From e4b616f1fc54be23180a92f99fef8535699d2236 Mon Sep 17 00:00:00 2001 From: yflory Date: Mon, 2 Nov 2020 11:02:33 +0100 Subject: [PATCH 1/3] Keep the app name in version 4 hashes --- www/common/common-hash.js | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/www/common/common-hash.js b/www/common/common-hash.js index 06a1d7fef..42925d6d6 100644 --- a/www/common/common-hash.js +++ b/www/common/common-hash.js @@ -165,8 +165,15 @@ var factory = function (Util, Crypto, Keys, Nacl) { /* Version 0 /pad/#67b8385b07352be53e40746d2be6ccd7XAYSuJYYqa9NfmInyHci7LNy -Version 1 +Version 1: Add support for read-only access /code/#/1/edit/3Ujt4F2Sjnjbis6CoYWpoQ/usn4+9CqVja8Q7RZOGTfRgqI +Version 2: Add support for password-protection + /code/#/2/code/edit/u5ACvxAYmhvG0FtrNn9FJQcf/p/ +Version 3: Safe links + /code/#/3/code/edit/f0d8055aa640a97e7fd25020ca4e93b3/ +Version 4: Data URL when not a realtime link yet (new pad or "static" app) + /login/#/4/login/newpad=eyJocmVmIjoiaHR0cDovL2xvY2FsaG9zdDozMDAwL2NvZGUvIy8yL2NvZGUvZWRpdC91NUFDdnhBWW1odkcwRnRyTm45RklRY2YvIn0%3D/ + /drive/#/4/drive/login=e30%3D/ */ var getLoginOpts = function (hashArr) { @@ -233,7 +240,7 @@ Version 1 if (hashArr[1] && hashArr[1] === '4') { parsed.getHash = function (opts) { if (!opts || !Object.keys(opts).length) { return ''; } - var hash = '/4/'; + var hash = '/4/' + type + '/'; if (opts.newPadOpts) { hash += 'newpad=' + opts.newPadOpts + '/'; } if (opts.loginOpts) { hash += 'login=' + opts.loginOpts + '/'; } return hash; @@ -246,7 +253,8 @@ Version 1 }; parsed.version = 4; - options = hashArr.slice(2); + parsed.app = hashArr[2]; + options = hashArr.slice(3); addOptions(); return parsed; @@ -429,7 +437,7 @@ Version 1 // When we start without a hash, use version 4 links to add login or newpad options var getHash = function (opts) { if (!opts || !Object.keys(opts).length) { return ''; } - var hash = '/4/'; + var hash = '/4/' + ret.type + '/'; if (opts.newPadOpts) { hash += 'newpad=' + opts.newPadOpts + '/'; } if (opts.loginOpts) { hash += 'login=' + opts.loginOpts + '/'; } return hash; From cb8bf2cdebfde5a361e40032a65454da72978422 Mon Sep 17 00:00:00 2001 From: yflory Date: Mon, 2 Nov 2020 12:46:44 +0100 Subject: [PATCH 2/3] Fix various issues --- customize.dist/pages/index.js | 4 ++-- www/common/common-hash.js | 7 ++----- www/common/outer/local-store.js | 1 + 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/customize.dist/pages/index.js b/customize.dist/pages/index.js index c718b363f..8a8fa3773 100644 --- a/customize.dist/pages/index.js +++ b/customize.dist/pages/index.js @@ -47,8 +47,8 @@ define([ var href = '/'+ x[0] +'/'; var attr = isEnabled ? { href: href } : { onclick: function () { - var href = Hash.hashToHref('', 'login'); - var url = Hash.getNewPadURL(href, { href: href }); + var loginURL = Hash.hashToHref('', 'login'); + var url = Hash.getNewPadURL(loginURL, { href: href }); window.location.href = url; } }; diff --git a/www/common/common-hash.js b/www/common/common-hash.js index 42925d6d6..199c2cb54 100644 --- a/www/common/common-hash.js +++ b/www/common/common-hash.js @@ -236,7 +236,7 @@ Version 4: Data URL when not a realtime link yet (new pad or "static" app) parsed.ownerKey = getOwnerKey(options); }; - // Version 4: only login or newpad options, smae for all the apps + // Version 4: only login or newpad options, same for all the apps if (hashArr[1] && hashArr[1] === '4') { parsed.getHash = function (opts) { if (!opts || !Object.keys(opts).length) { return ''; } @@ -653,9 +653,6 @@ Version 4: Data URL when not a realtime link yet (new pad or "static" app) // Valid hash? if (parsed.hash) { if (!parsed.hashData) { return; } - // New pad: only newPadOpts allowed - if (Object.keys(parsed.hashData).length === 1 && - parsed.hashData.newPadOpts) { return true; } // Version should be a number if (typeof(parsed.hashData.version) === "undefined") { return; } // pads and files should have a base64 (or hex) key @@ -670,7 +667,7 @@ Version 4: Data URL when not a realtime link yet (new pad or "static" app) Hash.decodeDataOptions = function (opts) { var b64 = decodeURIComponent(opts); var str = Nacl.util.encodeUTF8(Nacl.util.decodeBase64(b64)); - return JSON.parse(str); + return Util.tryParse(str) || {}; }; Hash.encodeDataOptions = function (opts) { var str = JSON.stringify(opts); diff --git a/www/common/outer/local-store.js b/www/common/outer/local-store.js index d15c2e8c6..0aff1f9ce 100644 --- a/www/common/outer/local-store.js +++ b/www/common/outer/local-store.js @@ -94,6 +94,7 @@ define([ localStorage.removeItem(k); delete localStorage[k]; }); + sessionStorage.clear(); try { Object.keys(localStorage || {}).forEach(function (k) { // Remvoe everything in localStorage except CACHE and FS_hash From b1f29678ca9762d0a3e7d75e546434378e7c3ea2 Mon Sep 17 00:00:00 2001 From: yflory Date: Mon, 2 Nov 2020 12:55:40 +0100 Subject: [PATCH 3/3] Backward compatiility with sessionStorage --- www/common/cryptpad-common.js | 26 ++++++++++++++++++++++++-- www/common/sframe-common-outer.js | 7 ++++++- www/register/main.js | 2 +- 3 files changed, 31 insertions(+), 4 deletions(-) diff --git a/www/common/cryptpad-common.js b/www/common/cryptpad-common.js index 36413d89d..8874871d8 100644 --- a/www/common/cryptpad-common.js +++ b/www/common/cryptpad-common.js @@ -2107,6 +2107,28 @@ define([ driveEvents: true //rdyCfg.driveEvents // Boolean }; + // FIXME Backward compatibility + if (sessionStorage.newPadFileData) { + common.fromFileData = JSON.parse(sessionStorage.newPadFileData); + var _parsed1 = Hash.parsePadUrl(common.fromFileData.href); + var _parsed2 = Hash.parsePadUrl(window.location.href); + if (_parsed1.hashData.type === 'pad') { + if (_parsed1.type !== _parsed2.type) { delete common.fromFileData; } + } + delete sessionStorage.newPadFileData; + } + + if (sessionStorage.newPadPath) { + common.initialPath = sessionStorage.newPadPath; + delete sessionStorage.newPadPath; + } + + if (sessionStorage.newPadTeam) { + common.initialTeam = sessionStorage.newPadTeam; + delete sessionStorage.newPadTeam; + } + + var channelIsReady = waitFor(); var msgEv = Util.mkEvent(); @@ -2332,7 +2354,7 @@ define([ postMessage("DISCONNECT"); }); }).nThen(function (waitFor) { - if (common.createReadme) { + if (common.createReadme || sessionStorage.createReadme) { var data = { driveReadme: Messages.driveReadme, driveReadmeTitle: Messages.driveReadmeTitle, @@ -2342,7 +2364,7 @@ define([ })); } }).nThen(function (waitFor) { - if (common.migrateAnonDrive) { + if (common.migrateAnonDrive || sessionStorage.migrateAnonDrive) { common.mergeAnonDrive(waitFor()); } }).nThen(function (waitFor) { diff --git a/www/common/sframe-common-outer.js b/www/common/sframe-common-outer.js index f1fd0ac8d..b7ce64d4d 100644 --- a/www/common/sframe-common-outer.js +++ b/www/common/sframe-common-outer.js @@ -124,7 +124,7 @@ define([ SFrameChannel.create(msgEv, postMsg, waitFor(function (sfc) { Utils.sframeChan = sframeChan = sfc; window.CryptPad_loadingError = function (e) { - sfc.event('EV_LOADING_ERROR', e) + sfc.event('EV_LOADING_ERROR', e); }; })); }); @@ -260,6 +260,11 @@ define([ } // Otherwise, continue } + // FIXME Backward compatibility + if (sessionStorage.newPadPassword && !newPadPassword) { + newPadPassword = sessionStorage.newPadPassword; + delete sessionStorage.newPadPassword; + } if (!parsed.hashData) { // No hash, no need to check for a password diff --git a/www/register/main.js b/www/register/main.js index 39069bd94..2bf9d9f39 100644 --- a/www/register/main.js +++ b/www/register/main.js @@ -39,7 +39,7 @@ define([ if (localStorage.login_user) { $uname.val(localStorage.login_user); - delete loginStorage.login_user; + delete localStorage.login_user; } [ $uname, $passwd, $confirm]