booru-viewer

pax/booru-viewer

Fork 0

Commit Graph

Author	SHA1	Message	Date
pax	ac3939ef61	mpv: fix video stutter on network streams cache_pause=no caused frame-wait-frame-wait on uncached videos because mpv kept playing through buffer underruns instead of pausing to refill. Flip to cache_pause=yes with a 2s resume threshold so playback is smooth after the initial buffer fill. Also: bump demuxer buffers (50→150MiB forward, add 75MiB back for backward seek without refetch), increase stream_buffer_size from default 128KiB to 4MiB to reduce syscall overhead, extend network timeout (10→30s) for slow CDNs, and set a browser-like user agent to avoid 403s from boorus that block mpv's default UA. behavior change	2026-04-11 19:51:56 -05:00
pax	4db7943ac7	security: fix #2 — apply lavf protocol whitelist via property API The previous attempt set ``demuxer_lavf_o`` as an init kwarg with a comma-laden ``protocol_whitelist=file,http,https,tls,tcp`` value. mpv rejected it with -7 OPT_FORMAT because python-mpv's init path goes through ``mpv_set_option_string``, which routes through mpv's keyvalue list parser — that parser splits on ``,`` to find entries, shredding the protocol list into orphan tokens. Backslash-escaping ``\,`` did not unescape on this code path either. Splits the option set into two helpers: - ``build_mpv_kwargs`` — init kwargs only (ytdl=no, load_scripts=no, POSIX input_conf null, all the existing playback/audio/network tuning). The lavf option is intentionally absent. - ``lavf_options`` — a dict applied post-construction via the python-mpv property API, which uses the node API and accepts dict values for keyvalue-list options without splitting on commas inside the value. Tests cover both paths: that ``demuxer_lavf_o`` is NOT in the init kwargs (regression guard), and that ``lavf_options`` returns the expected protocol set. Audit-Ref: SECURITY_AUDIT.md finding #2 Severity: High	2026-04-11 16:34:50 -05:00
pax	22744c48af	security: fix #2 — add pure mpv options builder helper Extracts the mpv.MPV() kwargs into a Qt-free pure function so the security-relevant options can be unit-tested on CI (which lacks PySide6 and libmpv). The builder embeds the audit #2 hardening — ytdl="no", load_scripts="no", and a lavf protocol whitelist of file,http,https,tls,tcp — alongside the existing playback tuning. Not yet wired into _MpvGLWidget; that lands in the next commit. Audit-Ref: SECURITY_AUDIT.md finding #2 Severity: High	2026-04-11 16:06:33 -05:00

Author

SHA1

Message

Date

pax

ac3939ef61

mpv: fix video stutter on network streams

cache_pause=no caused frame-wait-frame-wait on uncached videos
because mpv kept playing through buffer underruns instead of
pausing to refill. Flip to cache_pause=yes with a 2s resume
threshold so playback is smooth after the initial buffer fill.

Also: bump demuxer buffers (50→150MiB forward, add 75MiB back for
backward seek without refetch), increase stream_buffer_size from
default 128KiB to 4MiB to reduce syscall overhead, extend network
timeout (10→30s) for slow CDNs, and set a browser-like user agent
to avoid 403s from boorus that block mpv's default UA.

behavior change

2026-04-11 19:51:56 -05:00

pax

4db7943ac7

security: fix #2 — apply lavf protocol whitelist via property API

The previous attempt set ``demuxer_lavf_o`` as an init kwarg with a
comma-laden ``protocol_whitelist=file,http,https,tls,tcp`` value.
mpv rejected it with -7 OPT_FORMAT because python-mpv's init path
goes through ``mpv_set_option_string``, which routes through mpv's
keyvalue list parser — that parser splits on ``,`` to find entries,
shredding the protocol list into orphan tokens. Backslash-escaping
``\,`` did not unescape on this code path either.

Splits the option set into two helpers:

- ``build_mpv_kwargs`` — init kwargs only (ytdl=no, load_scripts=no,
  POSIX input_conf null, all the existing playback/audio/network
  tuning). The lavf option is intentionally absent.
- ``lavf_options`` — a dict applied post-construction via the
  python-mpv property API, which uses the node API and accepts
  dict values for keyvalue-list options without splitting on
  commas inside the value.

Tests cover both paths: that ``demuxer_lavf_o`` is NOT in the init
kwargs (regression guard), and that ``lavf_options`` returns the
expected protocol set.

Audit-Ref: SECURITY_AUDIT.md finding #2
Severity: High

2026-04-11 16:34:50 -05:00

pax

22744c48af

security: fix #2 — add pure mpv options builder helper

Extracts the mpv.MPV() kwargs into a Qt-free pure function so the
security-relevant options can be unit-tested on CI (which lacks
PySide6 and libmpv). The builder embeds the audit #2 hardening —
ytdl="no", load_scripts="no", and a lavf protocol whitelist of
file,http,https,tls,tcp — alongside the existing playback tuning.
Not yet wired into _MpvGLWidget; that lands in the next commit.

Audit-Ref: SECURITY_AUDIT.md finding #2
Severity: High

2026-04-11 16:06:33 -05:00

3 Commits