Tuesday, October 02, 2007

Safari for Windows & Proxies

Recent security vulnerability disclosures have demonstrated there is no such thing as a "secure browser".

Simply stated, they all suck.

The best defense against browser vulnerabilities is to patch constantly, disable all scripting, cross your fingers, shut off the computer, and watch TV. In that order.

There's not much you can do, but another approach is to rotate your browsers. Although it does happen occasionally, cross-browser vulnerabilities are somewhat rare (remember, you shut off Javascript in the last paragraph). So, if Internet Explorer users are getting hit, switch to FireFox. If FireFox users are getting hit, switch back to IE. If FireFox and IE are both getting hit, swicth to Opera.

In other words, it's good to have browser options.

One of those options is Apple Safari for Windows. Unfortunately (depending on your viewpoint), it's still in Beta testing, meaning it's probably going to have more bugs rather than less. Still, it is an option. One problem: Apple programmers don't like proxies (see below). This can be an issue if you're stuck in an Enterprise environment behind a corporate proxy.


You will note from the above screen capture that the proxy settings are grayed out and "Help" is no help at all. Presumably, this will be fixed when Safari gets out of beta, but what do you do for the time being?

It's no surprise Safari looks like FireFox. The common codebase is there. Safari is simply a gayer version of Mozilla and its bastard kindred. As such, old-timey Unix neckbeards (such as myself) know the secret to making it work: the http_proxy environment variable.

You can set this yourself if you right-click "My Computer", and choose "Properties->Advanced->Environment Variables".

There are three different variables you need to add: http_proxy, https_proxy, and ftp_proxy.

The format for each variable is usually the same:

http://[name:password@]ipaddress:port/

(For standard CERN type proxies, the URL always begins with "http" regardless of the proxied protocol. It never begins with "ftp" and seldom with "https".)

For example if your name was "dink" and your password was "utgod" and the proxy server's address was 10.1.1.1 and the port was 8080, your values would look like this:

http://dink:utgod@10.1.1.1:8080/

If your proxy does not require credentials you would simply use:

http://10.1.1.1:8080/

After adding and saving these environment variables, you should be ready to go with Safari. If your network admins are Nazis and they don't allow you to add environment variables, you can still open a cmd window, change to the Safari folder, add the variables at the command line, and start Safari from the command line. You will have to do this every time you want to run Safari.

Of course, if your admins are Nazis you probably don't have permission to install Safari in the first place.

No comments:

Post a Comment