diff --git a/www/common/common-hash.js b/www/common/common-hash.js index ad32e65c8..b60ab3306 100644 --- a/www/common/common-hash.js +++ b/www/common/common-hash.js @@ -62,7 +62,9 @@ var factory = function (Util, Crypto, Nacl) { }; Hash.getHiddenHashFromKeys = function (type, secret, opts) { - var mode = ((secret.keys && secret.keys.editKeyStr) || secret.key) ? 'edit/' : 'view/'; + opts = opts || {}; + var canEdit = (secret.keys && secret.keys.editKeyStr) || secret.key; + var mode = (!opts.view && canEdit) ? 'edit/' : 'view/'; var pass = secret.password ? 'p/' : ''; if (secret.keys && secret.keys.fileKeyStr) { mode = ''; } diff --git a/www/common/common-ui-elements.js b/www/common/common-ui-elements.js index d106702b5..977f8963d 100644 --- a/www/common/common-ui-elements.js +++ b/www/common/common-ui-elements.js @@ -638,17 +638,26 @@ define([ : Messages.properties_passwordSuccessFile; return void UI.alert(alertMsg, undefined, {force: true}); } - // If we didn't have a password, we have to add the /p/ - // If we had a password and we changed it to a new one, we just have to reload - // If we had a password and we removed it, we have to remove the /p/ + + // Pad password changed: update the href + // Use hidden hash if needed (we're an owner of this pad so we know it is stored) + var useUnsafe = Util.find(priv, ['settings', 'security', 'unsafeLinks']); + var href = data.href || data.roHref; + if (!useUnsafe) { + var newParsed = Hash.parsePadUrl(href); + var newSecret = Hash.getSecrets(newParsed.type, newParsed.hash, newPass); + var newHash = Hash.getHiddenHashFromKeys(parsed.type, newSecret, {}); + href = Hash.hashToHref(newHash, parsed.type); + } + if (data.warning) { return void UI.alert(Messages.properties_passwordWarning, function () { - common.gotoURL(hasPassword && newPass ? undefined : (data.href || data.roHref)); + common.gotoURL(href); }, {force: true}); } return void UI.alert(Messages.properties_passwordSuccess, function () { if (!isSharedFolder) { - common.gotoURL(hasPassword && newPass ? undefined : (data.href || data.roHref)); + common.gotoURL(href); } }, {force: true}); }); diff --git a/www/common/cryptpad-common.js b/www/common/cryptpad-common.js index 0aa75f561..393fafa8b 100644 --- a/www/common/cryptpad-common.js +++ b/www/common/cryptpad-common.js @@ -1041,7 +1041,7 @@ define([ warning: warning, hash: newHash, href: newHref, - roHref: newRoHref + roHref: newRoHref, }); }); }; @@ -2121,7 +2121,10 @@ define([ var parsedNew = Hash.parsePadUrl(newHref); if (parsedOld.hashData && parsedNew.hashData && parsedOld.getUrl() !== parsedNew.getUrl()) { - if (!parsedOld.hashData.key) { oldHref = newHref; return; } + if (parsedOld.hashData.version !== 3 && !parsedOld.hashData.key) { + oldHref = newHref; + return; + } // If different, reload document.location.reload(); return; diff --git a/www/common/drive-ui.js b/www/common/drive-ui.js index a19ba9be1..ff15e091f 100644 --- a/www/common/drive-ui.js +++ b/www/common/drive-ui.js @@ -1044,11 +1044,9 @@ define([ // Get hidden hash var parsed = Hash.parsePadUrl(href); var secret = Hash.getSecrets(parsed.type, parsed.hash, data.password); - if (isRo && secret.keys && secret.keys.editKeyStr) { - delete secret.keys.editKeyStr; - delete secret.key; - } - var hash = Hash.getHiddenHashFromKeys(parsed.type, secret); + var opts = {}; + if (isRo) { opts.view = true; } + var hash = Hash.getHiddenHashFromKeys(parsed.type, secret, opts); var hiddenHref = Hash.hashToHref(hash, parsed.type); window.open(APP.origin + hiddenHref); };