Update to 0.3.2:
This features a more robust ‘safemode’ toggle, including a navbar icon
showing that you are on the safe network exclusively. This can be toggled by clicking the icon, or going into the File
menu. This will reload all tabs upon toggle, blocking/enabling insecure (non safe) content.
Other minor changes include improved appveyor builds (only one link needed now!) and improved file naming.
Local Development
To aid local development the safejs now contains a polyfill for window.safeXXX
methods found in beaker, so you can more easily develop on localhost
or file
urls in the browser (where beaker’s safejs
methods are not available.). These methods will trigger calls to localhost:8100
in the browser, but allow you to use the same interface as if you were developing with the browser’s safe API methods.
This leads onto another problem, of cross-origin requests. For now you can also disable CORS checks via the Beaker Dev Menu
, this is an advanced feature that disables security checks on new tabs, so be aware you’re no longer safe if you use this. (This feature will only be available in dev mode once I’ve got the build scripts adapted.)
It’s worth noting though, that the best way to access the network is via the window.safe
methods (via the polyfill), as any cross origin ‘localhost’ calls will be blocked by the browser for users. Disabling security checks is purely a convenience for local development, do not rely on this for anything in production on the network.