Commit graph

1637 commits

Author SHA1 Message Date
lilia
ac7c95fed0 Validate argument lengths in crypto.js
These functions accept an array buffer and extract an AES and MAC key
from it without verifying it has the appropriate length. Ciphertext
messages are similarly dissected. The slice function does not raise an
error on out of bounds accesses but instead returns an empty or
partially-filled array. Empty or short arrays will be passed through to
the window.crypto.subtle API, where they will raise an error. We should
not rely on the Web Crypto API to validate key lengths or for MAC checks
to fail. Instead, validate the lengths of given parameters before
extracting their components.

// FREEBIE
2015-10-27 13:58:23 -07:00
lilia
cb93ad4cff Avoid opening message-detail twice
Previously, clicking the timestamp on an error bubble would open two
message detail views.

// FREEBIE
2015-10-26 17:00:21 -07:00
lilia
ec6898f1ab Process incoming messages in order
This may increase processing latency a bit, particularly with large
attachments, but will ensure that messages are dispatched in the order
they are received.

It would be nice to enforce ordering on only the dispatch step, so that
we could, for example, decrypt the next websocket message while waiting
for an attachment to download, but that will require a more complicated
refactor. Will stick with the quick fix for now and revisit later.

Fixes #342

// FREEBIE
2015-10-26 14:18:24 -07:00
lilia
9b12d8a978 Reconnect provisioning socket
If the provisioning socket closes, reconnect and generate a new qr code.
Fixes #371

// FREEBIE
2015-10-23 18:33:07 -07:00
lilia
47befdbf61 Messages bubbles with errors are clickable
For messages with errors, clicking anywhere inside the bubble takes you
to the message detail view.

// FREEBIE
2015-10-23 17:43:51 -07:00
lilia
c79a917bbe Remove unused localStorage adapter
And remove various stray references to localStorage

// FREEBIE
2015-10-23 17:06:21 -07:00
lilia
ff3b23e452 Make sure group updates get emojified
Render group update content prior to processing emoji, so that emoji in
group titles get processed correctly.

Fixes #368

// FREEBIE
2015-10-23 16:04:40 -07:00
lilia
01e85b68ef Handle exceptions when fetching keys for devices
It's rare that we get in a state where we have a device record without a
session, but we should handle errors gracefully in that case. Catch them
and register them, except for identity key errors which are registered
in handleResult.

// FREEBIE

fixup error handling // FREEBIE
2015-10-23 15:53:20 -07:00
lilia
12276e691b Refactor contents of sendMessageProto
This function dynamically declares a bunch of functions which bind to
its input arguments. Instead, use a new prototypal class to define
these functions within the context of a particular message.

// FREEBIE
2015-10-23 15:53:20 -07:00
lilia
a2c7ac0df9 Serialize message sending per-recipient
Add a pendingMessages object to MessageSender. This object holds
one promise per recipient number. We init this promise with
Promise.resolve(), and chain on promises for message sending, replacing
the previous promise with the newly chained promise each time. If the
current promise resolves and finds that it is still the last promise
in the chain, it removes itself.
2015-10-23 15:53:19 -07:00
lilia
4970cbeaed Fix overlapping name and timestamp
In the conversation list, fix long conversation names overlapping with
the right-floated timestamps.

// FREEBIE
2015-10-23 15:47:32 -07:00
lilia
65231f4864 Shorten the search box
This keeps it the same width as the conversation list items.
Also make those overflow-y: scroll so that they are consistent
width, whether or not they are currently overflowing.

// FREEBIE
2015-10-23 15:44:03 -07:00
lilia
9be5efc571 Simplify keepalive resets
Websocket resources should have their keepalive timers reset whenever a
message comes in. This is a nicety that slightly reduces the amount of
traffic we send when actively messaging.

Previously this was handled by MessageReceiver, but it's a bit cleaner
to just have the WebsocketResource add an extra 'message' event handler.

// FREEBIE
2015-10-23 15:44:03 -07:00
lilia
5a8787f91a More small tweaks
Lighten last-message color for both read/unread states.
Keep bold font weight on last-message for unread state.
Bring timestamp inward a bit

// FREEBIE
2015-10-23 15:43:29 -07:00
Odysseas
cafbc0f5df Tweak conversation list style
Styled the conversation list items so that:
 - Timestamp is on the same line as the name
 - The message text on an unread conversation is ligher than the rest of
   the text

Resolves: #379
2015-10-24 00:43:51 +03:00
lilia
e68b84ad9a Fix saving TypeErrors
// FREEBIE
2015-10-22 10:12:34 -07:00
lilia
e842ade196 Slow your roll, socket status updates
Avoid a 1 sec flash of "Disconnected" if connection is dropped only
momentarily.

// FREEBIE
2015-10-22 10:12:34 -07:00
lilia
4b47833928 Make new-contact use cursor: pointer
// FREEBIE
2015-10-21 12:12:28 -07:00
lilia
2e32c7bbc3 Small refactor of attachment views
Bind the sub-view to some data when we initialize it, rather than
passing it in on render. That means the image view click handler will
only ever open the blob we bound it to, even if its src attr changes for
some reason, which should never happen, but if it does, it's nice to
guard against opening arbitrary urls found in the dom.

// FREEBIE
2015-10-21 10:52:20 -07:00
lilia
4a9fcc38df Use cursor: pointer on image attachments
Because clicking on an image now opens it in a new browser window.

// FREEBIE
2015-10-21 10:27:17 -07:00
Odysseas
49585c8c57 Add feature to open image attachments
Images that are attached to messages, either sent or received
can be opened in a new tab by clicking on them.

The previous approach that used Anchors to open the image
attachmets failed in various systems because:
 - Chrome on Windows recognised "blob" as protocol and tried
   to find an app for it
 - Chromium on Ubuntu didn't open a new window to load the URL

The new approach adds a "click" listener to the IMG element and
opens the link using window.open (which seems to be working globaly).

Resolves: #252
2015-10-21 10:26:14 -07:00
lilia
a32780d174 Mark delivered messages as sent
In rare cases, a race between delivery receipts and outgoing message
requests can cause the sent flag to be reversed. Fix by marking messages
sent at the same time they are marked delivered.

// FREEBIE
2015-10-20 18:57:24 -07:00
lilia
b65adc14dc Restyle debug log
Fixup for new layout and add a close button.

// FREEBIE
2015-10-20 14:24:11 -07:00
Deirdre Connolly
861bc416e6 Update attachment size limits to match mobile clients
Per WhisperSystems/TextSecure@8a1428e, bump GIF limit to 5MB, and
audio/video limit to 100MB. Update toast to notify in correct
human-readable units. The only kB size limit is for images, and will
trigger only if after scaling up to 4 times, the rescaled image did not
come in under the size limit without unacceptable quality loss.

Closes #354
2015-10-20 12:29:52 -07:00
lilia
b9b01330fe Move jquery from libtextsecure components
Jquery is not required by libtextsecure, but our test coverage tool,
blanket, depends on it.

// FREEBIE
2015-10-19 12:51:59 -07:00
lilia
bf81686c6e Remove gray background from message detail
// FREEBIE
2015-10-17 12:23:12 -07:00
lilia
f7452d2825 Conversation list style tweaks
List items are translucent normally, opaque grey/white when selected.

// FREEBIE
2015-10-17 12:07:53 -07:00
lilia
b0112e8c2e Remove unnecessary check in gruntfile
There's only one reference to the server url nowadays.

// FREEBIE
2015-10-16 18:19:25 -07:00
lilia
389b9a026d Initial restyle
Added background gradient and restyled conversation elements as floating
panels and cards.

// FREEBIE
2015-10-16 18:14:50 -07:00
lilia
ee393bfa03 Ensure that tokens get updated on initial save
// FREEBIE
2015-10-16 13:01:14 -07:00
lilia
2f8d973366 Restore native window chrome
// FREEBIE
2015-10-16 12:52:10 -07:00
lilia
82ce76265d Remove stray log statement
// FREEBIE
2015-10-16 12:32:06 -07:00
lilia
d864819364 Hide buttons for group creation, update, and leave
// FREEBIE
2015-10-16 11:17:49 -07:00
lilia
f70c22f898 Add search field to inbox
Using the search field produces a filtered view of all contacts and
groups containing the input. To make this fast and scalable, add an
index on a 'tokens' array containing words from the conversation name
and different forms of phone number.

Closes #365

// FREEBIE
2015-10-15 13:33:07 -07:00
lilia
7414828bb3 Disable keepalive tests
These are failing because MockSocket doesn't implement an EventTarget
interface like an actual WebSocket does, so we get an exception when
trying to call addEventListener on it. :(

// FREEBIE
2015-10-11 13:18:51 -07:00
lilia
81ebc5ffd7 Improve stack traces on HTTPErrors
Save stack even earlier, outside the promise.

// FREEBIE
2015-10-11 12:12:11 -07:00
lilia
c062fe3060 Automatically retry failed http requests
If we failed to reach the server, wait a second and try again up to 3
times.

// FREEBIE
2015-10-10 19:07:00 -07:00
lilia
a93b8cea72 Collapse multiple retry buttons
If you're going to retry one, you might as well retry everyone.

// FREEBIE
2015-10-10 16:59:52 -07:00
lilia
816a206892 Refactor sendMessageToDevices
Split into separate encrypt and transmit functions. Let the encryption
function also handle all wire formatting (ie, jsonification and base64
encoding), which simplifes TextSecureServer.sendMessages, removes a
TODO, and lets us save fewer params to make network errors replayable.

// FREEBIE
2015-10-10 16:36:30 -07:00
lilia
e9bc39bc56 Add parens and line breaks
// FREEBIE
2015-10-10 15:12:06 -07:00
lilia
b1c933ccd4 Don't show myself in the message detail contacts list
// FREEBIE
2015-10-08 06:13:36 -07:00
lilia
87d4f0d5d8 Fix non-disappearing resend button
The resend button should disappear once you've clicked it. This was not
happening because the message detail view held a cached copy of the old
message errors. Fix by re-reading the errors when we re-render.

// FREEBIE
2015-10-05 15:07:55 -07:00
lilia
0ff38e41c2 Let keepalive listen to socket events
Wait until the socket connects before starting the keepalive timer.
Automatically stop the keepalive when the socket is closed.

// FREEBIE
2015-10-05 15:05:24 -07:00
lilia
1345899253 Use reject instead of throw
This ensures that the containing promise is rejected without triggering
the side effects of an uncaught exception, such as causing the debugger
to pause.

// FREEBIE
2015-10-03 23:19:53 -07:00
lilia
a32f3ff1f6 More work on replayable errors
Expose a button that does that retries outgoing messages if possible.

// FREEBIE
2015-10-02 18:31:07 -07:00
lilia
bc0c9bd133 Remove attachment host string replace
This host is no longer hard coded anywhere.

// FREEBIE
2015-10-02 18:00:40 -07:00
lilia
69bbaac3b9 Fix conversation model test
// FREEBIE
2015-10-02 15:13:13 -07:00
lilia
5eabfa2559 Fix libtextsecure tests
// FREEBIE
2015-10-02 15:08:21 -07:00
lilia
5bf608598c Fix MessageSender prototype
// FREEBIE
2015-10-02 15:02:25 -07:00
lilia
b0da491025 Don't throw on unknown groups
// FREEBIE
2015-10-02 12:54:12 -07:00