diff --git a/www/common/common-interface.js b/www/common/common-interface.js index 9cc1c1efb..ba5ca378b 100644 --- a/www/common/common-interface.js +++ b/www/common/common-interface.js @@ -1104,5 +1104,36 @@ define([ }; }; + UI.makeSpinner = function ($container) { + var $ok = $('', {'class': 'fa fa-check', title: Messages.saved}).hide(); + var $spinner = $('', {'class': 'fa fa-spinner fa-pulse'}).hide(); + + var spin = function () { + $ok.hide(); + $spinner.show(); + }; + var hide = function () { + $ok.hide(); + $spinner.hide(); + }; + var done = function () { + $ok.show(); + $spinner.hide(); + }; + + if ($container && $container.append) { + $container.append($ok); + $container.append($spinner); + } + + return { + ok: $ok[0], + spinner: $spinner[0], + spin: spin, + hide: hide, + done: done + } + }; + return UI; }); diff --git a/www/common/drive-ui.js b/www/common/drive-ui.js index 412c0be41..b0396773c 100644 --- a/www/common/drive-ui.js +++ b/www/common/drive-ui.js @@ -1034,7 +1034,14 @@ define([ if (!data || (!data.href && !data.roHref)) { return void logError("Missing data for the file", el, data); } - var href = data.href || data.roHref; + var href = isRo ? data.roHref : (data.href || data.roHref); + var priv = metadataMgr.getPrivateData(); + var useUnsafe = Util.find(priv, ['settings', 'security', 'unsafeLinks']); + if (useUnsafe) { + return void window.open(APP.origin + href); + } + + // Get hidden hash var parsed = Hash.parsePadUrl(href); var secret = Hash.getSecrets(parsed.type, parsed.hash, data.password); if (isRo && secret.keys && secret.keys.editKeyStr) { @@ -1043,7 +1050,6 @@ define([ } var hash = Hash.getHiddenHashFromKeys(parsed.type, secret); var hiddenHref = Hash.hashToHref(hash, parsed.type); - // XXX hidden hash: use settings window.open(APP.origin + hiddenHref); }; diff --git a/www/common/sframe-common-outer.js b/www/common/sframe-common-outer.js index 0197d68ee..e2472928e 100644 --- a/www/common/sframe-common-outer.js +++ b/www/common/sframe-common-outer.js @@ -398,6 +398,7 @@ define([ if (!parsed.type) { throw new Error(); } var defaultTitle = Utils.UserObject.getDefaultName(parsed); var edPublic, curvePublic, notifications, isTemplate; + var settings = {}; var forceCreationScreen = cfg.useCreationScreen && sessionStorage[Utils.Constants.displayPadCreationScreen]; delete sessionStorage[Utils.Constants.displayPadCreationScreen]; @@ -411,6 +412,7 @@ define([ edPublic = metaObj.priv.edPublic; // needed to create an owned pad curvePublic = metaObj.user.curvePublic; notifications = metaObj.user.notifications; + settings = metaObj.priv.settings; })); if (typeof(isTemplate) === "undefined") { Cryptpad.isTemplate(currentPad.href, waitFor(function (err, t) { @@ -647,7 +649,8 @@ define([ // hide the hash var opts = parsed.getOptions(); var hash = Utils.Hash.getHiddenHashFromKeys(parsed.type, secret, opts); - if (window.history && window.history.replaceState) { + var useUnsafe = Utils.Util.find(settings, ['security', 'unsafeLinks']); + if (!useUnsafe && window.history && window.history.replaceState) { if (!/^#/.test(hash)) { hash = '#' + hash; } window.history.replaceState({}, window.document.title, hash); } @@ -684,7 +687,8 @@ define([ // hide the hash var opts = parsed.getOptions(); var hash = Utils.Hash.getHiddenHashFromKeys(parsed.type, secret, opts); - if (window.history && window.history.replaceState) { + var useUnsafe = Utils.Util.find(settings, ['security', 'unsafeLinks']); + if (!useUnsafe && window.history && window.history.replaceState) { if (!/^#/.test(hash)) { hash = '#' + hash; } window.history.replaceState({}, window.document.title, hash); } diff --git a/www/settings/inner.js b/www/settings/inner.js index 7c9dd0630..b3aa9bb0b 100644 --- a/www/settings/inner.js +++ b/www/settings/inner.js @@ -53,13 +53,15 @@ define([ 'cp-settings-language-selector', 'cp-settings-resettips', 'cp-settings-logout-everywhere', - 'cp-settings-autostore', 'cp-settings-userfeedback', 'cp-settings-change-password', 'cp-settings-migrate', - 'cp-settings-backup', 'cp-settings-delete' ], + 'security': [ // XXX + 'cp-settings-autostore', + 'cp-settings-safe-links', + ], 'creation': [ 'cp-settings-creation-owned', 'cp-settings-creation-expire', @@ -115,6 +117,24 @@ define([ var create = {}; + var makeBlock = function (key, getter, full) { + var safeKey = key.replace(/-([a-z])/g, function (g) { return g[1].toUpperCase(); }); + + create[key] = function () { + var $div = $('
', {'class': 'cp-settings-' + key + ' cp-sidebarlayout-element'}); + if (full) { + $('