From 5739c3d973f9194c784254c0f18aa3f880a7dcd2 Mon Sep 17 00:00:00 2001 From: ansuz Date: Thu, 4 May 2017 12:20:38 +0200 Subject: [PATCH 1/3] blow up if you ever run out of nonce-space --- www/file/file-crypto.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/www/file/file-crypto.js b/www/file/file-crypto.js index 4af79aa04..608b3bb6e 100644 --- a/www/file/file-crypto.js +++ b/www/file/file-crypto.js @@ -33,7 +33,9 @@ define([ // you don't need to worry about this running out. // you'd need a REAAAALLY big file - if (l === 0) { return true; } + if (l === 0) { + throw new Error('E_NONCE_TOO_LARGE'); + } } }; @@ -70,7 +72,6 @@ define([ // decrypt the chunk var plaintext = Nacl.secretbox.open(box, nonce, key); - // TODO handle nonce-too-large-error increment(nonce); return plaintext; }; From 78b11584f8e71781c029e75abd7f3a520a498fc6 Mon Sep 17 00:00:00 2001 From: ansuz Date: Thu, 4 May 2017 16:16:09 +0200 Subject: [PATCH 2/3] remove unused variables --- .jshintrc | 2 +- customize.dist/main.js | 9 +- customize.dist/messages.js | 6 +- customize.dist/share/frame.js | 26 +++--- customize.dist/share/test.js | 8 +- rpc.js | 10 +- storage/file.js | 5 +- www/assert/main.js | 2 - www/common/clipboard.js | 2 +- www/common/common-hash.js | 18 ++-- www/common/common-history.js | 8 +- www/common/common-interface.js | 14 +-- www/common/common-util.js | 24 ++--- www/common/credential.js | 11 +-- www/common/cryptget.js | 10 +- www/common/cryptpad-common.js | 114 +++++++++++------------ www/common/cursor.js | 10 +- www/common/encode.js | 4 +- www/common/fileObject.js | 70 +++++++------- www/common/fsStore.js | 7 +- www/common/login.js | 8 +- www/common/mergeDrive.js | 6 +- www/common/modes.js | 2 +- www/common/notify.js | 6 +- www/common/rpc.js | 11 +-- www/common/treesome.js | 2 +- www/common/userObject.js | 51 +++++------ www/common/visible.js | 6 +- www/drive/main.js | 83 ++++++++--------- www/examples/board/board.js | 8 +- www/examples/board/main.js | 23 +++-- www/examples/form/main.js | 20 ++-- www/examples/form/ula.js | 2 +- www/examples/hack/index.html | 77 ---------------- www/examples/hack/main.js | 161 --------------------------------- www/examples/json/main.js | 9 +- www/examples/pin/main.js | 4 +- www/examples/read/main.js | 2 - www/examples/render/main.js | 12 +-- www/examples/style/main.js | 14 ++- www/examples/text/main.js | 14 ++- www/file/main.js | 15 ++- www/login/main.js | 7 +- www/media/main.js | 16 ++-- www/pad/links.js | 2 +- www/pad/main.js | 42 ++++----- www/poll/main.js | 48 ++++------ www/poll/render.js | 24 +++-- www/register/main.js | 10 +- www/settings/main.js | 19 ++-- www/slide/main.js | 43 ++++----- www/slide/slide.js | 27 +++--- www/whiteboard/main.js | 20 ++-- 53 files changed, 420 insertions(+), 734 deletions(-) delete mode 100644 www/examples/hack/index.html delete mode 100644 www/examples/hack/main.js diff --git a/.jshintrc b/.jshintrc index c55ec0518..4928c524d 100644 --- a/.jshintrc +++ b/.jshintrc @@ -10,7 +10,7 @@ "notypeof": true, "shadow": false, "undef": true, - "unused": false, + "unused": true, "futurehostile":true, "browser": true, "predef": [ diff --git a/customize.dist/main.js b/customize.dist/main.js index a02433b05..cdaeedfdb 100644 --- a/customize.dist/main.js +++ b/customize.dist/main.js @@ -4,7 +4,7 @@ define([ '/common/cryptpad-common.js' ], function ($, Config, Cryptpad) { - var APP = window.APP = { + window.APP = { Cryptpad: Cryptpad, }; @@ -118,7 +118,7 @@ define([ $('button.login').click(); }); - $('button.login').click(function (e) { + $('button.login').click(function () { Cryptpad.addLoadingScreen(Messages.login_hashing); // We need a setTimeout(cb, 0) otherwise the loading screen is only displayed after hashing the password window.setTimeout(function () { @@ -171,15 +171,14 @@ define([ /* End Log in UI */ var addButtonHandlers = function () { - $('button.register').click(function (e) { + $('button.register').click(function () { var username = $('#name').val(); var passwd = $('#password').val(); - var remember = $('#rememberme').is(':checked'); sessionStorage.login_user = username; sessionStorage.login_pass = passwd; document.location.href = '/register/'; }); - $('button.gotodrive').click(function (e) { + $('button.gotodrive').click(function () { document.location.href = '/drive/'; }); }; diff --git a/customize.dist/messages.js b/customize.dist/messages.js index 18d329d6d..813978b52 100644 --- a/customize.dist/messages.js +++ b/customize.dist/messages.js @@ -112,9 +112,7 @@ define(req, function($, Default, Language) { if (!selector.length) { return; } - var $button = $(selector).find('button .buttonTitle'); // Select the current language in the list - var option = $(selector).find('[data-value="' + language + '"]'); selector.setValue(language || 'English'); // Listen for language change @@ -137,12 +135,12 @@ define(req, function($, Default, Language) { var key = $el.data('localization-append'); $el.append(messages[key]); }; - var translateTitle = function (i, e) { + var translateTitle = function () { var $el = $(this); var key = $el.data('localization-title'); $el.attr('title', messages[key]); }; - var translatePlaceholder = function (i, e) { + var translatePlaceholder = function () { var $el = $(this); var key = $el.data('localization-placeholder'); $el.attr('placeholder', messages[key]); diff --git a/customize.dist/share/frame.js b/customize.dist/share/frame.js index a07ff05ce..2698372fd 100644 --- a/customize.dist/share/frame.js +++ b/customize.dist/share/frame.js @@ -10,7 +10,7 @@ // create an invisible iframe with a given source // append it to a parent element // execute a callback when it has loaded - var create = Frame.create = function (parent, src, onload, timeout) { + Frame.create = function (parent, src, onload, timeout) { var iframe = document.createElement('iframe'); timeout = timeout || 10000; @@ -34,7 +34,7 @@ /* given an iframe with an rpc script loaded, create a frame object with an asynchronous 'send' method */ - var open = Frame.open = function (e, A, timeout) { + Frame.open = function (e, A, timeout) { var win = e.contentWindow; var frame = {}; @@ -44,7 +44,7 @@ timeout = timeout || 5000; - var accepts = frame.accepts = function (o) { + frame.accepts = function (o) { return A.some(function (e) { switch (typeof(e)) { case 'string': return e === o; @@ -55,7 +55,7 @@ var changeHandlers = frame.changeHandlers = []; - var change = frame.change = function (f) { + frame.change = function (f) { if (typeof(f) !== 'function') { throw new Error('[Frame.change] expected callback'); } @@ -94,7 +94,7 @@ }; window.addEventListener('message', _listener); - var close = frame.close = function () { + frame.close = function () { window.removeEventListener('message', _listener); }; @@ -130,31 +130,31 @@ win.postMessage(JSON.stringify(req), '*'); }; - var set = frame.set = function (key, val, cb) { + frame.set = function (key, val, cb) { send('set', key, val, cb); }; - var batchset = frame.setBatch = function (map, cb) { + frame.setBatch = function (map, cb) { send('batchset', void 0, map, cb); }; - var get = frame.get = function (key, cb) { + frame.get = function (key, cb) { send('get', key, void 0, cb); }; - var batchget = frame.getBatch = function (keys, cb) { + frame.getBatch = function (keys, cb) { send('batchget', void 0, keys, cb); }; - var remove = frame.remove = function (key, cb) { + frame.remove = function (key, cb) { send('remove', key, void 0, cb); }; - var batchremove = frame.removeBatch = function (keys, cb) { + frame.removeBatch = function (keys, cb) { send('batchremove', void 0, keys, cb); }; - var keys = frame.keys = function (cb) { + frame.keys = function (cb) { send('keys', void 0, void 0, cb); }; @@ -164,7 +164,7 @@ if (typeof(module) !== 'undefined' && module.exports) { module.exports = Frame; } else if (typeof(define) === 'function' && define.amd) { - define(['jquery'], function ($) { + define(['jquery'], function () { return Frame; }); } else { diff --git a/customize.dist/share/test.js b/customize.dist/share/test.js index efc9d81b4..a236dcfab 100644 --- a/customize.dist/share/test.js +++ b/customize.dist/share/test.js @@ -39,7 +39,7 @@ define([ return !keys.some(function (k) { return data[k] !== null; }); }; - Frame.create(document.body, domain + path, function (err, iframe, loadEvent) { + Frame.create(document.body, domain + path, function (err, iframe) { if (handleErr(err)) { return; } console.log("Created iframe"); @@ -50,7 +50,7 @@ define([ [function (i) { // test #1 var pew = randInt(); - frame.set('pew', pew, function (err, data) { + frame.set('pew', pew, function (err) { if (handleErr(err)) { return; } frame.get('pew', function (err, num) { if (handleErr(err)) { return; } @@ -76,9 +76,9 @@ define([ var keys = Object.keys(map); - frame.setBatch(map, function (err, data) { + frame.setBatch(map, function (err) { if (handleErr(err)) { return; } - frame.getBatch(keys, function (err, data) { + frame.getBatch(keys, function (err) { if (handleErr(err)) { return; } frame.removeBatch(Object.keys(map), function (err) { if (handleErr(err)) { return; } diff --git a/rpc.js b/rpc.js index 3f705fab0..3a7609b62 100644 --- a/rpc.js +++ b/rpc.js @@ -18,7 +18,7 @@ var isValidChannel = function (chan) { var uint8ArrayToHex = function (a) { // call slice so Uint8Arrays work as expected - return Array.prototype.slice.call(a).map(function (e, i) { + return Array.prototype.slice.call(a).map(function (e) { var n = Number(e & 0xff).toString(16); if (n === 'NaN') { throw new Error('invalid input resulted in NaN'); @@ -127,7 +127,6 @@ var isValidCookie = function (Sessions, publicKey, cookie) { var idx = user.tokens.indexOf(parsed.seq); if (idx === -1) { return false; } - var next; if (idx > 0) { // make a new token addTokenForKey(Sessions, publicKey, makeToken()); @@ -325,9 +324,9 @@ var getHash = function (store, Sessions, publicKey, cb) { }); }; -var storeMessage = function (store, publicKey, msg, cb) { +/* var storeMessage = function (store, publicKey, msg, cb) { store.message(publicKey, JSON.stringify(msg), cb); -}; +}; */ var pinChannel = function (store, Sessions, publicKey, channels, cb) { if (!channels && channels.filter) { @@ -407,7 +406,7 @@ var resetUserPins = function (store, Sessions, publicKey, channelList, cb) { }; var getLimit = function (cb) { - + cb = cb; // TODO }; var safeMkdir = function (path, cb) { @@ -649,6 +648,7 @@ RPC.create = function (config /*:typeof(ConfigType)*/, cb /*:(?Error, ?Function) return void getFileSize(ctx.store, msg[1], Respond); case 'GET_LIMIT': // TODO implement this and cache it per-user return void getLimit(function (e, limit) { + limit = limit; Respond('NOT_IMPLEMENTED'); }); case 'GET_MULTIPLE_FILE_SIZE': diff --git a/storage/file.js b/storage/file.js index ab2bce617..857f147f4 100644 --- a/storage/file.js +++ b/storage/file.js @@ -28,7 +28,8 @@ var readMessages = function (path, msgHandler, cb) { }; var checkPath = function (path, callback) { - Fs.stat(path, function (err, stats) { + // TODO check if we actually need to use stat at all + Fs.stat(path, function (err) { if (!err) { callback(undefined, true); return; @@ -166,7 +167,7 @@ var getChannel = function (env, id, callback) { }); } }); - }).nThen(function (waitFor) { + }).nThen(function () { if (errorState) { return; } complete(); }); diff --git a/www/assert/main.js b/www/assert/main.js index 3306c3bab..392392db8 100644 --- a/www/assert/main.js +++ b/www/assert/main.js @@ -38,8 +38,6 @@ define([ }); }; - var $body = $('body'); - var HJSON_list = [ '["DIV",{"id":"target"},[["P",{"class":" alice bob charlie has.dot","id":"bang"},["pewpewpew"]]]]', diff --git a/www/common/clipboard.js b/www/common/clipboard.js index 557c1a809..191895dfd 100644 --- a/www/common/clipboard.js +++ b/www/common/clipboard.js @@ -3,7 +3,7 @@ define(['jquery'], function ($) { // copy arbitrary text to the clipboard // return boolean indicating success - var copy = Clipboard.copy = function (text) { + Clipboard.copy = function (text) { var $ta = $('', { type: 'text', }).val(text); diff --git a/www/common/common-hash.js b/www/common/common-hash.js index 1d731cec0..98e9152fb 100644 --- a/www/common/common-hash.js +++ b/www/common/common-hash.js @@ -49,7 +49,7 @@ define([ return ret; } - var hash = href.replace(patt, function (a, domain, type, hash) { + var hash = href.replace(patt, function (a, domain, type) { ret.domain = domain; ret.type = type; return ''; @@ -70,7 +70,7 @@ define([ * - no argument: use the URL hash or create one if it doesn't exist * - secretHash provided: use secretHash to find the keys */ - var getSecrets = Hash.getSecrets = function (secretHash) { + Hash.getSecrets = function (secretHash) { var secret = {}; var generate = function () { secret.keys = Crypto.createEditCryptor(); @@ -130,7 +130,7 @@ define([ return secret; }; - var getHashes = Hash.getHashes = function (channel, secret) { + Hash.getHashes = function (channel, secret) { var hashes = {}; if (secret.keys.editKeyStr) { hashes.editHash = getEditHashFromKeys(channel, secret.keys); @@ -152,7 +152,7 @@ define([ return id; }; - var createRandomHash = Hash.createRandomHash = function () { + Hash.createRandomHash = function () { // 16 byte channel Id var channelId = Util.hexToBase64(createChannelId()); // 18 byte encryption key @@ -197,7 +197,7 @@ Version 2 }; // STORAGE - var findWeaker = Hash.findWeaker = function (href, recents) { + Hash.findWeaker = function (href, recents) { var rHref = href || getRelativeHref(window.location.href); var parsed = parsePadUrl(rHref); if (!parsed.hash) { return false; } @@ -241,11 +241,11 @@ Version 2 }); return stronger; }; - var isNotStrongestStored = Hash.isNotStrongestStored = function (href, recents) { + Hash.isNotStrongestStored = function (href, recents) { return findStronger(href, recents); }; - var hrefToHexChannelId = Hash.hrefToHexChannelId = function (href) { + Hash.hrefToHexChannelId = function (href) { var parsed = Hash.parsePadUrl(href); if (!parsed || !parsed.hash) { return; } @@ -266,11 +266,11 @@ Version 2 return hex; }; - var getBlobPath = Hash.getBlobPathFromHex = function (id) { + Hash.getBlobPathFromHex = function (id) { return '/blob/' + id.slice(0,2) + '/' + id; }; - var serializeHash = Hash.serializeHash = function (hash) { + Hash.serializeHash = function (hash) { if (hash && hash.slice(-1) !== "/") { hash += "/"; } return hash; }; diff --git a/www/common/common-history.js b/www/common/common-history.js index 702989508..1cd0e6555 100644 --- a/www/common/common-history.js +++ b/www/common/common-history.js @@ -25,7 +25,7 @@ define([ var wcId = common.hrefToHexChannelId(config.href || window.location.href); console.log(wcId); - var createRealtime = function(chan) { + var createRealtime = function () { return ChainPad.create({ userName: 'history', initialState: '', @@ -68,14 +68,14 @@ define([ } }; - network.on('message', function (msg, sender) { + network.on('message', function (msg) { onMsg(msg); }); network.sendto(hkn, JSON.stringify(['GET_FULL_HISTORY', wcId, secret.keys.validateKey])); }; - var create = History.create = function (common, config) { + History.create = function (common, config) { if (!config.$toolbar) { return void console.error("config.$toolbar is undefined");} if (History.loading) { return void console.error("History is already being loaded..."); } History.loading = true; @@ -145,7 +145,7 @@ define([ title: Messages.history_next }).appendTo($hist); - var $label = $('