web/cryptpad
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix hidden hash error with password change

Browse Source
This commit is contained in:
yflory 2020-02-06 13:58:27 +01:00
parent b8ee120b49
commit 086e500b8e
4 changed files with 25 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
www/common/common-hash.js
View File

@ -62,7 +62,9 @@ var factory = function (Util, Crypto, Nacl) {
}; };
Hash.getHiddenHashFromKeys = function (type, secret, opts) { Hash.getHiddenHashFromKeys = function (type, secret, opts) {
var mode = ((secret.keys && secret.keys.editKeyStr) || secret.key) ? 'edit/' : 'view/'; opts = opts || {};
var canEdit = (secret.keys && secret.keys.editKeyStr) || secret.key;
var mode = (!opts.view && canEdit) ? 'edit/' : 'view/';
var pass = secret.password ? 'p/' : ''; var pass = secret.password ? 'p/' : '';
if (secret.keys && secret.keys.fileKeyStr) { mode = ''; } if (secret.keys && secret.keys.fileKeyStr) { mode = ''; }

19
www/common/common-ui-elements.js
View File

@ -638,17 +638,26 @@ define([
: Messages.properties_passwordSuccessFile; : Messages.properties_passwordSuccessFile;
return void UI.alert(alertMsg, undefined, {force: true}); return void UI.alert(alertMsg, undefined, {force: true});
} }
// If we didn't have a password, we have to add the /p/
// If we had a password and we changed it to a new one, we just have to reload // Pad password changed: update the href
// If we had a password and we removed it, we have to remove the /p/ // Use hidden hash if needed (we're an owner of this pad so we know it is stored)
var useUnsafe = Util.find(priv, ['settings', 'security', 'unsafeLinks']);
var href = data.href || data.roHref;
if (!useUnsafe) {
var newParsed = Hash.parsePadUrl(href);
var newSecret = Hash.getSecrets(newParsed.type, newParsed.hash, newPass);
var newHash = Hash.getHiddenHashFromKeys(parsed.type, newSecret, {});
href = Hash.hashToHref(newHash, parsed.type);
}
if (data.warning) { if (data.warning) {
return void UI.alert(Messages.properties_passwordWarning, function () { return void UI.alert(Messages.properties_passwordWarning, function () {
common.gotoURL(hasPassword && newPass ? undefined : (data.href || data.roHref)); common.gotoURL(href);
}, {force: true}); }, {force: true});
} }
return void UI.alert(Messages.properties_passwordSuccess, function () { return void UI.alert(Messages.properties_passwordSuccess, function () {
if (!isSharedFolder) { if (!isSharedFolder) {
common.gotoURL(hasPassword && newPass ? undefined : (data.href || data.roHref)); common.gotoURL(href);
} }
}, {force: true}); }, {force: true});
}); });

7
www/common/cryptpad-common.js
View File

@ -1041,7 +1041,7 @@ define([
warning: warning, warning: warning,
hash: newHash, hash: newHash,
href: newHref, href: newHref,
roHref: newRoHref roHref: newRoHref,
}); });
}); });
}; };
@ -2121,7 +2121,10 @@ define([
var parsedNew = Hash.parsePadUrl(newHref); var parsedNew = Hash.parsePadUrl(newHref);
if (parsedOld.hashData && parsedNew.hashData && if (parsedOld.hashData && parsedNew.hashData &&
parsedOld.getUrl() !== parsedNew.getUrl()) { parsedOld.getUrl() !== parsedNew.getUrl()) {
if (!parsedOld.hashData.key) { oldHref = newHref; return; } if (parsedOld.hashData.version !== 3 && !parsedOld.hashData.key) {
oldHref = newHref;
return;
}
// If different, reload // If different, reload
document.location.reload(); document.location.reload();
return; return;

8
www/common/drive-ui.js
View File

@ -1044,11 +1044,9 @@ define([
// Get hidden hash // Get hidden hash
var parsed = Hash.parsePadUrl(href); var parsed = Hash.parsePadUrl(href);
var secret = Hash.getSecrets(parsed.type, parsed.hash, data.password); var secret = Hash.getSecrets(parsed.type, parsed.hash, data.password);
if (isRo && secret.keys && secret.keys.editKeyStr) { var opts = {};
delete secret.keys.editKeyStr; if (isRo) { opts.view = true; }
delete secret.key; var hash = Hash.getHiddenHashFromKeys(parsed.type, secret, opts);
}
var hash = Hash.getHiddenHashFromKeys(parsed.type, secret);
var hiddenHref = Hash.hashToHref(hash, parsed.type); var hiddenHref = Hash.hashToHref(hash, parsed.type);
window.open(APP.origin + hiddenHref); window.open(APP.origin + hiddenHref);
}; };