infra
/
cryptpad
2
1
Fork 0
Code Issues Pull Requests Projects Releases 1 Activity

Clean secure iframe code

Browse Source
pull/1/head
yflory 7 years ago
parent 04a04aef2b
commit 0423a5f4e2
7 changed files with 221 additions and 217 deletions
Show Stats Download Patch File Download Diff File

8
www/code/inner.js
Unescape Escape View File

@ -256,7 +256,7 @@ define([
readOnly = metadataMgr.getPrivateData().readOnly;
var titleCfg = { getHeadingText: CodeMirror.getHeadingText };
Title = common.createTitle(titleCfg, config.onLocal, common);
Title = common.createTitle(titleCfg, config.onLocal);
var configTb = {
displayed: ['title', 'useradmin', 'spinner', 'share', 'userlist', 'newpad', 'limit'],
@ -369,7 +369,7 @@ define([
}
}
};
common.initFilePicker(common, fileDialogCfg);
common.initFilePicker(fileDialogCfg);
APP.$mediaTagButton = $('<button>', {
title: Messages.filePickerButton,
'class': 'cp-toolbar-rightside-button fa fa-picture-o',
@ -379,7 +379,7 @@ define([
types: ['file'],
where: ['root']
};
common.openFilePicker(common, pickerCfg);
common.openFilePicker(pickerCfg);
}).appendTo($rightside);
};
@ -489,7 +489,7 @@ define([
}
if (isNew) {
common.openTemplatePicker(common);
common.openTemplatePicker();
}
var fmConfig = {

5
www/common/sframe-common-file.js
Unescape Escape View File

@ -23,6 +23,11 @@ define([
}
};
module.uploadFile = function (common, data, cb) {
var sframeChan = common.getSframeChannel();
sframeChan.query('Q_UPLOAD_FILE', data, cb);
};
module.create = function (common, config) {
var File = {};
var Cryptpad = common.getCryptpadCommon();

172
www/common/sframe-common-interface.js
Unescape Escape View File

@ -22,6 +22,173 @@ define([
* - createDropdown
*/
UI.createButton = function (common, type, rightside, data, callback) {
var AppConfig = common.getAppConfig();
var button;
var size = "17px";
switch (type) {
case 'export':
button = $('<button>', {
'class': 'fa fa-download',
title: Messages.exportButtonTitle,
}).append($('<span>', {'class': 'cp-toolbar-drawer-element'}).text(Messages.exportButton));
button.click(common.prepareFeedback(type));
if (callback) {
button.click(callback);
}
break;
case 'import':
button = $('<button>', {
'class': 'fa fa-upload',
title: Messages.importButtonTitle,
}).append($('<span>', {'class': 'cp-toolbar-drawer-element'}).text(Messages.importButton));
if (callback) {
button
.click(common.prepareFeedback(type))
.click(Cryptpad.importContent('text/plain', function (content, file) {
callback(content, file);
}, {accept: data ? data.accept : undefined}));
}
break;
case 'upload':
button = $('<button>', {
'class': 'btn btn-primary new',
title: Messages.uploadButtonTitle,
}).append($('<span>', {'class':'fa fa-upload'})).append(' '+Messages.uploadButton);
if (!data.FM) { return; }
var $input = $('<input>', {
'type': 'file',
'style': 'display: none;'
}).on('change', function (e) {
var file = e.target.files[0];
var ev = {
target: data.target
};
if (data.filter && !data.filter(file)) {
Cryptpad.log('TODO: invalid avatar (type or size)');
return;
}
data.FM.handleFile(file, ev);
if (callback) { callback(); }
});
if (data.accept) { $input.attr('accept', data.accept); }
button.click(function () { $input.click(); });
break;
case 'template':
if (!AppConfig.enableTemplates) { return; }
button = $('<button>', {
title: Messages.saveTemplateButton,
}).append($('<span>', {'class':'fa fa-bookmark', style: 'font:'+size+' FontAwesome'}));
if (data.rt) {
button
.click(function () {
var title = data.getTitle() || document.title;
var todo = function (val) {
if (typeof(val) !== "string") { return; }
var toSave = data.rt.getUserDoc();
if (val.trim()) {
val = val.trim();
title = val;
try {
var parsed = JSON.parse(toSave);
var meta;
if (Array.isArray(parsed) && typeof(parsed[3]) === "object") {
meta = parsed[3].metadata; // pad
} else if (parsed.info) {
meta = parsed.info; // poll
} else {
meta = parsed.metadata;
}
if (typeof(meta) === "object") {
meta.title = val;
meta.defaultTitle = val;
delete meta.users;
}
toSave = JSON.stringify(parsed);
} catch(e) {
console.error("Parse error while setting the title", e);
}
}
ctx.sframeChan.query('Q_SAVE_AS_TEMPLATE', {
title: title,
toSave: toSave
}, function () {
Cryptpad.alert(Messages.templateSaved);
common.feedback('TEMPLATE_CREATED');
});
};
Cryptpad.prompt(Messages.saveTemplatePrompt, title, todo);
});
}
break;
case 'forget':
button = $('<button>', {
id: 'cryptpad-forget',
title: Messages.forgetButtonTitle,
'class': "fa fa-trash cryptpad-forget",
style: 'font:'+size+' FontAwesome'
});
if (!common.isStrongestStored()) {
button.addClass('cp-toolbar-hidden');
}
if (callback) {
button
.click(common.prepareFeedback(type))
.click(function() {
var msg = isLoggedIn() ? Messages.forgetPrompt : Messages.fm_removePermanentlyDialog;
Cryptpad.confirm(msg, function (yes) {
if (!yes) { return; }
ctx.sframeChan.query('Q_MOVE_TO_TRASH', null, function (err) {
if (err) { return void callback(err); }
var cMsg = isLoggedIn() ? Messages.movedToTrash : Messages.deleted;
Cryptpad.alert(cMsg, undefined, true);
callback();
return;
});
});
});
}
break;
case 'history':
if (!AppConfig.enableHistory) {
button = $('<span>');
break;
}
button = $('<button>', {
title: Messages.historyButton,
'class': "fa fa-history history",
}).append($('<span>', {'class': 'cp-toolbar-drawer-element'}).text(Messages.historyText));
if (data.histConfig) {
button
.click(common.prepareFeedback(type))
.on('click', function () {
common.getHistory(data.histConfig);
});
}
break;
case 'more':
button = $('<button>', {
title: Messages.moreActions || 'TODO',
'class': "cp-toolbar-drawer-button fa fa-ellipsis-h",
style: 'font:'+size+' FontAwesome'
});
break;
default:
button = $('<button>', {
'class': "fa fa-question",
style: 'font:'+size+' FontAwesome'
})
.click(common.prepareFeedback(type));
}
if (rightside) {
button.addClass('cp-toolbar-rightside-button');
}
return button;
};
UI.getFileSize = function (Common, href, cb) {
var channelId = Cryptpad.hrefToHexChannelId(href);
Common.sendAnonRpcMsg("GET_FILE_SIZE", channelId, function (data) {
@ -101,9 +268,8 @@ define([
}
};
UI.createUserAdminMenu = function (config) {
var Common = config.Common;
var metadataMgr = config.metadataMgr;
UI.createUserAdminMenu = function (Common, config) {
var metadataMgr = Common.getMetadataMgr();
var displayNameCls = config.displayNameCls || 'displayName';
var $displayedName = $('<span>', {'class': displayNameCls});

2
www/common/sframe-common-title.js
Unescape Escape View File

@ -1,7 +1,7 @@
define(['jquery'], function ($) {
var module = {};
module.create = function (cfg, onLocal, Common, metadataMgr) {
module.create = function (Common, cfg, onLocal) {
var exp = {};
var metadataMgr = Common.getMetadataMgr();
var sframeChan = Common.getSframeChannel();

243
www/common/sframe-common.js
Unescape Escape View File

@ -31,47 +31,55 @@ define([
return ctx.cpNfInner;
};
funcs.getMetadataMgr = function () {
return ctx.metadataMgr;
};
funcs.getCryptpadCommon = function () {
return Cryptpad;
};
funcs.getSframeChannel = function () {
return ctx.sframeChan;
};
funcs.getMetadataMgr = function () { return ctx.metadataMgr; };
funcs.getCryptpadCommon = function () { return Cryptpad; };
funcs.getSframeChannel = function () { return ctx.sframeChan; };
funcs.getAppConfig = function () { return AppConfig; };
var isLoggedIn = funcs.isLoggedIn = function () {
if (!ctx.cpNfInner) { throw new Error("cpNfInner is not ready!"); }
return ctx.cpNfInner.metadataMgr.getPrivateData().accountName;
};
// MISC
// Call the selected function with 'funcs' as a (new) first parameter
var callWithCommon = function (f) {
return function () {
[].unshift.call(arguments, funcs);
return f.apply(null, arguments);
};
};
// UI
funcs.createUserAdminMenu = UI.createUserAdminMenu;
funcs.displayAvatar = UI.displayAvatar;
funcs.initFilePicker = UI.initFilePicker;
funcs.openFilePicker = UI.openFilePicker;
funcs.openTemplatePicker = UI.openTemplatePicker;
funcs.createUserAdminMenu = callWithCommon(UI.createUserAdminMenu);
funcs.initFilePicker = callWithCommon(UI.initFilePicker);
funcs.openFilePicker = callWithCommon(UI.openFilePicker);
funcs.openTemplatePicker = callWithCommon(UI.openTemplatePicker);
funcs.displayAvatar = callWithCommon(UI.displayAvatar);
funcs.createButton = callWithCommon(UI.createButton);
// History
funcs.getHistory = function (config) { return History.create(funcs, config); };
funcs.getHistory = callWithCommon(History.create);
// Title module
funcs.createTitle = Title.create;
funcs.createTitle = callWithCommon(Title.create);
// Files
funcs.uploadFile = callWithCommon(File.uploadFile);
funcs.createFileManager = callWithCommon(File.create);
// Misc
funcs.setDisplayName = function (name, cb) {
ctx.sframeChan.query('Q_SETTINGS_SET_DISPLAY_NAME', name, function (err) {
if (cb) { cb(err); }
});
cb = cb || $.noop;
ctx.sframeChan.query('Q_SETTINGS_SET_DISPLAY_NAME', name, cb);
};
// Window
funcs.logout = function (cb) {
ctx.sframeChan.query('Q_LOGOUT', null, function (err) {
if (cb) { cb(err); }
});
cb = cb || $.noop;
ctx.sframeChan.query('Q_LOGOUT', null, cb);
};
funcs.notify = function () {
@ -79,9 +87,8 @@ define([
};
funcs.setLoginRedirect = function (cb) {
ctx.sframeChan.query('Q_SET_LOGIN_REDIRECT', null, function (err) {
if (cb) { cb(err); }
});
cb = cb || $.noop;
ctx.sframeChan.query('Q_SET_LOGIN_REDIRECT', null, cb);
};
// Store
@ -136,11 +143,10 @@ define([
}, cb);
};
// Files
funcs.uploadFile = function (data, cb) {
ctx.sframeChan.query('Q_UPLOAD_FILE', data, cb);
funcs.isStrongestStored = function () {
var data = ctx.metadataMgr.getPrivateData();
return !data.readOnly || !data.availableHashes.editHash;
};
funcs.createFileManager = function (config) { return File.create(funcs, config); };
// Friends
var pendingFriends = [];
@ -168,7 +174,7 @@ define([
url: href,
});
};
var prepareFeedback = funcs.prepareFeedback = function (key) {
funcs.prepareFeedback = function (key) {
if (typeof(key) !== 'string') { return $.noop; }
var type = ctx.metadataMgr.getMetadata().type;
@ -177,178 +183,8 @@ define([
};
};
// BUTTONS
var isStrongestStored = function () {
var data = ctx.metadataMgr.getPrivateData();
return !data.readOnly || !data.availableHashes.editHash;
};
funcs.createButton = function (type, rightside, data, callback) {
var button;
var size = "17px";
switch (type) {
case 'export':
button = $('<button>', {
'class': 'fa fa-download',
title: Messages.exportButtonTitle,
}).append($('<span>', {'class': 'cp-toolbar-drawer-element'}).text(Messages.exportButton));
button.click(prepareFeedback(type));
if (callback) {
button.click(callback);
}
break;
case 'import':
button = $('<button>', {
'class': 'fa fa-upload',
title: Messages.importButtonTitle,
}).append($('<span>', {'class': 'cp-toolbar-drawer-element'}).text(Messages.importButton));
if (callback) {
button
.click(prepareFeedback(type))
.click(Cryptpad.importContent('text/plain', function (content, file) {
callback(content, file);
}, {accept: data ? data.accept : undefined}));
}
break;
case 'upload':
button = $('<button>', {
'class': 'btn btn-primary new',
title: Messages.uploadButtonTitle,
}).append($('<span>', {'class':'fa fa-upload'})).append(' '+Messages.uploadButton);
if (!data.FM) { return; }
var $input = $('<input>', {
'type': 'file',
'style': 'display: none;'
}).on('change', function (e) {
var file = e.target.files[0];
var ev = {
target: data.target
};
if (data.filter && !data.filter(file)) {
Cryptpad.log('TODO: invalid avatar (type or size)');
return;
}
data.FM.handleFile(file, ev);
if (callback) { callback(); }
});
if (data.accept) { $input.attr('accept', data.accept); }
button.click(function () { $input.click(); });
break;
case 'template':
if (!AppConfig.enableTemplates) { return; }
button = $('<button>', {
title: Messages.saveTemplateButton,
}).append($('<span>', {'class':'fa fa-bookmark', style: 'font:'+size+' FontAwesome'}));
if (data.rt) {
button
.click(function () {
var title = data.getTitle() || document.title;
var todo = function (val) {
if (typeof(val) !== "string") { return; }
var toSave = data.rt.getUserDoc();
if (val.trim()) {
val = val.trim();
title = val;
try {
var parsed = JSON.parse(toSave);
var meta;
if (Array.isArray(parsed) && typeof(parsed[3]) === "object") {
meta = parsed[3].metadata; // pad
} else if (parsed.info) {
meta = parsed.info; // poll
} else {
meta = parsed.metadata;
}
if (typeof(meta) === "object") {
meta.title = val;
meta.defaultTitle = val;
delete meta.users;
}
toSave = JSON.stringify(parsed);
} catch(e) {
console.error("Parse error while setting the title", e);
}
}
ctx.sframeChan.query('Q_SAVE_AS_TEMPLATE', {
title: title,
toSave: toSave
}, function () {
Cryptpad.alert(Messages.templateSaved);
funcs.feedback('TEMPLATE_CREATED');
});
};
Cryptpad.prompt(Messages.saveTemplatePrompt, title, todo);
});
}
break;
case 'forget':
button = $('<button>', {
id: 'cryptpad-forget',
title: Messages.forgetButtonTitle,
'class': "fa fa-trash cryptpad-forget",
style: 'font:'+size+' FontAwesome'
});
if (!isStrongestStored()) {
button.addClass('cp-toolbar-hidden');
}
if (callback) {
button
.click(prepareFeedback(type))
.click(function() {
var msg = isLoggedIn() ? Messages.forgetPrompt : Messages.fm_removePermanentlyDialog;
Cryptpad.confirm(msg, function (yes) {
if (!yes) { return; }
ctx.sframeChan.query('Q_MOVE_TO_TRASH', null, function (err) {
if (err) { return void callback(err); }
var cMsg = isLoggedIn() ? Messages.movedToTrash : Messages.deleted;
Cryptpad.alert(cMsg, undefined, true);
callback();
return;
});
});
});
}
break;
case 'history':
if (!AppConfig.enableHistory) {
button = $('<span>');
break;
}
button = $('<button>', {
title: Messages.historyButton,
'class': "fa fa-history history",
}).append($('<span>', {'class': 'cp-toolbar-drawer-element'}).text(Messages.historyText));
if (data.histConfig) {
button
.click(prepareFeedback(type))
.on('click', function () {
funcs.getHistory(data.histConfig);
});
}
break;
case 'more':
button = $('<button>', {
title: Messages.moreActions || 'TODO',
'class': "cp-toolbar-drawer-button fa fa-ellipsis-h",
style: 'font:'+size+' FontAwesome'
});
break;
default:
button = $('<button>', {
'class': "fa fa-question",
style: 'font:'+size+' FontAwesome'
})
.click(prepareFeedback(type));
}
if (rightside) {
button.addClass('cp-toolbar-rightside-button');
}
return button;
};
// Can, only be called by the filepicker app
// RESTRICTED
// Filepicker app
funcs.getFilesList = function (types, cb) {
ctx.sframeChan.query('Q_GET_FILES_LIST', types, function (err, data) {
cb(err || data.error, data.data);
@ -359,8 +195,7 @@ define([
ctx.sframeChan.query('Q_STORE_LINK_TO_CLIPBOARD', readOnly, function (err) {
if (cb) { cb(err); }
});
};
*/
}; */
Object.freeze(funcs);
return { create: function (cb) {

4
www/common/toolbar3.js
Unescape Escape View File

@ -228,7 +228,7 @@ define([
$span.append(avatars[data.avatar]);
$span.append($rightCol);
} else {
Common.displayAvatar(Common, $span, data.avatar, name, function ($img) {
Common.displayAvatar($span, data.avatar, name, function ($img) {
if (data.avatar && $img) {
avatars[data.avatar] = $img[0].outerHTML;
}
@ -767,8 +767,6 @@ define([
var $userAdmin = toolbar.$userAdmin.find('.'+USERADMIN_CLS).show();
var userMenuCfg = {
$initBlock: $userAdmin,
metadataMgr: metadataMgr,
Common: Common
};
if (!config.hideDisplayName) {
$.extend(true, userMenuCfg, {

4
www/pad/inner.js
Unescape Escape View File

@ -514,7 +514,7 @@ define([
readOnly = metadataMgr.getPrivateData().readOnly;
console.log('onInit');
var titleCfg = { getHeadingText: getHeadingText };
Title = common.createTitle(titleCfg, realtimeOptions.onLocal, common);
Title = common.createTitle(titleCfg, realtimeOptions.onLocal);
var configTb = {
displayed: ['userlist', 'title', 'useradmin', 'spinner', 'newpad', 'share', 'limit'],
title: Title.getTitleConfig(),
@ -673,7 +673,7 @@ define([
if (newPad) {
common.openTemplatePicker(common);
common.openTemplatePicker();
}
onLocal();

Write Preview
Loading…
Cancel
Save