We've simplified; HTTPS_PROXY or https_proxy is used for all requests.
We also require that only our self-signed certificates are used for
secure traffic. That rules out all SSL-terminating MITM proxies, since
we don't trust their root certificate.
Once we're sure that this system works for people, we'll improve config
on MacOS and Windows.
We pull proxy settings from environment variables:
- HTTPS_PROXY for sending, profile pulls, and attachment download/upload
- WSS_PROXY for connecting to the websocket for receiving messages
- ALL_PROXY to provide one server for both
More details on our proxy handling:
- https://github.com/Rob--W/proxy-from-env#environment-variables
- https://github.com/TooTallNate/node-proxy-agent
This is the natural way of things for Linux. My understanding is that
most proxies on MacOS are system-wide and transparent, so it's not so
urgent. But Windows will likely require further UI for configuration.
Will need to do some testing with Windows users.
* Add support for Emoji 5
Update to latest emoji-datasource and emoji-js and switch to an up-to-date fork
of emoji-panel.
// FREEBIE
* Dark theme support for emoji-panel
Fixes#1763
// FREEBIE
* Add emoji button and popup panel
This integrates a simple third party emoji panel with a few css overrides to
correct some relative paths and colors.
The trickiest thing about this is ensuring we don't break the layout, which is
acheived through precise control over the panel's height, and prodigious calls
to updateMessageFieldSize.
// FREEBIE
* Don't close emoji panel on click, do close on send
To better facilitate multiple emoji entry.
// FREEBIE
* Make panel emojis bigger and higher resolution
// FREEBIE
* Move paperclip button to the right of the microphone
This makes our bottom-bar button arrangement more comfortable and consistent
with Android.
// FREEBIE
* Move emoji picker padding to inner container
* Insert emojis at cursor position
Don't just append to the end like a n00b! Also handle selected text correctly.
https://stackoverflow.com/questions/11076975
// FREEBIE
* A few visual tweaks to reduce visual complexity of emoji panel
- No gray buffer on the right side of the emoji panel
- No gray buffer between message compose text box and emoji window
- The scroll bar for the emojis is the same as our normal scrollbars
* Use node-fetch instead of xhr
* Remove XMLHttpRequest.js
// FREEBIE
* Avoid calling json() on non json responses
Previously we would catch and swallow JSON parsing errors resulting from an
empty response, though empty responses are normal from a few endpoints, like
requesting sms or voice registration codes.
Since the JSON parsing call is now handled internally by node-fetch, we have to
keep closer track of our expected response type to avoid throwing an exception.
// FREEBIE
This ensures that the signing certificate of any binary pulled down as
part of auto-update on Windows is in the CA chain (not self-signed) and
has the right publisherName. electron-updater also rejects any unsigned
binary when asked to check the publisherName.
FREEBIE
We can't run our tests in a standalone server anymore, so no need for
connect.
Similarly, sauce labs is no longer necessary because all of our tests
are run locally inside of Electron.
FREEBIE
- Logging is available in main process as well as renderer process, and
entries all go to one set of rotating files. Log entries in the
renderer process go to DevTools as well as the console. Entries from
the main process only show up in the console.
- We save three days of logs, one day per file in %userData%/logs
- The 'debug' object store is deleted in a new database migration
- Timestamps and level included in the new log we generate for publish
as well as the devtools
- The bunyan API is exposed via windows.log (providing the ability to
log at different levels, and save objects instead of just text), so we
can move our code to it over time.
FREEBIE
* Upgrade emoji deps and move to node_modules
Add support for Emoji 3.0 and switch from bower to yarn for managing emoji
dependencies.
// FREEBIE
* Delete old emoji deps
// FREEBIE
* Don't copy emoji on windows
It is no longer necessary since the symlinked image dir is gone.
// FREEBIE
* Update emoji test
// FREEBIE
* Fix emoji tests; remove all overrides of emoji-js functions
FREEBIE
* Update electron-builder and config, grunt-exec, and spellchecker
electron-builder is a major update: ^18.8.1 -> ^19.27.3
Fixes#1463, where we lose the user's decision to pin to taskbar
The other three are all minor changes, but it's generally good to stay
up to date.
FREEBIE
* Add category for our Linux build target
Fixes#1460, though the recommended list of categories doesn't seem to
match what is shown in Linux Mint. Hopefully it understands that
what was previously 'Networking' should now be 'Internet'
Standard list:
https://standards.freedesktop.org/menu-spec/latest/apa.html
FREEBIE
* Add StartupWMClass to .desktop file so GNOME can find running app
Fixes#1432
FREEBIE
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
These modules together allow us to import css files from third party
components without maintaining symlinks that essentially rename them as
sass partials, which doesn't work on windows.
// FREEBIE
Either icon-gen or local scaling of images was producing a corrupted and
glitchy .icns file. With this module, we need only provide a 1024px
image and it handles the scaling and generation of all other icon
assets.
// FREEBIE
