way unwanted/malicious URLs will not be opened in the current browser, so in the current qube.
> Furthermore there are three context menu entry ([menu issue]) through which you can choose how to handle specific link. Then there is the toolbar's popup that allows you to whitelist a **specific** resource currently blocked in the **active** tab. In the popup is indicated the URL and the type (i.e. image, stylesheet, script, xhr and so on..) of each resource.
> In the repo there are some screenshot and other infos. Furthermore after the first installation the browser will open a welcome page whose will guide you.
>
> ### Installation
> Installation is really easy and it's covered in the [repo]. As you can see in [contrib issue] its integration in Qubes OS is scheduled for the 4.1 release.
>
> I hope that it will be useful to a lot of us and for whatever issue don't hesitate to contact me! :D
>
> [v3.0_beta] = https://github.com/raffaeleflorio/qubes-url-redirector/releases/tag/v3.0_beta
> [gsoc idea] = https://www.qubes-os.org/gsoc/#thunderbird-firefox-and-chrome-extensions
> [menu issue] = https://github.com/QubesOS/qubes-issues/issues/4105
> [contrib_issue] = https://github.com/QubesOS/qubes-issues/issues/3152
> [repo] = https://github.com/raffaeleflorio/qubes-url-redirector/
>
> Best Regards,
> Raffaele.
>
>
Nice.
> Dear Qubes community,
> I've released a new version of "Open in Qube" (aka qubes-url-redirector) [v3.0_beta]. The repository is at [repo].
> This is a browser extension inspired by [gsoc idea] and it's written using standard WebExtension APIs. Each customization is done via the browser because it's highly integrated in it.
>
> ### What does it do
> The extension allows you to choose which URLs are whitelisted in the browser, with a lot of flexibility. Indeed you can specify allowed URLs also with regular expression. Non whitelisted URLs are treated in a custom way: you can choose to block them only, or to block and redirect them to a specific/disposable qube. In this way unwanted/malicious URLs will not be opened in the current browser, so in the current qube.
> Furthermore there are three context menu entry ([menu issue]) through which you can choose how to handle specific link. Then there is the toolbar's popup that allows you to whitelist a **specific** resource currently blocked in the **active** tab. In the popup is indicated the URL and the type (i.e. image, stylesheet, script, xhr and so on..) of each resource.
> In the repo there are some screenshot and other infos. Furthermore after the first installation the browser will open a welcome page whose will guide you.
>
> ### Installation
> Installation is really easy and it's covered in the [repo]. As you can see in [contrib issue] its integration in Qubes OS is scheduled for the 4.1 release.
>
> I hope that it will be useful to a lot of us and for whatever issue don't hesitate to contact me! :D
>
> [v3.0_beta] = https://github.com/raffaeleflorio/qubes-url-redirector/releases/tag/v3.0_beta
> [gsoc idea] = https://www.qubes-os.org/gsoc/#thunderbird-firefox-and-chrome-extensions
> [menu issue] = https://github.com/QubesOS/qubes-issues/issues/4105
> [contrib_issue] = https://github.com/QubesOS/qubes-issues/issues/3152
> [repo] = https://github.com/raffaeleflorio/qubes-url-redirector/
>
> Best Regards,
> Raffaele.
>
>
Can't quite understand how or why this would be used, though......? am
sure it makes sense to the smart folks :)
here's my vote for whatever "gsoc idea" is , 'cause:
I wish I could click on a URL in ThunderbirdVM and have it open a
whonix-dvm by default ..... afaik there is no current way to do that.
Yethal
Sep 15, 2018, 2:10:04 AM9/15/18
to qubes-users
Ivan Mitev
Sep 16, 2018, 10:26:25 AM9/16/18
to qubes...@googlegroups.com
in your ThunderbirdVM and tweak the corresponding rpc service
(qubes.OpenInVM) to open a whonix-dvm ? Alternatively you could create a
new RPC service just for that (it's pretty easy).
In my setup thunderbird opens links with `qvm-open-in-vm` in a
"semi-permanent" dispVM (eg., a VM of DispVM class), this way I know the
name of the dispVM in advance - in my case 'dispBrowser' and I don't
have to wait each time for a dispVM to start. That's a bit of a security
compromise, but then I just have to power the VM to get it back to a
clean slate.
Raffaele Florio
Sep 17, 2018, 2:00:34 PM9/17/18
to John S.Recdep, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
> Can't quite understand how or why this would be used, though......? am sure it makes sense to the smart folks :)
For the how: it's explained (I hope clearly.. :)) in the welcome page of the extension, it will be showed one time after the installation.
For the why: it should be used because you shouldn't open untrusted stuff in a qube with more trust than that resource or with other purpose..
This extension embraces the Qubes philosophy and applies it also on the browser.
> here's my vote for whatever "gsoc idea" is , 'cause: I wish I could click on a URL in ThunderbirdVM and have it open a whonix-dvm by default ..... afaik there is no current way to do that.
Best Regards,
Raffaele.
-----BEGIN PGP SIGNATURE-----
AOMigQ//dTGBxekTWuYCB+pv33rZGtB1YXYnizJIlwI2xZ+T4R7Jw+w+qtYW2769
bKOnnubLie4znOoBtVh6mSfJlpDNsU5oEP9/l/pFBmtcIXAIU215SdmxlATVPn+s
o0p7V1vzE4eQo6ryHpS074I0Kb6acRPyvNHTLy+ytan+S3SJ8e932W+vDOZ5F1qZ
FxwM7aE9qCP7xBC6ljgKhsc3st43+oDljHbgmd6x5cW7kx9neRdOH892tRjDq/hp
pMXUoXfJtLU9GPQLClTSQRE/tVFhCLs4iWRlxSit4W9STggj/ZYJCX1GVAeCyqEc
PMAQfIlLVHuOWBaQt7emHudIzPjM9HZLuZYyL4pYf2xuTqSFgOdIDP2ETWrLlfkg
2Nq/egikQNxx3CJ1UL1grqcRm8LC68wKVp1+Gzbnls9Ivjt4Z95oBOR7Ox6TJvf9
Ee1He5l9G0Fs8t1vxoZIuhbmajw7DcgFaheyjSMGU8iS57ASdcxD6VYSYeeEwfLN
G94vYWwSKFs5Z0mb1ed688ntyJ1MZ6N0gcdtHQeEph/HtKtMEsjL9Joj4cWYf9nk
NWz6qyMyHlKwK9BCTv4AaIxPMH3kotJ79bJzwWisMyfYeCRzhuceTFMfB2XdKEHA
S+C26mFBgNEtkczNcYem3cW9bscBrEdzUAXPqob1/1HHeZFgHW0=
=RZ6u
-----END PGP SIGNATURE-----
Raffaele Florio
Sep 17, 2018, 2:25:21 PM9/17/18
to Yethal, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
>> here's my vote for whatever "gsoc idea" is , 'cause: I wish I could click on a URL in ThunderbirdVM and have it open a >> whonix-dvm by default ..... afaik there is no current way to do that.
> No, but there is a way to do that in chrome or firefox now
Exactly.
> No, but there is a way to do that in chrome or firefox now
> In my setup thunderbird opens links with `qvm-open-in-vm` in a "semi-permanent" dispVM (eg., a VM of DispVM class), this way I know the name of the dispVM in advance - in my case 'dispBrowser' and I don't have to wait each time for a dispVM to start. That's a bit of a security compromise, but then I just have to power the VM to get it back to a clean slate.
Best Regards,
Raffaele.
-----BEGIN PGP SIGNATURE-----
AOMPbxAAgLSksez4gVQZjDCAk6QpB7RR64umDFtfvT8b8Ntgj78T4pS2NeCX9d3i
gKxTQexTgkSC2C8PzCxEtJXvZw236Wv0evt7zfdVDcgQVCfV2dlUn4NEO712Ze7i
8lKjtyMvV0H48ZfRrGDtcqbeSMUfQQOKvO/FdXtxO4qtgXl8Wj3mP4erWsSNLfwZ
Oi3AUuZFyrSSMytAy6RK8D1fSKMkfECRCMB3PO3aHm7rie5qTDypspw8C/Z/n/kL
vgs8Uja8MFvwbd3HrQOwhd24b96faNwc1Mtpw8IP0gBeHgHRpdFSFanziBYQYtBH
nwSot44HJ0fiuFpJjPSfRvYT/B/OjfCFgzrRNytSCtwBSUZdKfGXzoYKbskce0oX
tux3lNYq/EvLdVrSBL1zF9iv9Z6vtdPtu8xhIcbx50tgmdsbyrHW0o4va5mW7XGG
6rC0TnhuCSTT4MdXoifJB3ixs3/2ApLDFu5IYHfyeN74Z3XyqP3tQjdrLXCsrYwi
2pvHPbMTboQlgEPhKZv01K9BWUfuJ8MVeE8IDQNcqncQGOW9VhxvZEwjVIR25hoV
D4eb8w19x1vj0M7Uo4wfWJNC4k/YDvjWLzmQkxd9OhPBFp2Rfd1kEdYtpCXQu7rS
S1/COhefg6221y2rsvh5PLDvPr5xjqMI02XanBseHOsDlg+xe5Q=
=egnv
-----END PGP SIGNATURE-----
Sven Semmler
Sep 24, 2018, 2:13:18 PM9/24/18
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
On 9/16/18 9:28 AM, Ivan Mitev wrote:
> Just curious - isn't it possible to open a link with
> `qvm-open-in-dvm` in your ThunderbirdVM and tweak the
> corresponding rpc service (qubes.OpenInVM) to open a whonix-dvm ?
Yes it is, following the way you outlined for me here:
> Just curious - isn't it possible to open a link with
> `qvm-open-in-dvm` in your ThunderbirdVM and tweak the
> corresponding rpc service (qubes.OpenInVM) to open a whonix-dvm ?
https://groups.google.com/d/msg/qubes-devel/0CpN7ol1ZdM/0cBPvwc6CgAJ
When I click any link in my Thunderbird VM I get the Open in VM dialog
that allows me to either choose a new disp VM or an already running /
existing VM. Works perfect!
/Sven
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAlupKhcACgkQ2m4We49U
H7YF4A/9GQWityx7n1J/Nxfnb/ydhoBQScQyCqj+ZY+Us0OTZ5HNI1Y/L75Ixv3o
sh+cUhcS5AE6NveqHpK7ldU945q2P4hUZMhOxx2wTCn7kXLuHdfD1DjJJ4jfHPgv
pnGPLDti05IjBA1Fq1hgydU0YS/Kw+O2kpibqyFzge8PifB9M8FCcYZlMrhTMb1Y
TLObDO0S6yI0OB9JES5rROHNpX46CTKzkjtOOkJlP55xe21xhTt9JzDdqc3TUxAi
8y2/NXpExFyoAPTF0VHuXYKdzaNs4+/j+3ww7+IzBG2oUlBYs71RszlxckaxbZD8
eDC2UQcmvTFSl06IvLm4wFSljuV/ezkDsJYgdCZGedvaX6+tlBJfv8L+kl57kaFg
Y8u34z3eChmd1buOcg0bGoJo6MIPsXI1G6ZjtEjbTLcP/XGyHed3eHlxSAwDesCp
XXIrv2Ynifz50UKDlVMs+3F42npC/qjXBwqVSY1SYBuZd1GqEgHuRw+/EZZpQQkT
ykbzFG1+nkjTkQSoab2nax5POQeARF3u+j1jgWq7j3mjOL9pRpTm4YAh6D77sGrO
K0bPr5I552Ct2PYfEDjsjWBZUQ0FGuIWrCcq1M2VBzPUuI9L7VgjoPtRd+jtg6D8
hpjRA9e9QOBEk9CsUmQPCnrdMJdXMTrR1cDQjNnGQQfl8KCOnMA=
=yrFS
-----END PGP SIGNATURE-----
Ivan Mitev
Sep 25, 2018, 8:52:59 AM9/25/18
to qubes...@googlegroups.com
Hi Sven,
On 9/24/18 9:16 PM, Sven Semmler wrote:
> On 9/16/18 9:28 AM, Ivan Mitev wrote:
>> Just curious - isn't it possible to open a link with
>> `qvm-open-in-dvm` in your ThunderbirdVM and tweak the
>> corresponding rpc service (qubes.OpenInVM) to open a whonix-dvm ?
>
> Yes it is, following the way you outlined for me here:
> https://groups.google.com/d/msg/qubes-devel/0CpN7ol1ZdM/0cBPvwc6CgAJ
Is it working with whonix too ? (that was the part of the post from John
S.Recdep I was replying too - I was wondering if there was a problem
specific to whonix dispVMs).
>
> When I click any link in my Thunderbird VM I get the Open in VM dialog
> that allows me to either choose a new disp VM or an already running /
> existing VM. Works perfect!
Happy to read that it's working well. I'll try to write a proper doc
with instructions over at QubesCommunity, I may ask you and Raffaele to
read-proof it when it's ready so that you spot mistakes and/or give
additional tips.
Cheers,
Ivan
>
> /Sven
>
On 9/24/18 9:16 PM, Sven Semmler wrote:
> On 9/16/18 9:28 AM, Ivan Mitev wrote:
>> Just curious - isn't it possible to open a link with
>> `qvm-open-in-dvm` in your ThunderbirdVM and tweak the
>> corresponding rpc service (qubes.OpenInVM) to open a whonix-dvm ?
>
> Yes it is, following the way you outlined for me here:
> https://groups.google.com/d/msg/qubes-devel/0CpN7ol1ZdM/0cBPvwc6CgAJ
S.Recdep I was replying too - I was wondering if there was a problem
specific to whonix dispVMs).
>
> When I click any link in my Thunderbird VM I get the Open in VM dialog
> that allows me to either choose a new disp VM or an already running /
> existing VM. Works perfect!
with instructions over at QubesCommunity, I may ask you and Raffaele to
read-proof it when it's ready so that you spot mistakes and/or give
additional tips.
Cheers,
Ivan
>
> /Sven
>
Sven Semmler
Sep 25, 2018, 8:56:09 AM9/25/18
to qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
On 9/25/18 7:54 AM, Ivan Mitev wrote:
> Is it working with whonix too ? (that was the part of the post
> from John S.Recdep I was replying too - I was wondering if there
> was a problem specific to whonix dispVMs)
Works like a charm. Nothing special to consider at all.
> Is it working with whonix too ? (that was the part of the post
> from John S.Recdep I was replying too - I was wondering if there
> was a problem specific to whonix dispVMs)
/Sven
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAluqMT0ACgkQ2m4We49U
H7Z/FhAAuo0cv7/7vX1tyBtUxQYfA+jXvsNK+6BmudOOCWPeHHAIx9ULC5qP/HpS
l3LN7SKSS9/v77FNcs+AFoAzZeqmT6Om5b/CzwxzSqcsRom6aZypOhj02EFhznRW
BS9P243biIvIxjmrnSt+Nnma4ym90dZZ7BPWNdMQ/XpBUu97DiNG4Kk8f2yT7bg0
T3JpEDMfg8F2vMRq6gN67G3wGMFqtfe4Ji9XpRb6HK/ywz0cuiMpkkoByA9gPMiZ
aIbwfhYrGGVpJLo60uHsVhNpWpG23S6BP7wCCJZa3+jeFHL6HzACRwRxCVFVkxpy
udKgr3D7clI53eQx1EfgRiU7s7r2AG7DmOG2e55QNsjnuWoh+fhX8zV/qEO8IYT7
AbcJg7Ax9c5i9imTJ9kwEgx3Xz26mC4VS6v7cp37IRANZUoOtjtCK79dHFk9m3uN
lWAKQVr3cfoVYVd6I/ZG7768AX4G+x60nVmtdE23G1fnVo2+AKFKjbu6I+KET5er
MOq7P15/iJ5yB4XFZrso1Zmb6BJXcJQ5p8cmh5IKUKTL3mr6zncM0znstCFxMrdh
cd56qpK6yCmaTEiMzAtHjzPSJbigxUXupsQ7LDB9R5kT53SMSMs0d6S1lSwtZRNk
KNGlSvDUSnQt4/AvaZAeLK+fZEzNsEGRw7WGt+Lgd+Aec7dy/us=
=r71E
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages