Here is attempt number 3, now with more complicated regular expressions:

#!/usr/bin/perl
# parse URL
($protocol,$host) = split /:\/\//, $ARGV[0];
($host,$port) = split /:/, $host;

# validate input
if ( $protocol !~ /^(telnet|ssh)$/ ||
   $host !~ /^[a-zA-Z0-9][a-zA-Z0-9.-]*$/ ||
   $port !~ /(^[a-zA-Z0-9][a-zA-Z0-9_-]*$|^$)/ ) {
        warn "Invalid URL";
        exit 1;
}

# if SSH, add -p argument
if ( $protocol eq "ssh" && $port != '' ) { $port = "-p $port" ; }

# call terminal emulator
exec("konsole --hold -e $protocol $host $port");
exit;

Your move, sir.

You can download an updated url-terminal script here. You can read the post that started this here.

Update 2010-08-27: don’t use this script either! See my next post for a better one.

#!/usr/bin/perl
# parse URL
($protocol,$host) = split /:\/\//, $ARGV[0];
($host,$port) = split /:/, $host;

# validate input
if ( $protocol !~ /^(telnet|ssh)$/ || $host !~ /^[a-zA-Z0-9.-]+$/ || $port !~ /(^[a-zA-Z0-9_-]+$|^$)/ ) {
        warn "Invalid URL";
        exit 1;
}

# if SSH, add -p argument
if ( $protocol eq "ssh" && $port != '' ) { $port = "-p $port" ; }

# call terminal emulator
exec("konsole --hold -e $protocol $host $port");
exit;

This script only accepts telnet:// and ssh:// URLs, where the host is a valid domain name and the port is a valid port (including text aliases like “smtp” from /etc/services). It passes SSH port arguments correctly and tells Konsole to stay open after the session terminates.

You can download a more advanced form of this script here.

As with most tinkering in firefox, start by typing “about:config” in the location bar. Right click and select “New”, then “Boolean”. Create two entries:

network.protocol-handler.expose.telnet = false
network.protocol-handler.expose.ssh = false

Now, click on a telnet or SSH URL, and Firefox will prompt you for the application to use. This application must handle the full URL as an argument. On Linux, the easiest solution is to choose /usr/bin/xdg-open. This will open the user’s preferred terminal, whether that is gnome-terminal, konsole, or xterm. You can use xdg-open to open almost any type of file or URL.

Alternatively, choose /usr/bin/putty, or use a simple script as follows. Edit the last line to call whatever application you prefer.

Update 2010-08-25: don’t use this script. See my next post for a better one.

#!/usr/bin/perl
# take URL of form telnet://target:port and call konsole

# get protocol and host
($proto,$addr) = split /:\/\//, $ARGV[0];

# convert "host:port" to "host port" (port is optional)
$addr =~ s/\:/\ /g;

`konsole -e $proto $addr\n`;

A bit of history, for the curious. You may find instructions online stating to create values like these:

network.protocol-handler.app.telnet = "/usr/bin/putty"
network.protocol-handler.warn-external.telnet = false

This is the old method, used in releases prior to Firefox 3.5. These settings are now ignored.

I regularly interact with hundreds of SSL-enabled devices as part of my job. I don’t allow HTTP or telnet interfaces to devices that support HTTPS or SSH. These devices usually have self-signed certificates, and it is not always convenient (or possible, with some devices) to replace them with certs signed by the company’s root CA. This wasn’t a problem when all I had to do was bypass one error dialog. But then Firefox replaced this dialog with an extremely annoying 5-step dance. I’m tired of it.

Enter New MitM Me, a Firefox plugin to restore the old SSL error behaviour. Now Firefox still displays the “This Connection is Untrusted” page. But when you click the “Add Exception…” button, that’s it, you’re done.

I do not recommend that the average user install this plugin. For a casual user, this increases the chance of being defrauded. But if you are like me, if you truly know what you are doing and want to save some time, install it.

Has anyone hacked this plugin to restrict its behaviour to specific IP ranges, or to allow me to choose temporary or permanent with just one click?

1. Add the Canonical partner repository.
   sudo add-apt-repository "deb http://archive.canonical.com/ lucid partner"
2. Install Sun Java JRE.
   sudo apt-get update
sudo apt-get install sun-java6-jre sun-java6-fonts sun-java6-plugin
3. Update system defaults to prefer Sun Java over OpenJDK.
   sudo update-alternatives --set java /usr/lib/jvm/java-6-sun/jre/bin/java
sudo update-alternatives --set javaws /usr/lib/jvm/java-6-sun/jre/bin/javaws
sudo update-alternatives --set mozilla-javaplugin.so /usr/lib/jvm/java-6-sun/jre/lib/*/libnpjp2.so
4. If that fails, manually choose them from a list. Always choose the option containing “java-6-sun”.
   sudo update-alternatives --config java
sudo update-alternatives --config javaws
sudo update-alternatives --config mozilla-javaplugin.so
5. Restart Firefox.

Oh, happy coffee-cup-clock progress bar, how I missed you!

I recommend you install Open With, a generic extension capable of opening the current page or selected link with any application. KDE users can simply open the extension preferences, select the “Manual Entries” tab, select “Add”, and enter “/usr/bin/konqueror”.

Why is this bad? For several reasons. One, it makes cross-site scripting attacks easier. Once you login to a web site that uses HTTP authentication, you’ll stay logged in. If you leave Firefox running for days, you’re vulnerable for days.

Two, suppose you want to login to the same site with different credentials. Perhaps you have both an admin account and a regular user account, and you want to switch between them. Or perhaps you are setting up a site and need to test another user’s login. The only way to do this with Firefox now (as of 3.0.13) is to completely quit the browser and restart.

Enter: the Web Developer extension. This is a great extension, but it has far more features than you’re likely to need. On the other hand, it is great for dissecting web sites, viewing table borders, and eliminating annoying CSS themes. And it has a way to clear HTTP authentication tokens.

Install the extension. If you prefer, hide the “Web Developer” tool bar. Now to log out of HTTP auth, navigate through the menus Tools -> Web Developer -> Miscellaneous -> Clear Private Data -> HTTP Authentication.

Warning: basic HTTP authentication is not secure. Digest HTTP authentication is better. You should only use either of these with HTTPS, so your transport is encrypted end to end.

Update 2009-11-25: Since upgrading to Firefox 3.5, you no longer need this extension to log out of HTTP auth. As noted in the comments below, go to Tools -> Clear Recent History -> Details, check only “Active Logins”, and then press “Clear Now”.

Today I discovered that someone has patched Gears to work with Firefox 64-bit, and released a precompiled installer. Warning: after installation, when Firefox restarts, you will see a warning that the plugin could not be installed (‘”Google Gears” could not be installed because it is not compatible with your Firefox build type (Linux_x86_64-gcc3). Please contact the author of this item about the problem.’). However, it is installed and works just fine. Unfortunately this message is repeated each time Firefox restarts.

I can now browse my admin page with Firefox in offline mode. Sniffing proves that not a byte is passing. Now I can write blog posts on planes, without having to use an offline text editor.

Update 2009-05-29: My old colleague from my days at Greenpeace, Niels Peen, now provides the latest version (5.21.0) with proper build tagging. So you will no longer see the warning about Linux_x86_64-gcc3 being the wrong build type. Thanks, Niels!

Update 2009-07-24: 5.31.0 and 5.32.0 are now available here, also with build instructions so you can do it yourself!

Just download and install the Jaunty versions of sun-java6-bin, sun-java6-jre, sun-java6-fonts, and sun-java6-plugin. Install them, and remove the old icedtea plugin if you have it:

sudo dpkg -i sun-java6-bin_6-13-1_amd64.deb sun-java6-fonts_6-13-1_all.deb sun-java6-jre_6-13-1_all.deb sun-java6-plugin_6-13-1_amd64.deb
sudo apt-get remove --purge icedtea-gcjwebplugin

Then restart Firefox and Sun java will load natively 64-bit. Check it:

tyler@baal:~$ java -version

java version "1.6.0_13"
Java(TM) SE Runtime Environment (build 1.6.0_13-b03)
Java HotSpot(TM) 64-Bit Server VM (build 11.3-b02, mixed mode)

I’ve included them in the repository.

Update 2009-07-16: A more recent version is now available in the hardy-updates repository. I have removed the above copy from my repo. Intrepid users should upgrade to jaunty anyway, but can still download packages directly.

I am fed up with the increasing obsolescence of Konqueror. It simply fails to deal with much of the Ajax bling and javascript doodads that are all over the web now. Facebook is nearly unusable, Slashdot has unusual formatting errors, and banking sites fail in odd ways. Compatibility changes daily as web developers tweak their javascript and CSS. Last month I switched back to Firefox.

Still there are times when I’m viewing a site in Firefox and want to switch to Konqueror. Konqueror has an easy “Open With” submenu, but no such thing exists for Firefox. Instead, everybody has written their own Firefox extension to support their personal choice of browser. Often with platform-specific requirements. And now I have too!

Behold, Open With Konqueror!

You’ll have to approve installations from my site to proceed. If you are the type of person that uses KDE, chances are you already know how to do that. I have also submitted it to addons.mozilla.org.

Credits: I copied this extension from IE View Lite by Grayson Mixon. I modified it in the following ways:

• Replace all references to IE with Konqueror in dialogs, variable, and extension names
• Include Konqueror icons from the Crystal SVG set in resolutions of 16×16 and 32×32
• Change the path of the browser to use to “/usr/bin/konqueror”, the default in Kubuntu