Commit graph

440 commits

Author SHA1 Message Date
Ken Powers
980862768b Linkify URLs containing @ 2020-04-29 17:42:41 -07:00
Scott Nonnenberg
aaa91c441b Ensure old attachments with .id field only are handled 2020-04-29 17:42:41 -07:00
Ehren Kret
a0e9791623 Add support for receiving attachments from CDN 2 2020-04-29 17:42:41 -07:00
Scott Nonnenberg
6b094e1514 Refactor: Move data-access code to Typescript w/ shared interface 2020-04-15 14:45:11 -07:00
Scott Nonnenberg
9ab54b9b83 Move web_api.js and js/modules/crypto.js to TypeScript 2020-04-15 14:44:51 -07:00
Scott Nonnenberg
71436d18e2 Include sender in group update notifications 2020-04-15 14:44:46 -07:00
Ken Powers
a1270867ff Debug Logs: gzip before upload 2020-03-24 17:03:22 -07:00
Ken Powers
37ad95af27 Passive UUID fixes 2020-03-24 17:03:22 -07:00
Scott Nonnenberg
8d6cba1b43 Eliminate remaining Electron 8 deprecations
* Change systemPreferences.isDarkMode() to nativeTheme.shouldUseDarkColors

* Remove vibrancy parameter to BrowserWindow

* Update curve25519-n; removes context-aware deprecation warning

* Set app.allowRendererProcessReuse = true to remove warning

* Move from deprecated setters to direct property set

* Serialized sender certificates: Store less, store plain object

* isMenuBarAutoHide -> autoHideMenuBar

* UUID: Fix sealed sender indicator on message details screen

* Data._cleanData: Remove function keys, handle null in array

Also:
- run _cleanData when saving attachment download jobs
- remove job from jobs table when the send itself throws error

* _cleanData: Don't dig into strings, booleans, or numbers

* getPropsForMessageDetail: Make it clear what we're reducing

Co-authored-by: Ken Powers <ken@signal.org>
2020-03-24 17:03:01 -07:00
Ken Powers
a90246cbe5 Passive UUID support
Co-authored-by: Scott Nonnenberg <scott@signal.org>
2020-03-24 16:59:35 -07:00
Scott Nonnenberg
a840e2e5b1 Remove legacy import flow 2020-03-04 17:12:56 -08:00
Josh Perez
60773d28d5
Fix new sticker pack keys 2020-02-24 17:03:55 -08:00
Ken Powers
8d9ccd3c0a
Ensure proper file permissions on startup
Co-authored-by: Scott Nonnenberg <scott@signal.org>
2020-02-21 15:40:04 -08:00
Josh Perez
6b56dd4ce0
Move registration from redux selectors to util 2020-02-21 15:08:21 -08:00
Ken Powers
f0028a5cfe Don't linkify invalid URLs 2020-02-19 15:22:37 -08:00
Josh Perez
1881fa5fa5
Add swoon sticker packs as blessed and known
* Add swoon sticker packs as blessed and known
* Do not install blessed packs by default
2020-02-18 14:36:59 -08:00
Josh Perez
0843f569a0
Adds additional logging to boot path 2020-02-18 10:48:58 -08:00
Josh Perez
18fd44f504
Move all status/alert dialogs into the Left Pane 2020-02-12 13:30:58 -08:00
Scott Nonnenberg
3938eb9801
A set of fixes and upgrades
* writeToDownloads: Add missing await
* Remove window.isFocused() - not used anywhere!
* Update typescript, p-queue, make necessary changes to fix build
* Slow down sender certificate retries with no existing cert
* Slow down signed prekey refreshes when unlinked - 5s -> 5m
* Update protobufjs to 4.1.2
2020-02-07 14:37:04 -05:00
Scott Nonnenberg
a271fe0eee Add version number to user-agent header on outgoing requests 2020-01-16 21:36:14 -08:00
Scott Nonnenberg
be6ae038dc Ensure sender cert refresh timer resets only when necessary 2020-01-16 21:36:14 -08:00
Ken Powers
8dbbde6790 Partial Revert "Conversation: Wait for database fetch to add incoming messages"
This partially reverts commit bce711c36dfdb3eefda59a10aabe71058b3e40a2.
2020-01-16 08:34:31 -08:00
Scott Nonnenberg
55eff02872 Reintroduce file chooser dialog for every attachment save 2020-01-15 17:23:02 -05:00
Scott Nonnenberg
1bf9ca7233 Save attachments with macOS quarantine attribute
* Attachments: Always save file to downloads directory, show toast
* Add new build:dev command for casual builds
2020-01-09 14:57:43 -05:00
Scott Nonnenberg
3e5071e340 Conversation: Wait for database fetch to add incoming messages 2020-01-09 09:43:47 -05:00
Ken Powers
0d3b390129 Upgrade Prettier 2020-01-08 09:44:54 -08:00
Ken Powers
fe65fd3eaa Sticker creator updates: new 200 sticker max, WebP supported 2019-12-19 15:27:02 -08:00
Scott Nonnenberg
f5be32ba14 Simplify linkification filter - check for ASCII/non-ASCII only 2019-12-18 14:45:11 -05:00
Ken Powers
11d47a8eb9 Sticker Creator 2019-12-17 12:28:46 -08:00
Scott Nonnenberg
2df1ba6e61 Introduce two built-in sticker packs: Zozo and Bandit 2019-12-17 12:28:46 -08:00
Scott Nonnenberg
e9f08c3da9 Bugfixes for v1.29
* If focus was set to document.body during archive, focus left pane
* Shortcut Guide: Add space between text and shortcut highlight
* Ensure that draft attachment can be closed with click on X button
* Move to keyDown event for user idle checking
* Additional resiliency around avatars; check for them on on-disk
* Increase timeouts to preserve websocket connection
* On startup, be resilient to malformed JSON in log files
* Don't crash if shell.openExternal returns an error
* Whenever we request a contact/group sync, also request block list
* Avatar popup: Ensure styling is mouse- and keyboard-appropriate
* MainHeader: Create popperRoot on demand, not on mount
* CompositionInput: Disable default Ctrl-/ shortcut
* Update libphonenumber
2019-12-03 15:02:50 -05:00
Scott Nonnenberg
bb02fa3a7e Prevent conversation up/down when showing search results 2019-11-15 14:34:24 -08:00
Scott Nonnenberg
20a892247f Keyboard shortcuts and accessibility 2019-11-13 16:53:42 -08:00
Scott Nonnenberg
8590a047c7 Change domain for sharing sticker packs 2019-11-13 19:12:36 -05:00
Ken Powers
8659f1dd23 Fix a number of emoji bugs in message composer 2019-10-31 12:32:10 -07:00
Scott Nonnenberg
0c09f9620f Improve message download performance 2019-10-10 14:56:14 -07:00
Scott Nonnenberg
7ab2d9acc6 Video Thumbnails: Seek to 1s mark in video before capture 2019-09-24 13:43:08 -07:00
Scott Nonnenberg
b77246a7e0 When SQLITE_CORRUPT error happens, immediately restart the app 2019-09-24 13:43:08 -07:00
Scott Nonnenberg
3719724337 Prevent multiple instances of same background attachment job 2019-09-18 16:08:46 -07:00
Scott Nonnenberg
1ab844674a Ensure out-of-band attachment updates make new top-level objects 2019-09-03 20:07:47 -04:00
Scott Nonnenberg
936768d9c1 Recalculate message height when pending sticker is loaded 2019-08-22 15:41:55 -07:00
Scott Nonnenberg
c39d5a811a Full-text search within conversation 2019-08-21 14:52:30 -07:00
Scott Nonnenberg
9d4f2afa5a Persist drafts 2019-08-21 14:52:30 -07:00
Scott Nonnenberg
5ebd8bc690 Virtualize Messages List - only render what's visible 2019-08-21 14:52:30 -07:00
Scott Nonnenberg
a976cfe6b6 Time out faster for IndexedDB existence checks 2019-08-21 14:52:30 -07:00
Scott Nonnenberg
d42eb2126e Changes to View Once 2019-08-05 16:23:47 -07:00
Ken Powers
6c0365a770 One emoji image set for picker, composition, message bubble 2019-07-25 09:28:44 -07:00
Ken Powers
7b645011c2 New composition area with emoji typeahead 2019-07-17 11:29:51 -07:00
Scott Nonnenberg
e62a1a7812 Receive support for View Once photos 2019-07-17 11:29:51 -07:00
Disconnect3d
fa4b2d412f Fix SUPPORTED_MEDIA_DOMAINS regex whitelist (#3459)
The `SUPPORTED_MEDIA_DOMAINS` regex whitelist, used to check if media link comes from trusted hosts is invalid. It does not expose a security risk or I couldn't find an example for such as of now, but if someone would add a subdomain host to it using the same pattern, it would.

A counter example below:
```js
const SUPPORTED_MEDIA_DOMAINS = /^([^.]+\.)*(ytimg.com|cdninstagram.com|redd.it|imgur.com|fbcdn.net|pinimg.com)$/i;

console.log('Testing redd.it: ' + SUPPORTED_MEDIA_DOMAINS.test('redd.it'));
console.log('Testing reddjit: ' + SUPPORTED_MEDIA_DOMAINS.test('reddjit'));
```

Output:
```
$ node example.js
Testing redd.it: true
Testing reddjit: true
```

---

To be more clear, if someone would extend the regex in the future with e.g. `media.redd.it`, an attacker would be able to create a `mediaXredd.it` domain and bypass the whitelist.

---

A visualisation of the incorrect regex can be found on https://regexper.com/#%5E%28%5B%5E.%5D%2B%5C.%29*%28ytimg.com%7Ccdninstagram.com%7Credd.it%7Cimgur.com%7Cfbcdn.net%7Cpinimg.com%29%24

The issue has been found with LGTM: b626ef0b64/files/js/modules/link_previews.js (xdabadfc2bf20f0c3):1
2019-07-16 13:28:16 -07:00
Scott Nonnenberg
569acb091c Migrate from IndexedDB before doing new version checks 2019-06-27 15:21:08 -07:00
Scott Nonnenberg
cc4886caa5 Ensure only one active attachment download setTimeout 2019-06-24 13:39:37 -07:00
Scott Nonnenberg
ab2cc6ee53 Properly download new group avatars 2019-06-24 14:51:33 -04:00
Scott Nonnenberg
102b93241c Only preload emoji after the window is fully loaded 2019-06-20 17:48:54 -07:00
Scott Nonnenberg
9fd867fdd1 Support new 'requiredProtocolVersion' in DataMessage
* Add new requiredProtocolVersion field to DataMessage

* Message.requiredProtocolVersion, warning if version mot supported

* Update strings; limit width; new left pane preview text
2019-06-10 17:40:02 -04:00
Ken Powers
a934759e66 Maintain last-known cursor position for inserting emojis 2019-05-30 16:37:28 -07:00
Scott Nonnenberg
b221dcff5a Only use attemptedStatus on re-download if it is 'installed' 2019-05-30 12:43:18 -07:00
Ken Powers
be5d0837f8 Support additional sticker states
Co-authored-by: scott@signal.org
Co-authored-by: ken@signal.org
2019-05-29 11:01:32 -07:00
Scott Nonnenberg
41880cfe66 Add some logging for debug log upload 2019-05-28 17:24:28 -07:00
Ken Powers
0e9d549cf3 Fuzzy-Searchable Emoji Picker 2019-05-24 17:03:13 -07:00
Ken Powers
29de50c12a Stickers
Co-authored-by: scott@signal.org
Co-authored-by: ken@signal.org
2019-05-16 16:10:37 -07:00
Scott Nonnenberg
26a3342d2a Padded attachments, attachments v2
* Handle incoming padded attachments
* Attachments v2 - multipart form POST, and direct CDN GET access
* Pad outgoing attachments before encryption (disabled for now)
2019-05-16 15:43:29 -07:00
Michael Walker
4a8e0bd466 Add pinterest domain and asset domains for link preview support
Co-authored-by: ken@signal.org
Co-authored-by: @cmswalker
2019-05-16 15:43:29 -07:00
Scott Nonnenberg
74cb808763 New MessageController as the single place for in-memory messages 2019-04-04 17:17:19 -07:00
Scott Nonnenberg
8c4d90df07 Send long text as an attachment instead of inline
Remove Android length warning

Handle incoming long message attachments

Show long download pending status in message bubble

Fix the width of the smallest spinner

Remove Android length warning from HTML templates
2019-03-14 17:30:46 -07:00
Scott Nonnenberg
b3ac1373fa Move left pane entirely to React 2019-03-12 17:44:14 -07:00
Scott Nonnenberg
fbda313d09 Add job details to attachment download log warning 2019-03-12 17:44:14 -07:00
Scott Nonnenberg
ae161c6cf6 Update to Electron 4.x 2019-03-12 17:44:14 -07:00
Scott Nonnenberg
ae2db9f09a Improve handling for URLs composed of mixed character sets 2019-03-12 17:44:14 -07:00
Scott Nonnenberg
3917ab940e web_api: Fix caching of https.agent objects between requests 2019-02-20 16:51:30 -08:00
Scott Nonnenberg
3fb6ab295f Debug log optimizations and improvements 2019-02-20 16:51:30 -08:00
Scott Nonnenberg
d4eacda649 Disable import/export outside of test mode; not currently used 2019-02-20 16:51:30 -08:00
Scott Nonnenberg
28f96fe893 Ensure that we capture sender even if thrown error is falsey 2019-02-13 16:04:58 -08:00
Scott Nonnenberg
5b54c9554e Remove groups table, conversation is single source of truth 2019-02-13 16:04:58 -08:00
Scott Nonnenberg
041fe4be05 Remove JSON column and Backbone Model for unprocessed 2019-02-13 16:04:58 -08:00
Scott Nonnenberg
9c540ab977 Add cache support to Signal Protocol Store 2019-02-13 16:04:58 -08:00
Scott Nonnenberg
1d2c3ae23c Download attachments in separate queue from message processing 2019-02-12 16:34:21 -08:00
Scott Nonnenberg
858c7e629f Fine-tune linkification technique for link previews 2019-02-11 18:32:05 -08:00
Scott Nonnenberg
0d7480bd92 A number of small fixes for Link Previews 2019-02-05 13:55:55 -08:00
Scott Nonnenberg
92c071e083 Use the proper method for pulling attachments off disk for retry 2019-01-29 16:08:03 -08:00
Scott Nonnenberg
813924685e Link Previews 2019-01-29 13:53:14 -08:00
Scott Nonnenberg
43e5d16020 Support for web socket communication with no signaling key 2019-01-14 10:32:12 -08:00
Scott Nonnenberg
985b1d6aa6 New staged attachments UI, multiple image attachments per message 2019-01-04 12:21:26 -08:00
Scott Nonnenberg
e4babdaef0 Updates to backup infrastructure 2019-01-04 12:21:26 -08:00
Scott Nonnenberg
47f834cf5c Encrypt device name on account create, on first launch if needed 2019-01-04 12:21:26 -08:00
Scott Nonnenberg
313d08344a Request configuration sync on startup of new version 2018-11-28 12:35:26 -08:00
Scott Nonnenberg
70eed938d9 Store arrayBuffers in database for remote identity keys 2018-11-26 16:22:49 -08:00
Scott Nonnenberg
79a861a870 Typing Indicators 2018-11-26 15:26:04 -08:00
Scott Nonnenberg
a780fa3bab Fix reference to nonexistent variable 2018-11-14 15:25:03 -08:00
Scott Nonnenberg
55c3d9371e Bump sender certificate timer after registration for re-link 2018-11-13 09:44:30 -08:00
Scott Nonnenberg
6300256a3e Gracefully shut down database operations before app exit 2018-11-12 15:31:17 -08:00
Scott Nonnenberg
c5f9fae444 A few small bugfixes 2018-11-12 15:31:17 -08:00
Scott Nonnenberg
2d48daa7b6 Refine Sealed Sender behaviors 2018-11-07 16:34:20 -08:00
Scott Nonnenberg
fb670ad6b9 Remove IndexedDB files after removing IndexedDB database 2018-11-01 17:00:24 -07:00
Scott Nonnenberg
9f647f00d8 A couple fixes for the data layer, legacy message upgrade/migrate 2018-11-01 17:00:24 -07:00
Scott Nonnenberg
41dd78c073 On fetch of profileAvatar, set it to convo's profileAvatar field 2018-10-31 19:13:08 -07:00
Scott Nonnenberg
6628b73911 Only show database log entries if task takes longer than 10ms 2018-10-31 17:36:51 -07:00
Scott Nonnenberg
1755e0adfd Move all remaining stores to SQLCipher 2018-10-31 17:36:51 -07:00
Scott Nonnenberg
7aa9031c7f Import: Be resilient to deletions from importObject 2018-10-31 09:44:18 -07:00
Scott Nonnenberg
a7d78c0e9b Sealed Sender support
https://signal.org/blog/sealed-sender/
2018-10-29 14:49:18 -07:00
Scott Nonnenberg
2060118e85 Remove messages/conversations/unprocessed IndexedDB object stores 2018-10-26 14:58:33 -07:00
Scott Nonnenberg
e39c999932 Import: Properly handle import with all empty non-convo stores 2018-10-26 10:52:38 -07:00
Scott Nonnenberg
1e562c8293 Properly handle avatar changes in group update messages 2018-10-24 11:31:01 -07:00
Scott Nonnenberg
7532f397ea Keep object stores after conversations migrate to SQLCipher 2018-10-15 12:24:43 -07:00
Scott Nonnenberg
8edfbdcee5 Longer timeout for orphaned file cleanup 2018-10-15 11:57:00 -07:00
Scott Nonnenberg
ca61c9cb85 Warnings for dangerous files 2018-10-09 13:48:32 -07:00
Scott Nonnenberg
f38410976d Delete conversation external files on deletion 2018-10-01 18:18:37 -07:00
Scott Nonnenberg
2cfbfe477a Better handle large numbers of messages in cache on startup 2018-10-01 18:18:37 -07:00
Scott Nonnenberg
a8e12d0771 Add user's avatar to the top left of the screen 2018-10-01 18:18:37 -07:00
Scott Nonnenberg
cd60bdd08a Move conversations to SQLCipher 2018-10-01 18:18:37 -07:00
Scott Nonnenberg
d0c4152d99 backup.js: Remove references to nonexistent i18n strings 2018-09-05 14:17:38 -07:00
Scott Nonnenberg
57d13dad57 data/removeMessage: no need for additional model instantiation 2018-08-16 17:39:30 -07:00
Scott Nonnenberg
02fbea96c0 Move base64 conversions off of the main thread 2018-08-16 17:39:30 -07:00
Scott Nonnenberg
911bc63c67 Move all arrayBuffer<->base64 functions to be async 2018-08-16 17:01:32 -07:00
Scott Nonnenberg
9f920aa35b Re-enable orphaned attachment cleanup 2018-08-15 17:45:24 -07:00
Scott Nonnenberg
fedfbed304 Copy quoted message contents into quote on receipt
Also:
  - visually distinguish any reference we couldn't verify on receipt
  - show toast on quote click if we can't scroll to message
  - toast visuals redesigned to match rest of app
2018-08-15 14:58:55 -07:00
Scott Nonnenberg
516a729a45 Additional logging for sql commands in debug mode 2018-08-10 13:13:25 -07:00
Scott Nonnenberg
7983300f4a Use base64 strings for incoming message cache instead of binary 2018-08-10 13:13:25 -07:00
Scott Nonnenberg
8c8475076b Data layer: return null if id not in database, not empty model 2018-08-09 16:09:41 -07:00
Scott Nonnenberg
c88df69094 New SQL indices and query tweaks to eliminate table scans
Also: New logging on client side to track performance of db queries
2018-08-09 10:11:12 -07:00
Scott Nonnenberg
e086d521f1 Increase the timeout for database updates 2018-08-09 10:11:12 -07:00
Scott Nonnenberg
727925a266 Clean up old messages, better handle errors from sending 2018-08-07 18:29:33 -07:00
Scott Nonnenberg
6e193456f9 Eliminate orphaned external message files on startup
Attachments, visual attachment thumbnails, video attachment screenshots
Quote thumbnails
Contact avatars
2018-08-06 18:08:10 -07:00
Scott Nonnenberg
44dec45995 Ensure that all messages in cache are migrated properly 2018-08-06 18:08:10 -07:00
Scott Nonnenberg
a01db40e27 Ensure that a SQL command timeout results in an error 2018-08-06 18:08:10 -07:00
Scott Nonnenberg
22613c8cc4 Set disappearing check timer reliably - on all message saves 2018-08-02 22:31:27 -07:00
Scott Nonnenberg
3961778e53 Fixes for Chrome app import in this new SQLCipher world 2018-08-02 17:32:51 -07:00
Scott Nonnenberg
1d7987108b Show and log progress during the SQLCipher migration 2018-08-02 17:25:51 -07:00
Scott Nonnenberg
b1c6a5fe19 When updating message schema pre-SQLCipher, use legacy save 2018-08-01 12:38:48 -07:00
Scott Nonnenberg
0d13d437fe Delete before forced bulk insert to fix broken migrations 2018-07-31 19:52:10 -07:00
Scott Nonnenberg
3105b77475 Migrate to SQLCipher for messages/cache
Quite a few other fixes, including:
  - Sending to contact with no avatar yet (not synced from mobile)
  - Left pane doesn't update quickly or at all on new message
  - Left pane doesn't show sent or error status

Also:
 - Contributing.md: Ensure set of linux dev dependencies is complete
2018-07-31 17:08:45 -07:00
Scott Nonnenberg
02675312c5 Introduce mandatary migration on startup, to minimum version 2018-07-27 10:55:10 -07:00
Scott Nonnenberg
f39a96bc76 Move to centralized message/cache data layer
Also, ensure that conversation.messageCollection has nothing in it
unless it has an associated ConversationView.
2018-07-27 10:55:10 -07:00
Scott Nonnenberg
34231168a7 On message delete, ensure that all external files are deleted 2018-07-27 09:15:57 -07:00
Scott Nonnenberg
573a26021b file_input_view: Use makeVideoThumbnail on attach of video 2018-07-21 14:52:43 -07:00
Scott Nonnenberg
5933a34a18 Use window.log in browser context, turn on console eslint rule 2018-07-21 14:52:43 -07:00
Scott Nonnenberg
cea38b7bc4 Log clear error if we fail to retrieve debug log upload key 2018-07-19 11:07:36 -07:00
Scott Nonnenberg
2ef2235317 Show error if debug log upload fails 2018-07-19 10:21:53 -07:00
Scott Nonnenberg
4ca674edb2 Remove User-Agent from form to upload debug log 2018-07-19 09:15:57 -07:00
Scott Nonnenberg
b159a8d7c7 Update the user agent for debug log requests 2018-07-18 20:00:10 -07:00
Scott Nonnenberg
675e34fc8d New React component: ConversationListItem, installed in left pane
When collecting a conversation's last message, we grab that message's
status as well (if outgoing) and show it.
2018-07-17 20:25:55 -07:00
Scott Nonnenberg
3c69886320 Finish new Message component, integrate into application
Also:
- New schema version 8 with video/image thumbnails, screenshots, sizes
- Upgrade messages not at current schema version when loading messages
  to show in conversation
- New MessageDetail react component
- New ConversationHeader react component
2018-07-17 15:58:07 -07:00
Scott Nonnenberg
dc11db92f9 New React component: Message
Also: Use react to render contects on the 'show group members' screen
2018-07-17 15:53:33 -07:00
Scott Nonnenberg
ad4387803b New media permission, show dialog when not enabled for voice msg
UI now in separate renderer:
  - the permissions popup
  - settings dialog
  - debug log dialog
  - about window

Couple bug fixes:
  - About Window: Fix 'escape' to close window
  - Remove outdated dist/copy tasks from Gruntfile

Eslintified settings_view.js
2018-07-03 16:04:21 -07:00
Scott Nonnenberg
125c3fafa8
Idle detector: Fix bug preventing it from ever turning off (#2487) 2018-07-03 15:02:58 -07:00
Scott Nonnenberg
8eeaad8e18 Remove unused export/import functionality 2018-06-21 11:54:01 -07:00
Scott Nonnenberg
f3bd0cf903 Refactor api.js into web_api, which encapsulates all web access 2018-05-31 13:25:45 -07:00
Scott Nonnenberg
34f423b52c Remove unused code; move signal.js to js/modules for eslint
(noticed as I was doing this that signal.js doesn't get eslint coverage)
2018-05-23 16:26:48 -07:00
Scott Nonnenberg
e2d044e02b Filter file scheme; disable http, https and ftp entirely 2018-05-23 16:26:40 -07:00
Scott Nonnenberg
80b069e9b6 Move phone number format/parse into ts/types/PhoneNumber 2018-05-10 11:54:58 -07:00