diff --git a/www/canvas/main.js b/www/canvas/main.js index 917905e6a..aa01cd8e6 100644 --- a/www/canvas/main.js +++ b/www/canvas/main.js @@ -10,18 +10,20 @@ define([ '/bower_components/textpatcher/TextPatcher.amd.js', 'json.sortify', '/bower_components/chainpad-json-validator/json-ot.js', + '/common/cryptpad-common.js', '/bower_components/fabric.js/dist/fabric.min.js', '/bower_components/jquery/dist/jquery.min.js', '/bower_components/file-saver/FileSaver.min.js', '/customize/pad.js' -], function (Config, Realtime, Messages, Crypto, TextPatcher, JSONSortify, JsonOT) { +], function (Config, Realtime, Messages, Crypto, TextPatcher, JSONSortify, JsonOT, Cryptpad) { var saveAs = window.saveAs; var module = window.APP = { }; var $ = module.$ = window.jQuery; var Fabric = module.Fabric = window.fabric; - + var secret = Cryptpad.getSecrets(); + /* var key; var channel = ''; if (!/#/.test(window.location.href)) { @@ -30,7 +32,7 @@ define([ var hash = window.location.hash.slice(1); channel = hash.slice(0, 32); key = hash.slice(32); - } + }*/ /* Initialize Fabric */ var canvas = module.canvas = new Fabric.Canvas('canvas'); @@ -78,14 +80,14 @@ define([ // TODO initialState ? websocketURL: Config.websocketURL, //userName: Crypto.rand64(8), - channel: channel, - cryptKey: key, - crypto: Crypto, + channel: secret.channel, + //cryptKey: key, + crypto: Crypto.createEncryptor(secret.key), transformFunction: JsonOT.validate, }; var onInit = config.onInit = function (info) { - window.location.hash = info.channel + key; + window.location.hash = info.channel + secret.key; $(window).on('hashchange', function() { window.location.reload(); }); diff --git a/www/code/main.js b/www/code/main.js index 11d950ecc..5ddc02801 100644 --- a/www/code/main.js +++ b/www/code/main.js @@ -8,10 +8,11 @@ define([ '/common/toolbar.js', 'json.sortify', '/bower_components/chainpad-json-validator/json-ot.js', + '/common/cryptpad-common.js', '/bower_components/file-saver/FileSaver.min.js', '/bower_components/jquery/dist/jquery.min.js', '/customize/pad.js' -], function (Config, /*RTCode,*/ Messages, Crypto, Realtime, TextPatcher, Toolbar, JSONSortify, JsonOT) { +], function (Config, /*RTCode,*/ Messages, Crypto, Realtime, TextPatcher, Toolbar, JSONSortify, JsonOT, Cryptpad) { var $ = window.jQuery; var saveAs = window.saveAs; var module = window.APP = {}; @@ -24,6 +25,8 @@ define([ var userName = Crypto.rand64(8), toolbar; + var secret = Cryptpad.getSecrets(); +/* var key; var channel = ''; var hash = false; @@ -33,7 +36,7 @@ define([ hash = window.location.hash.slice(1); channel = hash.slice(0, 32); key = hash.slice(32); - } + }*/ var andThen = function (CMeditor) { var $pad = $('#pad-iframe'); @@ -90,9 +93,9 @@ define([ //initialState: Messages.codeInitialState, userName: userName, websocketURL: Config.websocketURL, - channel: channel, - cryptKey: key, - crypto: Crypto, + channel: secret.channel, + //cryptKey: key, + crypto: Crypto.createEncryptor(secret.key), setMyID: setMyID, transformFunction: JsonOT.validate }; @@ -152,7 +155,7 @@ define([ createChangeName('cryptpad-changeName', $bar); $bar.find('#cryptpad-saveContent').click(exportText); - window.location.hash = info.channel + key; + window.location.hash = info.channel + secret.key; }; var updateUserList = function(shjson) { diff --git a/www/form/main.js b/www/form/main.js index 5c4bf93ab..034e45110 100644 --- a/www/form/main.js +++ b/www/form/main.js @@ -7,21 +7,13 @@ define([ 'json.sortify', '/form/ula.js', '/bower_components/chainpad-json-validator/json-ot.js', + '/common/cryptpad-common.js', '/bower_components/jquery/dist/jquery.min.js', '/customize/pad.js' -], function (Config, Realtime, Crypto, TextPatcher, Sortify, Formula, JsonOT) { +], function (Config, Realtime, Crypto, TextPatcher, Sortify, Formula, JsonOT, Cryptpad) { var $ = window.jQuery; - var key; - var channel = ''; - var hash = false; - if (!/#/.test(window.location.href)) { - key = Crypto.genKey(); - } else { - hash = window.location.hash.slice(1); - channel = hash.slice(0,32); - key = hash.slice(32); - } + var secret = Cryptpad.getSecrets(); var module = window.APP = { TextPatcher: TextPatcher, @@ -125,9 +117,8 @@ define([ initialState: Sortify(Map) || '{}', websocketURL: Config.websocketURL, userName: Crypto.rand64(8), - channel: channel, - cryptKey: key, - crypto: Crypto, + channel: secret.channel, + crypto: Crypto.createEncryptor(secret.key), transformFunction: JsonOT.validate }; @@ -142,7 +133,7 @@ define([ var onInit = config.onInit = function (info) { var realtime = module.realtime = info.realtime; - window.location.hash = info.channel + key; + window.location.hash = info.channel + secret.key; // create your patcher module.patchText = TextPatcher.create({ diff --git a/www/hack/main.js b/www/hack/main.js index 8318ebe1a..82a2b0f6e 100644 --- a/www/hack/main.js +++ b/www/hack/main.js @@ -3,44 +3,23 @@ define([ '/bower_components/chainpad-netflux/chainpad-netflux.js', '/bower_components/chainpad-crypto/crypto.js', '/bower_components/textpatcher/TextPatcher.amd.js', + '/common/cryptpad-common.js', '/bower_components/jquery/dist/jquery.min.js' -], function (Config, Realtime, Crypto, TextPatcher) { +], function (Config, Realtime, Crypto, TextPatcher, Cryptpad) { var $ = window.jQuery; - var key; - var channel = ''; - if (window.location.href.indexOf('#') === -1) { - key = Crypto.genKey(); - //window.location.href = window.location.href + '#' + Crypto.genKey(); - //return; - } else { - var hash = window.location.hash.substr(1); - channel = hash.substr(0,32); - key = hash.substr(32); - } + var secret = Cryptpad.getSecrets(); var $textarea = $('textarea'), $run = $('#run'); var module = {}; - /* - onRemote - onInit - onReady - onAbort - transformFunction - */ - - var userName = Crypto.rand64(8); - var config = { initialState: '', websocketURL: Config.websocketURL, - userName: userName, - channel: channel, - cryptKey: key, - crypto: Crypto, + channel: secret.channel, + crypto: Crypto.createEncryptor(secret.key), }; var initializing = true; @@ -50,7 +29,7 @@ define([ setEditable(false); var onInit = config.onInit = function (info) { - window.location.hash = info.channel + key; + window.location.hash = info.channel + secret.key; $(window).on('hashchange', function() { window.location.reload(); }); }; diff --git a/www/json/main.js b/www/json/main.js index 2e51631fc..aa6f58237 100644 --- a/www/json/main.js +++ b/www/json/main.js @@ -13,9 +13,9 @@ define([ var config = { websocketURL: Config.websocketURL, channel: secret.channel, - cryptKey: secret.key, + //cryptKey: secret.key, data: {}, - crypto: Crypto + crypto: Crypto.createEncryptor(secret.key) }; var module = window.APP = {}; diff --git a/www/pad/main.js b/www/pad/main.js index a36ce17ed..bc19c1862 100644 --- a/www/pad/main.js +++ b/www/pad/main.js @@ -209,8 +209,6 @@ define([ var applyHjson = function (shjson) { var userDocStateDom = hjsonToDom(JSON.parse(shjson)); - // we *might* be able to remove this now - // changes to hyperscript fixed this bug *maybe* --ansuz userDocStateDom.setAttribute("contenteditable", "true"); // lol wtf var patch = (DD).diff(inner, userDocStateDom); (DD).apply(inner, patch); @@ -238,14 +236,24 @@ define([ // method which allows us to get the id of the user setMyID: setMyID, - // Crypto object to avoid loading it twice in Cryptpad - crypto: Crypto, + // Pass in encrypt and decrypt methods + crypto: Crypto.createEncryptor(secret.key), // really basic operational transform transformFunction : JsonOT.validate, // cryptpad debug logging (default is 1) // logLevel: 0, + + validateContent: function (content) { + try { + JSON.parse(content); + return true; + } catch (e) { + console.log("Failed to parse, rejecting patch"); + return false; + } + } }; var updateUserList = function(shjson) { diff --git a/www/render/main.js b/www/render/main.js index 360775d17..d209bba40 100644 --- a/www/render/main.js +++ b/www/render/main.js @@ -4,28 +4,20 @@ define([ '/bower_components/chainpad-crypto/crypto.js', '/bower_components/marked/marked.min.js', '/bower_components/hyperjson/hyperjson.js', + '/common/cryptpad-common.js', //'/common/convert.js', '/bower_components/jquery/dist/jquery.min.js', '/bower_components/diff-dom/diffDOM.js', '/customize/pad.js' -], function (Config, Realtime, Crypto, Marked, Hyperjson) { +], function (Config, Realtime, Crypto, Marked, Hyperjson, Cryptpad) { var $ = window.jQuery; var DiffDom = window.diffDOM; - var key; - var channel = ''; - var hash = false; - if (!/#/.test(window.location.href)) { - key = Crypto.genKey(); - } else { - hash = window.location.hash.slice(1); - channel = hash.slice(0, 32); - key = hash.slice(32); - } + var secret = Cryptpad.getSecrets(); // set markdown rendering options :: strip html to prevent XSS Marked.setOptions({ - //sanitize: true + sanitize: true }); var module = window.APP = { }; @@ -34,9 +26,9 @@ define([ var config = { websocketURL: Config.websocketURL, - channel: channel, - cryptKey: key, - crypto: Crypto + channel: secret.channel, + //cryptKey: secret.key, + crypto: Crypto.createEncryptor(secret.key) }; var draw = window.draw = (function () { @@ -70,7 +62,7 @@ define([ var initializing = true; var onInit = config.onInit = function (info) { - window.location.hash = info.channel + key; + window.location.hash = info.channel + secret.key; module.realtime = info.realtime; }; diff --git a/www/style/main.js b/www/style/main.js index d68a6c8c6..c32d779c2 100644 --- a/www/style/main.js +++ b/www/style/main.js @@ -3,9 +3,10 @@ define([ '/bower_components/chainpad-netflux/chainpad-netflux.js', '/bower_components/chainpad-crypto/crypto.js', '/bower_components/textpatcher/TextPatcher.amd.js', + '/common/cryptpad-common.js', '/bower_components/jquery/dist/jquery.min.js', '/customize/pad.js' -], function (Config, Realtime, Crypto, TextPatcher) { +], function (Config, Realtime, Crypto, TextPatcher, Cryptpad) { // TODO consider adding support for less.js var $ = window.jQuery; @@ -14,21 +15,11 @@ define([ var module = window.APP = {}; - var key; - var channel = ''; - if (!/#/.test(window.location.href)) { - key = Crypto.genKey(); - } else { - var hash = window.location.hash.slice(1); - channel = hash.slice(0, 32); - key = hash.slice(32); - } - + var secret = Cryptpad.getSecrets(); var config = { websocketURL: Config.websocketURL, - channel: channel, - cryptKey: key, - crypto: Crypto, + channel: secret.channel, + crypto: Crypto.createEncryptor(secret.key), }; var userName = module.userName = config.userName = Crypto.rand64(8); @@ -49,7 +40,7 @@ define([ var initializing = true; var onInit = config.onInit = function (info) { - window.location.hash = info.channel + key; + window.location.hash = info.channel + secret.key; var realtime = module.realtime = info.realtime; module.patchText = TextPatcher.create({ realtime: realtime, diff --git a/www/text/main.js b/www/text/main.js index 077e997b4..18e8888b4 100644 --- a/www/text/main.js +++ b/www/text/main.js @@ -3,20 +3,13 @@ define([ '/bower_components/chainpad-netflux/chainpad-netflux.js', '/bower_components/chainpad-crypto/crypto.js', '/bower_components/textpatcher/TextPatcher.amd.js', + '/common/cryptpad-common.js', '/bower_components/jquery/dist/jquery.min.js', '/customize/pad.js' -], function (Config, Realtime, Crypto, TextPatcher) { +], function (Config, Realtime, Crypto, TextPatcher, Cryptpad) { var $ = window.jQuery; - var key; - var channel = ''; - if (window.location.href.indexOf('#') === -1) { - key = Crypto.genKey(); - } else { - var hash = window.location.hash.substr(1); - channel = hash.substr(0, 32); - key = hash.substr(32); - } + var secret = Cryptpad.getSecrets(); var module = window.APP = { TextPatcher: TextPatcher @@ -29,12 +22,9 @@ define([ var config = module.config = { initialState: '', - textarea: $textarea[0], websocketURL: Config.websocketURL, - userName: userName, - channel: channel, - cryptKey: key, - crypto: Crypto, + channel: secret.channel, + crypto: Crypto.createEncryptor(secret.key), }; var setEditable = function (bool) { $textarea.attr('disabled', !bool); }; @@ -43,7 +33,7 @@ define([ setEditable(false); var onInit = config.onInit = function (info) { - window.location.hash = info.channel + key; + window.location.hash = info.channel + secret.key; $(window).on('hashchange', function() { window.location.reload(); });