Hide the crypto keys from the hash
This commit is contained in:
yflory
parent
e3f5c89333
commit
0ad96e0966
@ -60,6 +60,18 @@ var factory = function (Util, Crypto, Nacl) {
|
|||||||
return '/2/' + secret.type + '/view/' + Crypto.b64RemoveSlashes(data.viewKeyStr) + '/' + pass;
|
return '/2/' + secret.type + '/view/' + Crypto.b64RemoveSlashes(data.viewKeyStr) + '/' + pass;
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
Hash.getHiddenHashFromKeys = function (type, secret, opts) {
|
||||||
|
var mode = (secret.keys && secret.keys.editKeyStr) ? 'edit' : 'view';
|
||||||
|
var pass = secret.password ? 'p/' : '';
|
||||||
|
var hash = '/2/' + secret.type + '/' + mode + '/' + secret.channel + '/' + pass;
|
||||||
|
var href = '/' + type + '/#' + hash;
|
||||||
|
var parsed = Hash.parsePadUrl(href);
|
||||||
|
if (parsed.hashData && parsed.hashData.getHash) {
|
||||||
|
return parsed.hashData.getHash(opts || {});
|
||||||
|
}
|
||||||
|
return hash;
|
||||||
|
};
|
||||||
|
|
||||||
var getFileHashFromKeys = Hash.getFileHashFromKeys = function (secret) {
|
var getFileHashFromKeys = Hash.getFileHashFromKeys = function (secret) {
|
||||||
var version = secret.version;
|
var version = secret.version;
|
||||||
var data = secret.keys;
|
var data = secret.keys;
|
||||||
@ -192,6 +204,13 @@ Version 1
|
|||||||
if (opts.present) { hash += 'present/'; }
|
if (opts.present) { hash += 'present/'; }
|
||||||
return hash;
|
return hash;
|
||||||
};
|
};
|
||||||
|
parsed.getOptions = function () {
|
||||||
|
return {
|
||||||
|
embed: parsed.embed,
|
||||||
|
present: parsed.present,
|
||||||
|
ownerKey: parsed.ownerKey
|
||||||
|
};
|
||||||
|
};
|
||||||
return parsed;
|
return parsed;
|
||||||
}
|
}
|
||||||
if (hashArr[1] && hashArr[1] === '2') { // Version 2
|
if (hashArr[1] && hashArr[1] === '2') { // Version 2
|
||||||
@ -221,6 +240,13 @@ Version 1
|
|||||||
if (opts.present) { hash += 'present/'; }
|
if (opts.present) { hash += 'present/'; }
|
||||||
return hash;
|
return hash;
|
||||||
};
|
};
|
||||||
|
parsed.getOptions = function () {
|
||||||
|
return {
|
||||||
|
embed: parsed.embed,
|
||||||
|
present: parsed.present,
|
||||||
|
ownerKey: parsed.ownerKey
|
||||||
|
};
|
||||||
|
};
|
||||||
return parsed;
|
return parsed;
|
||||||
}
|
}
|
||||||
return parsed;
|
return parsed;
|
||||||
@ -256,6 +282,13 @@ Version 1
|
|||||||
if (opts.present) { hash += 'present/'; }
|
if (opts.present) { hash += 'present/'; }
|
||||||
return hash;
|
return hash;
|
||||||
};
|
};
|
||||||
|
parsed.getOptions = function () {
|
||||||
|
return {
|
||||||
|
embed: parsed.embed,
|
||||||
|
present: parsed.present,
|
||||||
|
ownerKey: parsed.ownerKey
|
||||||
|
};
|
||||||
|
};
|
||||||
return parsed;
|
return parsed;
|
||||||
}
|
}
|
||||||
return parsed;
|
return parsed;
|
||||||
@ -309,6 +342,10 @@ Version 1
|
|||||||
url += '#' + hash;
|
url += '#' + hash;
|
||||||
return url;
|
return url;
|
||||||
};
|
};
|
||||||
|
ret.getOptions = function () {
|
||||||
|
if (!ret.hashData || !ret.hashData.getOptions) { return {}; }
|
||||||
|
return ret.hashData.getOptions();
|
||||||
|
};
|
||||||
|
|
||||||
if (!/^https*:\/\//.test(href)) {
|
if (!/^https*:\/\//.test(href)) {
|
||||||
idx = href.indexOf('/#');
|
idx = href.indexOf('/#');
|
||||||
@ -497,8 +534,9 @@ Version 1
|
|||||||
if (typeof(parsed.hashData.version) === "undefined") { return; }
|
if (typeof(parsed.hashData.version) === "undefined") { return; }
|
||||||
// pads and files should have a base64 (or hex) key
|
// pads and files should have a base64 (or hex) key
|
||||||
if (parsed.hashData.type === 'pad' || parsed.hashData.type === 'file') {
|
if (parsed.hashData.type === 'pad' || parsed.hashData.type === 'file') {
|
||||||
if (!parsed.hashData.key) { return; }
|
if (!parsed.hashData.key && !parsed.hashData.channel) { return; }
|
||||||
if (!/^[a-zA-Z0-9+-/=]+$/.test(parsed.hashData.key)) { return; }
|
if (parsed.hashData.key && !/^[a-zA-Z0-9+-/=]+$/.test(parsed.hashData.key)) { return; }
|
||||||
|
if (parsed.hashData.channel && !/^[a-f0-9]{32,34}$/.test(parsed.hashData.channel)) { return; }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
|
|||||||
@ -49,6 +49,12 @@ define([
|
|||||||
account: {},
|
account: {},
|
||||||
};
|
};
|
||||||
|
|
||||||
|
// Store the href in memory
|
||||||
|
// This is a placeholder value overriden in common.ready from sframe-common-outer
|
||||||
|
var currentPad = {
|
||||||
|
href: window.location.href
|
||||||
|
};
|
||||||
|
|
||||||
// COMMON
|
// COMMON
|
||||||
common.getLanguage = function () {
|
common.getLanguage = function () {
|
||||||
return Messages._languageUsed;
|
return Messages._languageUsed;
|
||||||
@ -374,7 +380,7 @@ define([
|
|||||||
|
|
||||||
|
|
||||||
common.getMetadata = function (cb) {
|
common.getMetadata = function (cb) {
|
||||||
var parsed = Hash.parsePadUrl(window.location.href);
|
var parsed = Hash.parsePadUrl(currentPad.href);
|
||||||
postMessage("GET_METADATA", parsed && parsed.type, function (obj) {
|
postMessage("GET_METADATA", parsed && parsed.type, function (obj) {
|
||||||
if (obj && obj.error) { return void cb(obj.error); }
|
if (obj && obj.error) { return void cb(obj.error); }
|
||||||
cb(null, obj);
|
cb(null, obj);
|
||||||
@ -394,7 +400,7 @@ define([
|
|||||||
|
|
||||||
common.setPadAttribute = function (attr, value, cb, href) {
|
common.setPadAttribute = function (attr, value, cb, href) {
|
||||||
cb = cb || function () {};
|
cb = cb || function () {};
|
||||||
href = Hash.getRelativeHref(href || window.location.href);
|
href = Hash.getRelativeHref(href || currentPad.href);
|
||||||
postMessage("SET_PAD_ATTRIBUTE", {
|
postMessage("SET_PAD_ATTRIBUTE", {
|
||||||
href: href,
|
href: href,
|
||||||
attr: attr,
|
attr: attr,
|
||||||
@ -405,7 +411,7 @@ define([
|
|||||||
});
|
});
|
||||||
};
|
};
|
||||||
common.getPadAttribute = function (attr, cb, href) {
|
common.getPadAttribute = function (attr, cb, href) {
|
||||||
href = Hash.getRelativeHref(href || window.location.href);
|
href = Hash.getRelativeHref(href || currentPad.href);
|
||||||
if (!href) {
|
if (!href) {
|
||||||
return void cb('E404');
|
return void cb('E404');
|
||||||
}
|
}
|
||||||
@ -505,7 +511,7 @@ define([
|
|||||||
};
|
};
|
||||||
|
|
||||||
common.saveAsTemplate = function (Cryptput, data, cb) {
|
common.saveAsTemplate = function (Cryptput, data, cb) {
|
||||||
var p = Hash.parsePadUrl(window.location.href);
|
var p = Hash.parsePadUrl(currentPad.href);
|
||||||
if (!p.type) { return; }
|
if (!p.type) { return; }
|
||||||
// PPP: password for the new template?
|
// PPP: password for the new template?
|
||||||
var hash = Hash.createRandomHash(p.type);
|
var hash = Hash.createRandomHash(p.type);
|
||||||
@ -543,7 +549,7 @@ define([
|
|||||||
var href = data.href;
|
var href = data.href;
|
||||||
|
|
||||||
var parsed = Hash.parsePadUrl(href);
|
var parsed = Hash.parsePadUrl(href);
|
||||||
var parsed2 = Hash.parsePadUrl(window.location.href);
|
var parsed2 = Hash.parsePadUrl(currentPad.href);
|
||||||
if(!parsed) { throw new Error("Cannot get template hash"); }
|
if(!parsed) { throw new Error("Cannot get template hash"); }
|
||||||
postMessage("INCREMENT_TEMPLATE_USE", href);
|
postMessage("INCREMENT_TEMPLATE_USE", href);
|
||||||
|
|
||||||
@ -601,7 +607,7 @@ define([
|
|||||||
var fileHost = Config.fileHost || window.location.origin;
|
var fileHost = Config.fileHost || window.location.origin;
|
||||||
var data = common.fromFileData;
|
var data = common.fromFileData;
|
||||||
var parsed = Hash.parsePadUrl(data.href);
|
var parsed = Hash.parsePadUrl(data.href);
|
||||||
var parsed2 = Hash.parsePadUrl(window.location.href);
|
var parsed2 = Hash.parsePadUrl(currentPad.href);
|
||||||
var hash = parsed.hash;
|
var hash = parsed.hash;
|
||||||
var name = data.title;
|
var name = data.title;
|
||||||
var secret = Hash.getSecrets('file', hash, data.password);
|
var secret = Hash.getSecrets('file', hash, data.password);
|
||||||
@ -660,7 +666,7 @@ define([
|
|||||||
|
|
||||||
// Forget button
|
// Forget button
|
||||||
common.moveToTrash = function (cb, href) {
|
common.moveToTrash = function (cb, href) {
|
||||||
href = href || window.location.href;
|
href = href || currentPad.href;
|
||||||
postMessage("MOVE_TO_TRASH", { href: href }, cb);
|
postMessage("MOVE_TO_TRASH", { href: href }, cb);
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -668,7 +674,7 @@ define([
|
|||||||
common.setPadTitle = function (data, cb) {
|
common.setPadTitle = function (data, cb) {
|
||||||
if (!data || typeof (data) !== "object") { return cb ('Data is not an object'); }
|
if (!data || typeof (data) !== "object") { return cb ('Data is not an object'); }
|
||||||
|
|
||||||
var href = data.href || window.location.href;
|
var href = data.href || currentPad.href;
|
||||||
var parsed = Hash.parsePadUrl(href);
|
var parsed = Hash.parsePadUrl(href);
|
||||||
if (!parsed.hash) { return cb ('Invalid hash'); }
|
if (!parsed.hash) { return cb ('Invalid hash'); }
|
||||||
data.href = parsed.getUrl({present: parsed.present});
|
data.href = parsed.getUrl({present: parsed.present});
|
||||||
@ -698,7 +704,7 @@ define([
|
|||||||
if (obj.error !== "EAUTH") { console.log("unable to set pad title"); }
|
if (obj.error !== "EAUTH") { console.log("unable to set pad title"); }
|
||||||
return void cb(obj.error);
|
return void cb(obj.error);
|
||||||
}
|
}
|
||||||
cb();
|
cb(null, obj);
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -755,6 +761,13 @@ define([
|
|||||||
cb(void 0, data);
|
cb(void 0, data);
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
// Get data about a given channel: use with hidden hashes
|
||||||
|
common.getPadDataFromChannel = function (obj, cb) {
|
||||||
|
if (!obj || !obj.channel || !obj.edit) { return void cb('EINVAL'); }
|
||||||
|
postMessage("GET_PAD_DATA_FROM_CHANNEL", obj, function (data) {
|
||||||
|
cb(void 0, data);
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
// Admin
|
// Admin
|
||||||
@ -1608,7 +1621,7 @@ define([
|
|||||||
hashes = Hash.getHashes(secret);
|
hashes = Hash.getHashes(secret);
|
||||||
return void cb(null, hashes);
|
return void cb(null, hashes);
|
||||||
}
|
}
|
||||||
var parsed = Hash.parsePadUrl(window.location.href);
|
var parsed = Hash.parsePadUrl(currentPad.href);
|
||||||
if (!parsed.type || !parsed.hashData) { return void cb('E_INVALID_HREF'); }
|
if (!parsed.type || !parsed.hashData) { return void cb('E_INVALID_HREF'); }
|
||||||
hashes = Hash.getHashes(secret);
|
hashes = Hash.getHashes(secret);
|
||||||
|
|
||||||
@ -1679,7 +1692,7 @@ define([
|
|||||||
LocalStore.logout();
|
LocalStore.logout();
|
||||||
|
|
||||||
// redirect them to log in, and come back when they're done.
|
// redirect them to log in, and come back when they're done.
|
||||||
sessionStorage.redirectTo = window.location.href;
|
sessionStorage.redirectTo = currentPad.href;
|
||||||
window.location.href = '/login/';
|
window.location.href = '/login/';
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -1780,6 +1793,11 @@ define([
|
|||||||
|
|
||||||
return function (f, rdyCfg) {
|
return function (f, rdyCfg) {
|
||||||
rdyCfg = rdyCfg || {};
|
rdyCfg = rdyCfg || {};
|
||||||
|
|
||||||
|
if (rdyCfg.currentPad) {
|
||||||
|
currentPad = rdyCfg.currentPad;
|
||||||
|
}
|
||||||
|
|
||||||
if (initialized) {
|
if (initialized) {
|
||||||
return void setTimeout(function () { f(void 0, env); });
|
return void setTimeout(function () { f(void 0, env); });
|
||||||
}
|
}
|
||||||
|
|||||||
@ -9,6 +9,7 @@ define([
|
|||||||
var requireConfig = RequireConfig();
|
var requireConfig = RequireConfig();
|
||||||
|
|
||||||
// Loaded in load #2
|
// Loaded in load #2
|
||||||
|
var hash, href;
|
||||||
nThen(function (waitFor) {
|
nThen(function (waitFor) {
|
||||||
DomReady.onReady(waitFor());
|
DomReady.onReady(waitFor());
|
||||||
}).nThen(function (waitFor) {
|
}).nThen(function (waitFor) {
|
||||||
@ -19,6 +20,13 @@ define([
|
|||||||
};
|
};
|
||||||
window.rc = requireConfig;
|
window.rc = requireConfig;
|
||||||
window.apiconf = ApiConfig;
|
window.apiconf = ApiConfig;
|
||||||
|
|
||||||
|
// Hidden hash
|
||||||
|
hash = window.location.hash;
|
||||||
|
href = window.location.href;
|
||||||
|
if (window.history && window.history.replaceState) {
|
||||||
|
window.history.replaceState({}, window.document.title, '#');
|
||||||
|
}
|
||||||
document.getElementById('sbox-iframe').setAttribute('src',
|
document.getElementById('sbox-iframe').setAttribute('src',
|
||||||
ApiConfig.httpSafeOrigin + window.location.pathname + 'inner.html?' +
|
ApiConfig.httpSafeOrigin + window.location.pathname + 'inner.html?' +
|
||||||
requireConfig.urlArgs + '#' + encodeURIComponent(JSON.stringify(req)));
|
requireConfig.urlArgs + '#' + encodeURIComponent(JSON.stringify(req)));
|
||||||
@ -144,6 +152,8 @@ define([
|
|||||||
});
|
});
|
||||||
};
|
};
|
||||||
SFCommonO.start({
|
SFCommonO.start({
|
||||||
|
hash: hash,
|
||||||
|
href: href,
|
||||||
type: 'oo',
|
type: 'oo',
|
||||||
useCreationScreen: true,
|
useCreationScreen: true,
|
||||||
addData: addData,
|
addData: addData,
|
||||||
|
|||||||
@ -1016,8 +1016,12 @@ define([
|
|||||||
|
|
||||||
if (title.trim() === "") { title = UserObject.getDefaultName(p); }
|
if (title.trim() === "") { title = UserObject.getDefaultName(p); }
|
||||||
|
|
||||||
if (AppConfig.disableAnonymousStore && !store.loggedIn) { return void cb(); }
|
if (AppConfig.disableAnonymousStore && !store.loggedIn) {
|
||||||
if (p.type === "debug") { return void cb(); }
|
return void cb({ notStored: true });
|
||||||
|
}
|
||||||
|
if (p.type === "debug") {
|
||||||
|
return void cb({ notStored: true });
|
||||||
|
}
|
||||||
|
|
||||||
var channelData = Store.channels && Store.channels[channel];
|
var channelData = Store.channels && Store.channels[channel];
|
||||||
|
|
||||||
@ -1108,7 +1112,7 @@ define([
|
|||||||
postMessage(clientId, "AUTOSTORE_DISPLAY_POPUP", {
|
postMessage(clientId, "AUTOSTORE_DISPLAY_POPUP", {
|
||||||
autoStore: autoStore
|
autoStore: autoStore
|
||||||
});
|
});
|
||||||
return void cb();
|
return void cb({ notStored: true });
|
||||||
} else {
|
} else {
|
||||||
var roHref;
|
var roHref;
|
||||||
if (h.mode === "view") {
|
if (h.mode === "view") {
|
||||||
@ -1187,7 +1191,9 @@ define([
|
|||||||
});
|
});
|
||||||
cb(list);
|
cb(list);
|
||||||
};
|
};
|
||||||
// Get the first pad we can find in any of our managers and return its file data
|
|
||||||
|
// Get the first pad we can find in any of our drives and return its file data
|
||||||
|
// NOTE: This is currently only used for template: this won't search inside shared folders
|
||||||
Store.getPadData = function (clientId, id, cb) {
|
Store.getPadData = function (clientId, id, cb) {
|
||||||
var res = {};
|
var res = {};
|
||||||
getAllStores().some(function (s) {
|
getAllStores().some(function (s) {
|
||||||
@ -1199,6 +1205,31 @@ define([
|
|||||||
cb(res);
|
cb(res);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
Store.getPadDataFromChannel = function (clientId, obj, cb) {
|
||||||
|
var channel = obj.channel;
|
||||||
|
var edit = obj.edit;
|
||||||
|
var res;
|
||||||
|
var viewRes;
|
||||||
|
getAllStores().some(function (s) {
|
||||||
|
var chans = s.manager.findChannel(channel);
|
||||||
|
if (!Array.isArray(chans)) { return; }
|
||||||
|
return chans.some(function (pad) {
|
||||||
|
if (!pad || !pad.data) { return; }
|
||||||
|
var data = pad.data;
|
||||||
|
// We've found a match: return the value and stop the loops
|
||||||
|
if ((edit && data.href) || (!edit && data.roHref)) {
|
||||||
|
res = data;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
// We've found a weaker match: store it for now
|
||||||
|
if (edit && !viewRes && data.roHref) {
|
||||||
|
viewRes = data;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
// Call back with the best value we can get
|
||||||
|
cb(res || viewRes || {});
|
||||||
|
};
|
||||||
|
|
||||||
// Messaging (manage friends from the userlist)
|
// Messaging (manage friends from the userlist)
|
||||||
Store.answerFriendRequest = function (clientId, obj, cb) {
|
Store.answerFriendRequest = function (clientId, obj, cb) {
|
||||||
|
|||||||
@ -50,6 +50,7 @@ define([
|
|||||||
GET_TEMPLATES: Store.getTemplates,
|
GET_TEMPLATES: Store.getTemplates,
|
||||||
GET_SECURE_FILES_LIST: Store.getSecureFilesList,
|
GET_SECURE_FILES_LIST: Store.getSecureFilesList,
|
||||||
GET_PAD_DATA: Store.getPadData,
|
GET_PAD_DATA: Store.getPadData,
|
||||||
|
GET_PAD_DATA_FROM_CHANNEL: Store.getPadDataFromChannel,
|
||||||
GET_STRONGER_HASH: Store.getStrongerHash,
|
GET_STRONGER_HASH: Store.getStrongerHash,
|
||||||
INCREMENT_TEMPLATE_USE: Store.incrementTemplateUse,
|
INCREMENT_TEMPLATE_USE: Store.incrementTemplateUse,
|
||||||
GET_SHARED_FOLDER: Store.getSharedFolder,
|
GET_SHARED_FOLDER: Store.getSharedFolder,
|
||||||
|
|||||||
@ -8,6 +8,7 @@ define([
|
|||||||
], function (nThen, ApiConfig, DomReady, RequireConfig, SFCommonO) {
|
], function (nThen, ApiConfig, DomReady, RequireConfig, SFCommonO) {
|
||||||
var requireConfig = RequireConfig();
|
var requireConfig = RequireConfig();
|
||||||
|
|
||||||
|
var hash, href;
|
||||||
nThen(function (waitFor) {
|
nThen(function (waitFor) {
|
||||||
DomReady.onReady(waitFor());
|
DomReady.onReady(waitFor());
|
||||||
}).nThen(function (waitFor) {
|
}).nThen(function (waitFor) {
|
||||||
@ -18,6 +19,14 @@ define([
|
|||||||
};
|
};
|
||||||
window.rc = requireConfig;
|
window.rc = requireConfig;
|
||||||
window.apiconf = ApiConfig;
|
window.apiconf = ApiConfig;
|
||||||
|
|
||||||
|
// Hidden hash
|
||||||
|
hash = window.location.hash;
|
||||||
|
href = window.location.href;
|
||||||
|
if (window.history && window.history.replaceState) {
|
||||||
|
window.history.replaceState({}, window.document.title, '#');
|
||||||
|
}
|
||||||
|
|
||||||
document.getElementById('sbox-iframe').setAttribute('src',
|
document.getElementById('sbox-iframe').setAttribute('src',
|
||||||
ApiConfig.httpSafeOrigin + window.location.pathname + 'inner.html?' +
|
ApiConfig.httpSafeOrigin + window.location.pathname + 'inner.html?' +
|
||||||
requireConfig.urlArgs + '#' + encodeURIComponent(JSON.stringify(req)));
|
requireConfig.urlArgs + '#' + encodeURIComponent(JSON.stringify(req)));
|
||||||
@ -36,6 +45,8 @@ define([
|
|||||||
window.addEventListener('message', onMsg);
|
window.addEventListener('message', onMsg);
|
||||||
}).nThen(function (/*waitFor*/) {
|
}).nThen(function (/*waitFor*/) {
|
||||||
SFCommonO.start({
|
SFCommonO.start({
|
||||||
|
hash: hash,
|
||||||
|
href: href,
|
||||||
useCreationScreen: true,
|
useCreationScreen: true,
|
||||||
messaging: true
|
messaging: true
|
||||||
});
|
});
|
||||||
|
|||||||
@ -30,6 +30,11 @@ define([
|
|||||||
var password;
|
var password;
|
||||||
var initialPathInDrive;
|
var initialPathInDrive;
|
||||||
|
|
||||||
|
var currentPad = {
|
||||||
|
href: cfg.href || window.location.href,
|
||||||
|
hash: cfg.hash || window.location.hash
|
||||||
|
};
|
||||||
|
|
||||||
nThen(function (waitFor) {
|
nThen(function (waitFor) {
|
||||||
// Load #2, the loading screen is up so grab whatever you need...
|
// Load #2, the loading screen is up so grab whatever you need...
|
||||||
require([
|
require([
|
||||||
@ -134,11 +139,12 @@ define([
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
}), {
|
}), {
|
||||||
driveEvents: cfg.driveEvents
|
driveEvents: cfg.driveEvents,
|
||||||
|
currentPad: currentPad
|
||||||
});
|
});
|
||||||
}));
|
}));
|
||||||
}).nThen(function (waitFor) {
|
}).nThen(function (waitFor) {
|
||||||
if (!Utils.Hash.isValidHref(window.location.href)) {
|
if (!Utils.Hash.isValidHref(currentPad.href)) {
|
||||||
waitFor.abort();
|
waitFor.abort();
|
||||||
return void sframeChan.event('EV_LOADING_ERROR', 'INVALID_HASH');
|
return void sframeChan.event('EV_LOADING_ERROR', 'INVALID_HASH');
|
||||||
}
|
}
|
||||||
@ -171,11 +177,12 @@ define([
|
|||||||
});
|
});
|
||||||
}));
|
}));
|
||||||
} else {
|
} else {
|
||||||
var parsed = Utils.Hash.parsePadUrl(window.location.href);
|
var parsed = Utils.Hash.parsePadUrl(currentPad.href);
|
||||||
var todo = function () {
|
var todo = function () {
|
||||||
secret = Utils.secret = Utils.Hash.getSecrets(parsed.type, void 0, password);
|
secret = Utils.secret = Utils.Hash.getSecrets(parsed.type, parsed.hash, password);
|
||||||
Cryptpad.getShareHashes(secret, waitFor(function (err, h) {
|
Cryptpad.getShareHashes(secret, waitFor(function (err, h) {
|
||||||
hashes = h;
|
hashes = h;
|
||||||
|
/* XXX this won't happen again: we don't need to update the rendered hash
|
||||||
if (password && !parsed.hashData.password) {
|
if (password && !parsed.hashData.password) {
|
||||||
var ohc = window.onhashchange;
|
var ohc = window.onhashchange;
|
||||||
window.onhashchange = function () {};
|
window.onhashchange = function () {};
|
||||||
@ -183,6 +190,7 @@ define([
|
|||||||
window.onhashchange = ohc;
|
window.onhashchange = ohc;
|
||||||
ohc({reset: true});
|
ohc({reset: true});
|
||||||
}
|
}
|
||||||
|
*/
|
||||||
}));
|
}));
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -241,13 +249,13 @@ define([
|
|||||||
if (parsed.type === "file") {
|
if (parsed.type === "file") {
|
||||||
// `isNewChannel` doesn't work for files (not a channel)
|
// `isNewChannel` doesn't work for files (not a channel)
|
||||||
// `getFileSize` is not adapted to channels because of metadata
|
// `getFileSize` is not adapted to channels because of metadata
|
||||||
Cryptpad.getFileSize(window.location.href, password, function (e, size) {
|
Cryptpad.getFileSize(currentPad.href, password, function (e, size) {
|
||||||
next(e, size === 0);
|
next(e, size === 0);
|
||||||
});
|
});
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
// Not a file, so we can use `isNewChannel`
|
// Not a file, so we can use `isNewChannel`
|
||||||
Cryptpad.isNewChannel(window.location.href, password, next);
|
Cryptpad.isNewChannel(currentPad.href, password, next);
|
||||||
});
|
});
|
||||||
sframeChan.event("EV_PAD_PASSWORD", cfg);
|
sframeChan.event("EV_PAD_PASSWORD", cfg);
|
||||||
};
|
};
|
||||||
@ -257,7 +265,60 @@ define([
|
|||||||
var passwordCfg = {
|
var passwordCfg = {
|
||||||
value: ''
|
value: ''
|
||||||
};
|
};
|
||||||
|
|
||||||
|
// Hidden hash: can't find the channel in our drives: abort
|
||||||
|
var noPadData = function (err) {
|
||||||
|
console.error(err);
|
||||||
|
// XXX Display error screen in inner
|
||||||
|
};
|
||||||
|
// Hidden hash: can't find requestd edit URL in our drives: ask
|
||||||
|
var badPadData = function (cb) {
|
||||||
|
// If we requested edit but we only know view: ???
|
||||||
|
setTimeout(function () {
|
||||||
|
cb(true);
|
||||||
|
}); // XXX ask in inner?
|
||||||
|
};
|
||||||
|
|
||||||
|
var newHref;
|
||||||
nThen(function (w) {
|
nThen(function (w) {
|
||||||
|
if (!parsed.hashData.key && parsed.hashData.channel) {
|
||||||
|
Cryptpad.getPadDataFromChannel({
|
||||||
|
channel: parsed.hashData.channel,
|
||||||
|
edit: parsed.hashData.mode === 'edit'
|
||||||
|
}, w(function (err, res) {
|
||||||
|
// Error while getting data? abort
|
||||||
|
if (err || !res || res.error) {
|
||||||
|
w.abort();
|
||||||
|
return void noPadData(err || (!res ? 'EINVAL' : res.error));
|
||||||
|
}
|
||||||
|
// No data found? abort
|
||||||
|
if (!Object.keys(res).length) {
|
||||||
|
w.abort();
|
||||||
|
return void noPadData('NO_RESULT');
|
||||||
|
}
|
||||||
|
// Data found but weaker? warn
|
||||||
|
if (parsed.hashData.mode === 'edit' && !res.href) {
|
||||||
|
return void badPadData(w(function (load) {
|
||||||
|
if (!load) {
|
||||||
|
w.abort();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
newHref = res.roHref;
|
||||||
|
}));
|
||||||
|
}
|
||||||
|
// We have good data, keep the hash in memory
|
||||||
|
newHref = res.href;
|
||||||
|
}));
|
||||||
|
}
|
||||||
|
}).nThen(function (w) {
|
||||||
|
if (newHref) {
|
||||||
|
// Get the options (embed, present, etc.) of the hidden hash
|
||||||
|
// Use the same options in the full hash
|
||||||
|
var opts = parsed.getOptions();
|
||||||
|
parsed = Utils.Hash.parsePadUrl(newHref);
|
||||||
|
currentPad.href = parsed.getUrl(opts);
|
||||||
|
currentPad.hash = parsed.hashData && parsed.hashData.getHash(opts);
|
||||||
|
}
|
||||||
Cryptpad.getPadAttribute('title', w(function (err, data) {
|
Cryptpad.getPadAttribute('title', w(function (err, data) {
|
||||||
stored = (!err && typeof (data) === "string");
|
stored = (!err && typeof (data) === "string");
|
||||||
}));
|
}));
|
||||||
@ -273,7 +334,7 @@ define([
|
|||||||
if (parsed.type === "file") {
|
if (parsed.type === "file") {
|
||||||
// `isNewChannel` doesn't work for files (not a channel)
|
// `isNewChannel` doesn't work for files (not a channel)
|
||||||
// `getFileSize` is not adapted to channels because of metadata
|
// `getFileSize` is not adapted to channels because of metadata
|
||||||
Cryptpad.getFileSize(window.location.href, password, w(function (e, size) {
|
Cryptpad.getFileSize(currentPad.href, password, w(function (e, size) {
|
||||||
if (size !== 0) { return void todo(); }
|
if (size !== 0) { return void todo(); }
|
||||||
// Wrong password or deleted file?
|
// Wrong password or deleted file?
|
||||||
askPassword(true, passwordCfg);
|
askPassword(true, passwordCfg);
|
||||||
@ -281,7 +342,7 @@ define([
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
// Not a file, so we can use `isNewChannel`
|
// Not a file, so we can use `isNewChannel`
|
||||||
Cryptpad.isNewChannel(window.location.href, password, w(function(e, isNew) {
|
Cryptpad.isNewChannel(currentPad.href, password, w(function(e, isNew) {
|
||||||
if (!isNew) { return void todo(); }
|
if (!isNew) { return void todo(); }
|
||||||
if (parsed.hashData.mode === 'view' && (password || !parsed.hashData.password)) {
|
if (parsed.hashData.mode === 'view' && (password || !parsed.hashData.password)) {
|
||||||
// Error, wrong password stored, the view seed has changed with the password
|
// Error, wrong password stored, the view seed has changed with the password
|
||||||
@ -305,10 +366,12 @@ define([
|
|||||||
}
|
}
|
||||||
}).nThen(function (waitFor) {
|
}).nThen(function (waitFor) {
|
||||||
// Check if the pad exists on server
|
// Check if the pad exists on server
|
||||||
if (!window.location.hash) { isNewFile = true; return; }
|
if (!currentPad.hash) { isNewFile = true; return; }
|
||||||
|
|
||||||
if (realtime) {
|
if (realtime) {
|
||||||
Cryptpad.isNewChannel(window.location.href, password, waitFor(function (e, isNew) {
|
// TODO we probably don't need to check again for password-protected pads
|
||||||
|
// (we use isNewChannel to test the password...)
|
||||||
|
Cryptpad.isNewChannel(currentPad.href, password, waitFor(function (e, isNew) {
|
||||||
if (e) { return console.error(e); }
|
if (e) { return console.error(e); }
|
||||||
isNewFile = Boolean(isNew);
|
isNewFile = Boolean(isNew);
|
||||||
}));
|
}));
|
||||||
@ -322,7 +385,7 @@ define([
|
|||||||
readOnly = false;
|
readOnly = false;
|
||||||
}
|
}
|
||||||
Utils.crypto = Utils.Crypto.createEncryptor(Utils.secret.keys);
|
Utils.crypto = Utils.Crypto.createEncryptor(Utils.secret.keys);
|
||||||
var parsed = Utils.Hash.parsePadUrl(window.location.href);
|
var parsed = Utils.Hash.parsePadUrl(currentPad.href);
|
||||||
var burnAfterReading = parsed && parsed.hashData && parsed.hashData.ownerKey;
|
var burnAfterReading = parsed && parsed.hashData && parsed.hashData.ownerKey;
|
||||||
if (!parsed.type) { throw new Error(); }
|
if (!parsed.type) { throw new Error(); }
|
||||||
var defaultTitle = Utils.UserObject.getDefaultName(parsed);
|
var defaultTitle = Utils.UserObject.getDefaultName(parsed);
|
||||||
@ -342,7 +405,7 @@ define([
|
|||||||
notifications = metaObj.user.notifications;
|
notifications = metaObj.user.notifications;
|
||||||
}));
|
}));
|
||||||
if (typeof(isTemplate) === "undefined") {
|
if (typeof(isTemplate) === "undefined") {
|
||||||
Cryptpad.isTemplate(window.location.href, waitFor(function (err, t) {
|
Cryptpad.isTemplate(currentPad.href, waitFor(function (err, t) {
|
||||||
if (err) { console.log(err); }
|
if (err) { console.log(err); }
|
||||||
isTemplate = t;
|
isTemplate = t;
|
||||||
}));
|
}));
|
||||||
@ -368,7 +431,7 @@ define([
|
|||||||
upgradeURL: Cryptpad.upgradeURL
|
upgradeURL: Cryptpad.upgradeURL
|
||||||
},
|
},
|
||||||
isNewFile: isNewFile,
|
isNewFile: isNewFile,
|
||||||
isDeleted: isNewFile && window.location.hash.length > 0,
|
isDeleted: isNewFile && currentPad.hash.length > 0,
|
||||||
forceCreationScreen: forceCreationScreen,
|
forceCreationScreen: forceCreationScreen,
|
||||||
password: password,
|
password: password,
|
||||||
channel: secret.channel,
|
channel: secret.channel,
|
||||||
@ -487,7 +550,7 @@ define([
|
|||||||
});
|
});
|
||||||
|
|
||||||
sframeChan.on('Q_SET_LOGIN_REDIRECT', function (data, cb) {
|
sframeChan.on('Q_SET_LOGIN_REDIRECT', function (data, cb) {
|
||||||
sessionStorage.redirectTo = window.location.href;
|
sessionStorage.redirectTo = currentPad.href;
|
||||||
cb();
|
cb();
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -570,7 +633,16 @@ define([
|
|||||||
channel: secret.channel,
|
channel: secret.channel,
|
||||||
path: initialPathInDrive // Where to store the pad if we don't have it in our drive
|
path: initialPathInDrive // Where to store the pad if we don't have it in our drive
|
||||||
};
|
};
|
||||||
Cryptpad.setPadTitle(data, function (err) {
|
Cryptpad.setPadTitle(data, function (err, obj) {
|
||||||
|
if (!err && !(obj && obj.notStored)) {
|
||||||
|
// Pad is stored: hide the hash
|
||||||
|
var opts = parsed.getOptions();
|
||||||
|
var hash = Utils.Hash.getHiddenHashFromKeys(parsed.type, secret, opts);
|
||||||
|
if (window.history && window.history.replaceState) {
|
||||||
|
if (!/^#/.test(hash)) { hash = '#' + hash; }
|
||||||
|
window.history.replaceState({}, window.document.title, hash);
|
||||||
|
}
|
||||||
|
}
|
||||||
cb({error: err});
|
cb({error: err});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
@ -580,6 +652,9 @@ define([
|
|||||||
});
|
});
|
||||||
|
|
||||||
sframeChan.on('EV_SET_HASH', function (hash) {
|
sframeChan.on('EV_SET_HASH', function (hash) {
|
||||||
|
// In this case, we want to set the hash for the next page reload
|
||||||
|
// This hash is a category for the sidebar layout apps
|
||||||
|
// No need to store it in memory
|
||||||
window.location.hash = hash;
|
window.location.hash = hash;
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -801,15 +876,19 @@ define([
|
|||||||
|
|
||||||
// Present mode URL
|
// Present mode URL
|
||||||
sframeChan.on('Q_PRESENT_URL_GET_VALUE', function (data, cb) {
|
sframeChan.on('Q_PRESENT_URL_GET_VALUE', function (data, cb) {
|
||||||
var parsed = Utils.Hash.parsePadUrl(window.location.href);
|
var parsed = Utils.Hash.parsePadUrl(currentPad.href);
|
||||||
cb(parsed.hashData && parsed.hashData.present);
|
cb(parsed.hashData && parsed.hashData.present);
|
||||||
});
|
});
|
||||||
sframeChan.on('EV_PRESENT_URL_SET_VALUE', function (data) {
|
sframeChan.on('EV_PRESENT_URL_SET_VALUE', function (data) {
|
||||||
var parsed = Utils.Hash.parsePadUrl(window.location.href);
|
// Update the rendered hash and the full hash with the "present" settings
|
||||||
window.location.href = parsed.getUrl({
|
var opts = parsed.getOptions();
|
||||||
embed: parsed.hashData.embed,
|
opts.present = data;
|
||||||
present: data
|
// Full hash
|
||||||
});
|
currentPad.href = parsed.getUrl(opts);
|
||||||
|
if (parsed.hashData) { currentPad.hash = parsed.hashData.getHash(opts); }
|
||||||
|
// Rendered (maybe hidden) hash
|
||||||
|
var hiddenParsed = Utils.Hash.parsePadUrl(window.location.href);
|
||||||
|
window.location.href = hiddenParsed.getUrl(opts);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
@ -1011,7 +1090,7 @@ define([
|
|||||||
});
|
});
|
||||||
|
|
||||||
sframeChan.on('Q_BLOB_PASSWORD_CHANGE', function (data, cb) {
|
sframeChan.on('Q_BLOB_PASSWORD_CHANGE', function (data, cb) {
|
||||||
data.href = data.href || window.location.href;
|
data.href = data.href || currentPad.href;
|
||||||
var onPending = function (cb) {
|
var onPending = function (cb) {
|
||||||
sframeChan.query('Q_BLOB_PASSWORD_CHANGE_PENDING', null, function (err, obj) {
|
sframeChan.query('Q_BLOB_PASSWORD_CHANGE_PENDING', null, function (err, obj) {
|
||||||
if (obj && obj.cancel) { cb(); }
|
if (obj && obj.cancel) { cb(); }
|
||||||
@ -1027,12 +1106,12 @@ define([
|
|||||||
});
|
});
|
||||||
|
|
||||||
sframeChan.on('Q_OO_PASSWORD_CHANGE', function (data, cb) {
|
sframeChan.on('Q_OO_PASSWORD_CHANGE', function (data, cb) {
|
||||||
data.href = data.href || window.location.href;
|
data.href = data.href || currentPad.href;
|
||||||
Cryptpad.changeOOPassword(data, cb);
|
Cryptpad.changeOOPassword(data, cb);
|
||||||
});
|
});
|
||||||
|
|
||||||
sframeChan.on('Q_PAD_PASSWORD_CHANGE', function (data, cb) {
|
sframeChan.on('Q_PAD_PASSWORD_CHANGE', function (data, cb) {
|
||||||
data.href = data.href || window.location.href;
|
data.href = data.href || currentPad.href;
|
||||||
Cryptpad.changePadPassword(Cryptget, Crypto, data, cb);
|
Cryptpad.changePadPassword(Cryptget, Crypto, data, cb);
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -1234,7 +1313,11 @@ define([
|
|||||||
var startRealtime = function (rtConfig) {
|
var startRealtime = function (rtConfig) {
|
||||||
rtConfig = rtConfig || {};
|
rtConfig = rtConfig || {};
|
||||||
rtStarted = true;
|
rtStarted = true;
|
||||||
|
|
||||||
var replaceHash = function (hash) {
|
var replaceHash = function (hash) {
|
||||||
|
// XXX Always put the full hash here.
|
||||||
|
// The pad has just been created but is not stored yet. We'll switch
|
||||||
|
// to hidden hash once the pad is stored
|
||||||
if (window.history && window.history.replaceState) {
|
if (window.history && window.history.replaceState) {
|
||||||
if (!/^#/.test(hash)) { hash = '#' + hash; }
|
if (!/^#/.test(hash)) { hash = '#' + hash; }
|
||||||
window.history.replaceState({}, window.document.title, hash);
|
window.history.replaceState({}, window.document.title, hash);
|
||||||
@ -1250,7 +1333,7 @@ define([
|
|||||||
Cryptpad.padRpc.onReadyEvent.reg(function () {
|
Cryptpad.padRpc.onReadyEvent.reg(function () {
|
||||||
Cryptpad.burnPad({
|
Cryptpad.burnPad({
|
||||||
password: password,
|
password: password,
|
||||||
href: window.location.href,
|
href: currentPad.href,
|
||||||
channel: secret.channel,
|
channel: secret.channel,
|
||||||
ownerKey: burnAfterReading
|
ownerKey: burnAfterReading
|
||||||
});
|
});
|
||||||
@ -1265,7 +1348,7 @@ define([
|
|||||||
readOnly: readOnly,
|
readOnly: readOnly,
|
||||||
crypto: Crypto.createEncryptor(secret.keys),
|
crypto: Crypto.createEncryptor(secret.keys),
|
||||||
onConnect: function () {
|
onConnect: function () {
|
||||||
if (window.location.hash && window.location.hash !== '#') {
|
if (currentPad.hash && currentPad.hash !== '#') {
|
||||||
/*window.location = parsed.getUrl({
|
/*window.location = parsed.getUrl({
|
||||||
present: parsed.hashData.present,
|
present: parsed.hashData.present,
|
||||||
embed: parsed.hashData.embed
|
embed: parsed.hashData.embed
|
||||||
@ -1278,11 +1361,11 @@ define([
|
|||||||
};
|
};
|
||||||
|
|
||||||
nThen(function (waitFor) {
|
nThen(function (waitFor) {
|
||||||
if (isNewFile && cfg.owned && !window.location.hash) {
|
if (isNewFile && cfg.owned && !currentPad.hash) {
|
||||||
Cryptpad.getMetadata(waitFor(function (err, m) {
|
Cryptpad.getMetadata(waitFor(function (err, m) {
|
||||||
cpNfCfg.owners = [m.priv.edPublic];
|
cpNfCfg.owners = [m.priv.edPublic];
|
||||||
}));
|
}));
|
||||||
} else if (isNewFile && !cfg.useCreationScreen && window.location.hash) {
|
} else if (isNewFile && !cfg.useCreationScreen && currentPad.hash) {
|
||||||
console.log("new file with hash in the address bar in an app without pcs and which requires owners");
|
console.log("new file with hash in the address bar in an app without pcs and which requires owners");
|
||||||
sframeChan.onReady(function () {
|
sframeChan.onReady(function () {
|
||||||
sframeChan.query("EV_LOADING_ERROR", "DELETED");
|
sframeChan.query("EV_LOADING_ERROR", "DELETED");
|
||||||
@ -1309,11 +1392,13 @@ define([
|
|||||||
var ohc = window.onhashchange;
|
var ohc = window.onhashchange;
|
||||||
window.onhashchange = function () {};
|
window.onhashchange = function () {};
|
||||||
window.location.hash = newHash;
|
window.location.hash = newHash;
|
||||||
|
currentPad.hash = newHash;
|
||||||
|
currentPad.href = '/' + parsed.type + '/#' + newHash;
|
||||||
window.onhashchange = ohc;
|
window.onhashchange = ohc;
|
||||||
ohc({reset: true});
|
ohc({reset: true});
|
||||||
|
|
||||||
// Update metadata values and send new metadata inside
|
// Update metadata values and send new metadata inside
|
||||||
parsed = Utils.Hash.parsePadUrl(window.location.href);
|
parsed = Utils.Hash.parsePadUrl(currentPad.href);
|
||||||
defaultTitle = Utils.UserObject.getDefaultName(parsed);
|
defaultTitle = Utils.UserObject.getDefaultName(parsed);
|
||||||
hashes = Utils.Hash.getHashes(secret);
|
hashes = Utils.Hash.getHashes(secret);
|
||||||
readOnly = false;
|
readOnly = false;
|
||||||
|
|||||||
@ -9,6 +9,7 @@ define([
|
|||||||
var requireConfig = RequireConfig();
|
var requireConfig = RequireConfig();
|
||||||
|
|
||||||
// Loaded in load #2
|
// Loaded in load #2
|
||||||
|
var hash, href;
|
||||||
nThen(function (waitFor) {
|
nThen(function (waitFor) {
|
||||||
DomReady.onReady(waitFor());
|
DomReady.onReady(waitFor());
|
||||||
}).nThen(function (waitFor) {
|
}).nThen(function (waitFor) {
|
||||||
@ -19,6 +20,14 @@ define([
|
|||||||
};
|
};
|
||||||
window.rc = requireConfig;
|
window.rc = requireConfig;
|
||||||
window.apiconf = ApiConfig;
|
window.apiconf = ApiConfig;
|
||||||
|
|
||||||
|
// Hidden hash
|
||||||
|
hash = window.location.hash;
|
||||||
|
href = window.location.href;
|
||||||
|
if (window.history && window.history.replaceState) {
|
||||||
|
window.history.replaceState({}, window.document.title, '#');
|
||||||
|
}
|
||||||
|
|
||||||
document.getElementById('sbox-iframe').setAttribute('src',
|
document.getElementById('sbox-iframe').setAttribute('src',
|
||||||
ApiConfig.httpSafeOrigin + '/poll/inner.html?' + requireConfig.urlArgs +
|
ApiConfig.httpSafeOrigin + '/poll/inner.html?' + requireConfig.urlArgs +
|
||||||
'#' + encodeURIComponent(JSON.stringify(req)));
|
'#' + encodeURIComponent(JSON.stringify(req)));
|
||||||
@ -37,6 +46,8 @@ define([
|
|||||||
window.addEventListener('message', onMsg);
|
window.addEventListener('message', onMsg);
|
||||||
}).nThen(function (/*waitFor*/) {
|
}).nThen(function (/*waitFor*/) {
|
||||||
SFCommonO.start({
|
SFCommonO.start({
|
||||||
|
hash: hash,
|
||||||
|
href: href,
|
||||||
useCreationScreen: true,
|
useCreationScreen: true,
|
||||||
messaging: true
|
messaging: true
|
||||||
});
|
});
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user