Commit graph

3721 commits

Author SHA1 Message Date
Lilia
50c470e53d
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests

Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.

This protects us from MITM by a rogue CA.

As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.

// FREEBIE

* Make certificateAuthorities an option on requests

Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.

This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.

// FREEBIE

* Import node-based xhr implementation

Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.

In later commits this module will be extended to support custom certificate
authorities.

// FREEBIE

* Support "arraybuffer" responseType on requests

When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.

Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.

Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.

// FREEBIE

* Switch to self-signed server endpoint

* Log more error info on failed requests

With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.

// FREEBIE

* Add node-based websocket w/ support for custom CA

// FREEBIE

* Support handling array buffers instead of blobs

Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.

// FREEBIE

* Destroy all wacky server ports

// FREEBIE
2017-09-14 17:03:17 -07:00
Scott Nonnenberg
7a2c8e815c
Import: Wait until db writes resolve before saying we're done (#1401)
FREEBIE
2017-09-14 17:03:17 -07:00
Scott Nonnenberg
9a2587eaca
v1.0.22
Rebased on v0.42.7

FREEBIE
2017-09-14 17:03:17 -07:00
Scott Nonnenberg
44d8c8a06c
v1.0.21
Rebased on v0.42.6 -> migration branch

FREEBIE
2017-09-14 17:03:17 -07:00
Scott Nonnenberg
5099ca0ccd
Merge locale-provided strings into english for failover support
FREEBIE
2017-09-14 17:03:17 -07:00
Scott Nonnenberg
270f626cd7
Add lodash for server-side utility functions
FREEBIE
2017-09-14 17:03:17 -07:00
Scott Nonnenberg
e8c7e31363
Multi-error, multi-language, and cross-platform spell-check
FREEBIE
2017-09-14 17:03:17 -07:00
Scott Nonnenberg
122719688a
Add os-locale to reliably get xx-XX style locale on all OSes
FREEBIE
2017-09-14 17:03:17 -07:00
Scott Nonnenberg
51768a16c4
Add semver and spellchecker directly, remove electron-provider
FREEBIE
2017-09-14 17:03:17 -07:00
lilia
ff1bad674e
Fix exception in install view
These lines throw TypeErrors for previously registered clients.

// FREEBIE
2017-09-14 17:03:17 -07:00
Scott Nonnenberg
ac237b9e31
AppView: Store initialLoadComplete value for late openInbox
FREEBIE
2017-09-14 17:03:17 -07:00
Scott Nonnenberg
082919abd1
Copy emoji from components to images directory for asar creation
FREEBIE
2017-09-14 17:03:16 -07:00
Scott Nonnenberg
106626ae11
v1.0.20
Electron branch currently rebased on top of v0.42.1.

FREEBIE
2017-09-14 17:03:16 -07:00
Scott Nonnenberg
90cc0949b6
InstallView: Refactor step numbers into enum
FREEBIE
2017-09-14 17:03:16 -07:00
Scott Nonnenberg
0416d2162c
Tune the import error message: suggest re-export, debug log link
FREEBIE
2017-09-14 17:03:16 -07:00
Scott Nonnenberg
7f8ade7747
Remove migration-related functionality, leaving export stuff
FREEBIE
2017-09-14 17:03:14 -07:00
Scott Nonnenberg
413fba80af
Separate dir selection from import, better import button text
This allows us to show the 'import in progress' screen only when the
user has successfully selected a directory.

FREEBIE
2017-09-14 17:02:46 -07:00
Scott Nonnenberg
0fbe43c2dc
Protobufs: More logging on failure to load protobufs, fix tests
FREEBIE
2017-09-14 17:02:45 -07:00
Scott Nonnenberg
ff1cb3598d
Remove step 1 of previous setup flow, replaced by choice screen
FREEBIE
2017-09-14 17:02:45 -07:00
Scott Nonnenberg
ba347744ff
Import: choice on first startup, workflow, ported to Node.js fs API
FREEBIE
2017-09-14 17:02:43 -07:00
Scott Nonnenberg
9c8fe1a9d8
Reschedule all timers on time travel, set interval back to 1000ms
FREEBIE
2017-09-14 16:53:53 -07:00
Scott Nonnenberg
bc437095f6
Calm time travel checks, don't continually reschedule key rotation
FREEBIE
2017-09-14 16:53:53 -07:00
Scott Nonnenberg
f37af04818
AppView.createInbox() - set this.inboxView immediately to be ready
If the 'empty' event is fired between the updateInbox() call and the
new InboxView() call afterwards, then the loading screen will never go
away. We fix that by immediately creating the InboxView but only adding
it to the DOM when the backing data is ready.

FREEBIE
2017-09-14 16:53:53 -07:00
Scott Nonnenberg
e441a662f0
Bump version to 1.0.19
FREEBIE
2017-09-14 16:53:52 -07:00
Scott Nonnenberg
eaf31705cc
A number of fixes for loading screen, recent rebase
FREEBIE
2017-09-14 16:53:52 -07:00
lilia
854374dc7c
Remove the old debug log menu item 2017-09-14 16:53:52 -07:00
lilia
11633d7d87
Make debug log available from the installer
Move debug log from inbox view to app view so it can be opened regardless of
whether we are showing the inbox view or the installer.

// FREEBIE
2017-09-14 16:53:52 -07:00
lilia
04e40043d2
Add View -> Debug Log to menu bar
Just send an event from the main process to the renderer,
The latter routes it the appropriate view method.

For now it's a no-op unless the main window exists and it is showing the inbox,
which will be addressed in a future commit.

// FREEBIE
2017-09-14 16:53:52 -07:00
Scott Nonnenberg
8243f25e5a
Fix auto-update dialog now that locale-loading has been changed
FREEBIE
2017-09-14 16:53:52 -07:00
Scott Nonnenberg
b62fdd1b36
Bump version to 1.0.18
FREEBIE
2017-09-14 16:53:52 -07:00
Scott Nonnenberg
bd3b8ae9f8
Note how many debug logs we have after we load them from DB
FREEBIE
2017-09-14 16:53:52 -07:00
Scott Nonnenberg
63e41612b7
Remove spellchecking on the debug log field - causes big slowdown
FREEBIE
2017-09-14 16:53:52 -07:00
Scott Nonnenberg
87a1fcc406
Fix trimming of debug log: remove first, use proper iteration var
FREEBIE
2017-09-14 16:53:52 -07:00
Scott Nonnenberg
80fd70de13
Don't show 'new update available' dialog if it's already showing
FREEBIE
2017-09-14 16:53:52 -07:00
Scott Nonnenberg
f9c4342fc2
Remove questions from aptly.sh - they interrupted automated scripts 2017-09-14 16:53:52 -07:00
Scott Nonnenberg
476fe13e89
Bump version to 1.0.17
FREEBIE
2017-09-14 16:53:52 -07:00
Scott Nonnenberg
51198318e9
Bump version to 1.0.16
FREEBIE
2017-09-14 16:53:52 -07:00
Scott Nonnenberg
e4ceb21002
Use two interations instead of while loop for trimming log
FREEBIE
2017-09-14 16:53:51 -07:00
Scott Nonnenberg
53d1e7e6c7
Load locale information only after application's 'ready' event
FREEBIE
2017-09-14 16:53:51 -07:00
Scott Nonnenberg
5526958c52
manifest.css catch-up
FREEBIE
2017-09-14 16:53:51 -07:00
Scott Nonnenberg
46221677d7
Bump version to v1.0.15
FREEBIE
2017-09-14 16:53:51 -07:00
Scott Nonnenberg
c1dd858922
Fix warning icon in message detail page - use relative path
FREEBIE
2017-09-14 16:53:51 -07:00
Scott Nonnenberg
2261305e8f
Appveyor: Add some logging to help track down flakiness
FREEBIE
2017-09-14 16:53:51 -07:00
Scott Nonnenberg
b79aa6a75f
Bump version to 1.0.14
FREEBIE
2017-09-14 16:53:51 -07:00
lilia
02df917f3a
Fix $name$ in confirmation dialogs
Our i18n shim supports multiple substitutions if you give it an array of strings
to use as replacements.

// FREEBIE
2017-09-14 16:53:51 -07:00
David Balatero
a6af40e9f9
Couple of semicolons to match style 2017-09-14 16:53:51 -07:00
David Balatero
8f30e13ec1
Rename autoupdate -> auto_update, remove redundancy 2017-09-14 16:53:51 -07:00
David Balatero
ceaff68d55
Refactor locale to only expose the data we care about 2017-09-14 16:53:51 -07:00
David Balatero
5e5ca80a6e
Refactor configuration out into reusable files 2017-09-14 16:53:51 -07:00
David Balatero
ed831dacd0
Refactor external source files to live in app/ 2017-09-14 16:53:50 -07:00