Nintendo Switch Brew

Internet Browser: Difference between revisions

← Older edit
 
(10 intermediate revisions by the same user not shown)
Line 1: Line 1:
Nintendo Switch does not have a normal Internet Browser for user usage. However, there is multiple browser applets. It is the [https://web.archive.org/web/20170304075230/https://gl.access-company.com/news_event/archives/2017/170303/ NetFront NX] browser, which is based on Webkit.
Nintendo Switch does not have a normal Internet Browser for user usage. However, there is multiple browser applets. It is the [https://web.archive.org/web/20170304075230/https://gl.access-company.com/news_event/archives/2017/170303/ NetFront NX] browser, which is based on Webkit.


When linking the Nintendo Account with Facebook, the Facebook Auth website will open, offering a search box that can be used to browse the Internet ("LoginApplet"). Alternatively, it can be accessed with [https://gbatemp.net/threads/web-browser-kind-of-on-the-switch.463094/ custom DNS settings] which simulate a Wi-Fi login page ("WifiWebAuthApplet" for captive-portal).
When linking the Nintendo Account with Facebook, the Facebook Auth website will open, offering a search box that can be used to browse the Internet ("LoginApplet"). Alternatively, it can be accessed with custom DNS settings which simulate a Wi-Fi login page ([[#WifiWebAuthApplet|WifiWebAuthApplet]] for captive-portal).
 
At some point WebApplet started sending header "Upgrade-Insecure-Requests: 1" with all plain-HTTP requests (unknown whether other applets affected). This is only for server-use: plain-HTTP content and redirects to plain-HTTP URLs are still allowed (at least on S1).


== Known User Agent Strings ==
== Known User Agent Strings ==
Line 37: Line 39:
| [[10.0.0]]
| [[10.0.0]]
| Mozilla/5.0 (Nintendo Switch; <appletname>) AppleWebKit/606.4 (KHTML, like Gecko) NF/6.0.1.15.4 NintendoBrowser/5.1.0.20389
| Mozilla/5.0 (Nintendo Switch; <appletname>) AppleWebKit/606.4 (KHTML, like Gecko) NF/6.0.1.15.4 NintendoBrowser/5.1.0.20389
|-
| [[20.1.0]]-[[20.1.1]]
| Mozilla/5.0 (Nintendo Switch; <appletname>) AppleWebKit/613.0 (KHTML, like Gecko) NF/6.0.3.27.11 NintendoBrowser/5.1.0.35219
[S2] Mozilla/5.0 (Nintendo Switch; <appletname>) AppleWebKit/613.0 (KHTML, like Gecko) NF/7.0.3.8.11 NintendoBrowser/5.2.0.35483
|}
|}


The UA is generated with: "Mozilla/5.0 (Nintendo Switch; <appletname>) AppleWebKit/<webkitver> (KHTML, like Gecko) NF/<nfver0>.<nfver1>.<nfver2> NintendoBrowser/5.<ninver0>.<ninver1>.<ninver2>"
The UA is generated with: "Mozilla/5.0 (Nintendo Switch; <appletname>) AppleWebKit/<webkitver> (KHTML, like Gecko) NF/<nfver0>.<nfver1>.<nfver2> NintendoBrowser/5.<ninver0>.<ninver1>.<ninver2>"
The full UA for Switch and Switch 2 are similar, on matching system-versions. The NF and NintendoBrowser versions are newer for S2 however.


== Browser Applets ==
== Browser Applets ==
Line 47: Line 55:
! Invalid TLS cert handling
! Invalid TLS cert handling
! Uses whitelist
! Uses whitelist
! Title ID
! [[Applet_Manager_services#AppletId|AppletId]]
! Notes
! Notes
|-
|-
Line 54: Line 62:
| Displays an error dialog without an option to ignore it.
| Displays an error dialog without an option to ignore it.
| Yes
| Yes
| 010000000000100A
| 0x13
|  
|  
|-
|-
Line 61: Line 69:
| Just displays an error-code.
| Just displays an error-code.
| Yes
| Yes
| 010000000000100B
| 0x14
|  
|  
|-
|-
Line 68: Line 76:
|  
|  
|  
|  
| 010000000000100F
| 0x17
|  
|  
|-
|-
Line 75: Line 83:
| Just displays an error-code.
| Just displays an error-code.
| Yes
| Yes
| 0100000000001010
| 0x18
|  
|  
|-
|-
Line 82: Line 90:
| Just displays an error-code.
| Just displays an error-code.
| Yes
| Yes
| 0100000000001010
| 0x18
|  
|  
|-
|-
Line 89: Line 97:
| Just displays an error-code.
| Just displays an error-code.
| Yes
| Yes
| 0100000000001010
| 0x18
|  
|  
|-
|-
Line 96: Line 104:
|  
|  
|  
|  
| 0100000000001010
| 0x18
|  
|  
|-
|-
Line 103: Line 111:
| Displays an error dialog with an option to ignore it.
| Displays an error dialog with an option to ignore it.
| No
| No
| 0100000000001011
| 0x19
|  
|  
|}
|}
Line 111: Line 119:
No known applets can directly access the SD card via mounting it. This includes ShareApplet (which posts screenshots from SD to social media).
No known applets can directly access the SD card via mounting it. This includes ShareApplet (which posts screenshots from SD to social media).


== OSS ==
== BrowserDll ==
The NROs for the OSS are stored under a separate [[Title_list|title]]. All of the web-applets use the same OSS NROs via this title.
The NROs for the OSS are stored under the BrowserDll [[Title_list|SystemData]]. All of the web-applets use the same OSS NROs via this SystemData.


String from v2.0 in oss_wkc.nro: "libcurl/7.50.1".
String from v2.0 in oss_wkc.nro: "libcurl/7.50.1".
Almost all RomFs data for the web-applets is stored here.
S2 has the following changes for BrowserDll, compared to S1:
* Various data under "/browser/" was updated.
** Also, the following was added under "/browser/": "icudt62l.dat.lz4", "UserCssNxCompatibleLineHeight.dat".
* "/buildinfo/buildinfo.dat" differ.
* Added "/font/nintendo_private_ext.bfttf".
* Updated "/gfxShader/BrowserOffscreenDrawer.bnsh", added "/gfxShader/MediaPlayerCcDrawer.bnsh", updated "/gfxShader/MediaPlayerDrawer.bnsh".
* The contents of UrlBlackList were moved here to "/". These are the following:
** "listCommon.txt", "listEcChina.txt", "listEcGlobal.txt", "listIframe.txt", "listLnsChina.txt", "listLnsGlobal.txt", "listWebYouTubePlayerCommon.txt"
** These are identical except for "listLnsGlobal.txt", which adds a newline at end-of-file.
* Removed "/lyt/".
* The various localization data under "/message/" was updated, etc.
* "/nro/netfront/core_0/default":
** "cfi_disabled/" is now "cfi_enabled/".
* "/nro/netfront/core_3/":
** "default/" is now "mse/".
* Removed "/shader/".
* Moved "/sound/" from SystemData into the applet RomFs, with filename/content being updated.
* Added "/ui/".


== Video Playback ==
== Video Playback ==
Line 132: Line 161:


The conntest URL from [[#WebWifiPageArg]] is used to poll whether the connection is usable, with the SDK [[libcurl]].
The conntest URL from [[#WebWifiPageArg]] is used to poll whether the connection is usable, with the SDK [[libcurl]].
In later versions the above domain was replaced with [[Network|ctest.{...}]].


==Whitelisted Applets==
==Whitelisted Applets==
Line 208: Line 239:
Minus TIDs, the [[NPDM]] is the same as 010000000000100A except 010000000000100A has access to more/other services.
Minus TIDs, the [[NPDM]] is the same as 010000000000100A except 010000000000100A has access to more/other services.


== Service/FS Access ==
== [[NPDM]] ==
All browser applets have access to the following services: acc:u1, appletAE, audin:u, audren:u, audout:u, bsd:u, fatal:u, fsp-srv, hid, hid:sys, irs, ldn:m, ldr:ro, lm, erpt:c, nifm:s, ns:am, nsd:u, nvdrv:a, mm:u, pl:u, prepo:s, set, set:sys, sfdnsres, ssl, time:u, vi:s
All web-applets have access to the following services: acc:u1, appletAE, audin:u, audout:u, audren:u, [7.0.0+] banana, bsd:u, bsdcfg, [12.1.0+] csrng, erpt:c, fatal:u, fsp-srv, hid, hid:sys, htc, htc:tenv, htcs, hwopus, irs, ldn:m, ldr:ro, lm, [9.1.0+] lp2p:m, mm:u, nifm:s, [3.0.0+] ns:vm, ns:am, nsd:u, nvdrv:a, pl:u, prepo:s, set, set:sys, sfdnsres, ssl, time:u, [1.0.0] tspm, vi:s
 
[3.0.0+] ns:am was replaced with ns:web.
 
[17.0.0+] htcs:sys access was added. [18.1.0+] htcs access was removed.
 
[19.0.0+] bsd:u was replaced with bsd:a.
 
WebApplet also has access to ntc. [3.0.0+] Added ntc access for Shop and LibAppletLns.
 
LibAppletLns has access to the above + caps:a. Also [13.1.0+] caps:ss, [13.1.0+] mnpp:web, [3.0.0+] pctl. [20.0.0+] ns:sweb is accessible instead of ns:web.
 
Shop also has access to [2.0.0+] nim:shp, [?+] <nowiki>news:c</nowiki>. Shop has access to ns:ec instead of ns:web.
 
Offline has access to nifm:u instead of nifm:s. Unlike the other applets, Offline doesn't have access to the following: ldn:m, lp2p:m, ssl.


LoginApplet/ShareApplet/LobbyApplet have access to the above + caps:a.
Unlike the other applets, LibAppletAuth doesn't have access to following: [3.0.0+] mm:u, [3.0.0+] ns:web.


ShopN has access to the above + nim:shp.
All web-applets have fs-permission [[NPDM|SystemSaveData]].


Unlike the applets listed above, WebApplet TID 010000000000100A has access to the [[Filesystem_services|FS]] MountContent* commands. This is so that it can load the whitelist from "/accessible-urls/accessible-urls.txt" in the mounted FS, from [[NCA]]-type4 where titleID={application which launched this applet}.
Unlike the applets listed above, WebApplet/Offline also have access to fs-permission [[NPDM|ApplicationInfo]]. This is so it can open the specified Manual content. With WebApplet this is used for loading the whitelist from "/accessible-urls/accessible-urls.txt" in the mounted content.


== Heap ==
== Heap ==
Line 224: Line 269:
The heap for the main-codebin (<code>malloc</code>/<code>operator new</code>) uses nn::lmem::*ExpHeap. [8.0.0+] <code>malloc</code>/<code>operator new</code> now checks the return-addr (addr located in a relevant NRO), with wkc_malloc_crashonfailure being called for the allocation if the check passes, otherwise a normal allocation is done (the code which runs for this will Abort if allocation fails).
The heap for the main-codebin (<code>malloc</code>/<code>operator new</code>) uses nn::lmem::*ExpHeap. [8.0.0+] <code>malloc</code>/<code>operator new</code> now checks the return-addr (addr located in a relevant NRO), with wkc_malloc_crashonfailure being called for the allocation if the check passes, otherwise a normal allocation is done (the code which runs for this will Abort if allocation fails).


<code>malloc</code> passes the input size directly to the called func. <code>operator new</code> when handling normal non-wkc allocations passes the following to the called func: <code>sxtw x1, {inw0}</code> (for wkc allocations the size is passed directly).
<code>malloc</code> passes the input size directly to the called func. <code>operator new</code> when handling normal non-wkc allocations passes the following to the called func: <code>sxtw x1, {inw0}</code> (for wkc allocations the size is passed directly). [12.1.0+] The size is now passed directly (64bit) without using sxtw.


[11.0.0+] There's now optional code for using [[SVC|svcMapPhysicalMemoryUnsafe]] etc, however it's unknown what sets the flag for this. An Abort string used this is: "{path}/TransferredMemoryManager.cpp"
[11.0.0+] There's now optional code for using [[SVC|svcMapPhysicalMemoryUnsafe]] etc, however it's unknown what sets the flag for this. An Abort string used this is: "{path}/TransferredMemoryManager.cpp"
Line 925: Line 970:
|-
|-
| [11.0.0+]
| [11.0.0+]
| Web
|  
| 0x44
| 0x44
| 0x1
| 0x1
Line 942: Line 987:
[6.0.0+] <code>AddAlbumEntryAndMediaData</code> was added:
[6.0.0+] <code>AddAlbumEntryAndMediaData</code> was added:
* Looks for AlbumEntry{N} TLVs, when a TLV is not found it is written, then the associated AdditionalMediaData{N} TLV is written the same way as AdditionalMediaData0. If all AlbumEntry{N} TLVs already exist, this returns without writing anything.
* Looks for AlbumEntry{N} TLVs, when a TLV is not found it is written, then the associated AdditionalMediaData{N} TLV is written the same way as AdditionalMediaData0. If all AlbumEntry{N} TLVs already exist, this returns without writing anything.
TransferMemoryEnabled: sdknso only exposes this for the Web applet. The sdknso func uses <code>nn::os::QueryMemoryInfo</code> at the start of the func, however the output is unused. The applet doesn't seem to parse this TLV.


==== Output TLVs ====
==== Output TLVs ====
Retrieved from "https://switchbrew.org/wiki/Internet_Browser"