Chromium 設定

提供: ArchWiki
2015年2月16日 (月) 12:05時点におけるKusakata (トーク | 投稿記録)による版 (ページの作成:「Category:ウェブブラウザ en:Chromium tweaks zh-CN:Chromium Tips and Tweaks {{Related articles start}} {{Related|Chromium}} {{Related|Firefox 設定}} {{...」)
(差分) ← 古い版 | 最新版 (差分) | 新しい版 → (差分)
ナビゲーションに移動 検索に移動

関連記事

ブラウズのエクスペリエンス

chrome://xxx

A number of tweaks can be accessed via typing chrome://xxx in the URL field. A complete list is available by typing chrome://chrome-urls into the URL field. Some of note are listed below:

  • chrome://flags - access experimental features such as WebGL and rendering webpages with GPU, etc.
  • chrome://plugins - view, enable and disable the currently used Chromium plugins.
  • chrome://gpu - status of different GPU options.
  • chrome://sandbox - indicate sandbox status.
  • chrome://version - display version and switches used to invoke the active /usr/bin/chromium.

An automatically updated, complete listing of Chromium switches is available here.

ダウンロードタブのアイコンが表示されない

If Chromium shows icon placeholders (icons representing broken documents) instead of appropriate icons in its download tab, the likely cause is that the gnome-icon-theme package is not installed.

Chromium が Preferences ファイルを上書きしてしまう

If you enabled syncing with a Google Account, then Chromium will override any direct edits to the Preferences file found under $HOME/.config/chromium/Default/Preferences. To work around this, start Chromium with the --disable-sync-preferences switch: 

$ chromium --disable-sync-preferences

If Chromium is started in the background when you login in to your desktop environment, make sure the command your desktop environment uses is 

$ chromium --disable-sync-preferences --no-startup-window

検索エンジン

Make sites like wiki.archlinux.org and wikipedia.org easily searchable by first executing a search on those pages, then going to Settings > Search and click the Manage search engines.. button. From there, "Edit" the Wikipedia entry and change its keyword to "w" (or some other shortcut you prefer). Now searching Wikipedia for "Arch Linux" from the address bar is done simply by entering "w arch linux".

ノート: Google search is used automatically when typing something into the URL bar. A hard-coded keyword trigger is also available using the ? prefix.

Tmpfs

tmpfs にキャッシュ

ノート: Chromium actually keeps its cache directory separate from its browser profile directory.

To limit Chromium from writing its cache to a physical disk, one can define an alternative location via the --disk-cache-dir=/foo/bar flag: 

$ chromium --disk-cache-dir=/tmp/cache

Cache should be considered temporary and will not be saved after a reboot or hard lock.

Alternative way, in /etc/fstab: 

tmpfs	/home/<USER>/.cache	tmpfs	noatime,nodev,nosuid,size=400M	0	0
ノート: Adjust the size as needed and be careful. If the size is too large and you are using a sync daemon such as psd on a conventional HDD, it will likely result in very slow start-up times of your graphical system due to long sync back times of the daemon.

tmpfs にプロファイル

Relocate the browser profile to a tmpfs filesystem, including /tmp, or /dev/shm for improvements in application response as the entire profile is now stored in RAM.

Use an active profile management script for maximal reliability and ease of use.

profile-sync-daemonAUR is such a script and is directly available from the AUR. It symlinks and syncs the browser profile directories to RAM. Refer to the Profile-sync-daemon wiki article for additional information on it.

新しいブラウザインスタンスを起動

When you launch the browser, it first checks if another instance using the same profile is already running. If there is one, the new window is associated with the old instance. To prevent this, you can specifically ask the browser to run with a different profile. 

$ chromium --user-data-dir=<PATH TO A PROFILE>
ノート: It won't work if you specify a link or even a symlink to your regular chromium profile (typically ~/.config/chromium/Default). If you want to use the same profile as your current one for this new instance, first copy the folder ~/.config/chromium/Default to a directory of your choice, keeping the same Default name, and launch the browser using the following command by specifying the parent folder of the Default folder you have just copied.

For example, if you copied the Default folder to ~/Downloads 

$ chromium --user-data-dir=~/Downloads

torrent クライアントで *.torrent ファイルやマグネットリンクを直接開く

By default, Chromium downloads *.torrent files directly and you need to click the notification from the bottom left corner of the screen in order for the file to be opened with your default torrent client. This can be avoided with the following method:

  • Download a *.torrent file.
  • Right click the notification displayed at the bottom left corner of the screen.
  • Check the "Always Open Files of This Type" checkbox.

For torrent magnet links to open with Deluge automatically when they are clicked, run the following commands:

ノート: If you would like to use Transmission instead of Deluge, you can use transmission-gtk.desktop here instead.
$ gvfs-mime --set x-scheme-handler/magnet deluge.desktop
$ xdg-mime default deluge.desktop x-scheme-handler/magnet

タッチスクリーンデバイスでタッチスクロール

Chrome and Chromium do not support touchscreen by default. There are a couple settings you can change in the 'flags' portion of chrome to potentially make it work for your device. This has been tested in chromium from the official repositories and google-chrome from the AUR.

  • Browse to chrome://flags and set everything to default. (You can skip if you want to)
  • Switch 'Enable Touch events' to Enabled. chrome://flags/#touch-events
  • Switch 'Touch Scrolling Mode' to sync-touchmove. chrome://flags/#touch-scrolling-mode
  • Restart chrome and touch scrolling should be working. If it does not, it is worth trying the other modes they have.

Known bugs:

  • Touch Scrolling sometimes stops working after resuming from suspend. Restarting the browser seems to fix it.
  • Touching tabs to switch to them is unstable. There is no known fix for this yet.
  • You may need to specify which touch device to use. Find your touchscreen device with xinput list then launch Chromium with the --touch-devices=x parameter where x is the id of your device.

システムトレイアイコンの無効化

Open the URL chrome://flags in the browser. Disable these flags:

  • enable-sync-synced-notifications
  • enable-google-now
  • device-discovery-notifications
  • enable-experimental-notification-ui (Chrome/Chromium 34 only)

Click the restart button at the bottom of the page.

プロファイルのメンテナンス

Chromium uses Sqlite databases to manage history and the like. Sqlite databases become fragmented over time and empty spaces appear all around. But, since there are no managing processes checking and optimizing the database, these factors eventually result in a performance hit. A good way to improve startup and some other bookmarks and history related tasks is to defragment and trim unused space from these databases.

profile-cleanerAUR and browser-vacuumAUR in the AUR do just this.

セキュリティ

安全でない RC4 暗号を無効化

Since a while RC4 is declared as insecure, but the cipher is still in Chrome present. You should disable the cipher in Chrome. This can be done by starting chrome from the command line with following option: 

/usr/bin/chromium --cipher-suite-blacklist=0x0001,0x0002,0x0004,0x0005,0x0017,0x0018,0xc002,0xc007,0xc00c,0xc011,0xc016,0xff80,0xff81,0xff82,0xff83

You can check for that on https://cc.dcsec.uni-hannover.de/ for the supported list if ciphers. Make sure to test it before and after you make the change.

To make the change persistent, you can modify the /etc/chromium/default and add the line above. To check, open the website mentioned before. A alternative is to grep inside of your process list for the keyword cipher.

External Information:

There is no cleaner way to disable. Also the source-code only show the right hexadecimal value for the single cipher. basic information with recommendation to disable RC4 on wikipedia RC4

German Blog showing to disable RC4 in common browsers.

ユーザーエージェント

By default Chromium already sends an excessively detailed User Agent, as is viewable via the EFF's Panopticlick test. That alone makes each browser readily identifiable with high accuracy — and is further exacerbated by the use of non-stable versions, ones not recently provided by Google's release channels, ones customized e.g. by a distribution.

However, this User Agent can be arbitrarily modified at the start of Chromium's base instance via its --user-agent="[string]" parameter.

For the same User Agent as the stable Chrome release for Linux i686 (at the time of writing the most popular Linux edition of Chrome) one would use: 

--user-agent="Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11"

An official, automatically updated listing of Chromium releases which also shows the included WebKit version is available as the OmahaProxy Viewer.

SSL 証明書

Chromium doesn't have a SSL certificate manager. It relies on the NSS Shared DB ~/.pki.nssdb. In order to add SSL certificates to the database, users will have to use the shell.

自己署名証明書の CAcert 証明書を追加

Grab the CAcerts and create a nssdb if one does not already exist. To do this, first install the nss package, then complete these steps: 

[[ ! -e $HOME/.pki/nssdb ]] && mkdir -p $HOME/.pki/nssdb && cd $HOME/.pki/nssdb && certutil -N -d sql:.
ノート: Users will need to create a password for the database should it not exist.
curl -k -o "cacert-root.crt" "http://www.cacert.org/certs/root.crt"
curl -k -o "cacert-class3.crt" "http://www.cacert.org/certs/class3.crt"
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "CAcert.org" -i cacert-root.crt 
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "CAcert.org Class 3" -i cacert-class3.crt
ノート: Users will need to create a password for the database should it not exist.

Now users may manually import a self-signed certificate.

例 1: Using a Shell Script Isolate the Certificate from TomatoUSB

Below is a simple script that will extract and add a certificate to the user's nssdb: 

#!/bin/sh
#
# usage:  import-cert.sh remote.host.name [port]
#
REMHOST=$1
REMPORT=${2:-443}
exec 6>&1
exec > $REMHOST
echo | openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "$REMHOST" -i $REMHOST 
exec 1>&6 6>&-

Syntax is advertised in the commented lines.

Reference:

例 2: Using Firefox to Isolate the Certificate from TomatoUSB

The firefox browser can used to save the certificate to a file for manunal import into the DB.

Using firefox:

  1. Browse to the target URL.
  2. Upon seeing the "This Connection is Untrusted" warning screen, click I understand the Risks>Add Exception...
  3. Click View>Details>Export and save the certificate to a temporary location (/tmp/easy.pem in this example).

Now import the certificate for use in Chromium: 

certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "easy" -i /tmp/easy.pem
ノート: Adjust the name to match that of the certificate. In the example above, "easy" is the name on the certificate.

Reference:

フラグを永続的に設定

You can export your flags from ~/.profile: 

export CHROMIUM_USER_FLAGS="--disk-cache-dir=/tmp --disk-cache-size=50000000"

Or add them to /etc/chromium/default: 

# Default settings for chromium. This file is sourced by /usr/bin/chromium
#
# Options to pass to chromium
CHROMIUM_FLAGS="--scroll-pixels=200"

Chromium will prefer the user defined flags in CHROMIUM_USER_FLAGS to those defined in /etc/chromium/default.

If you want to use CHROMIUM_USER_FLAGS and Pepperflash, you should add Chromium Pepperflash arguments to your ~/.profile file. 

pepperflash_version=`grep -i version /usr/lib/PepperFlash/manifest.json | awk '{print $2}' | awk -F"\"" '{print $2}'`
export CHROMIUM_USER_FLAGS="--ppapi-flash-path=/usr/lib/PepperFlash/libpepflashplayer.so --ppapi-flash-version=$pepperflash_version"

参照

https://wiki.archlinux.jp/index.php?title=Chromium_設定&oldid=2365」から取得