Encrypt attachments in encrypted rooms, #533
Conversation
…n displaying them
|
Can one of the admins verify this patch? |
|
@matrixbot test this please |
| } | ||
| }, | ||
|
|
||
| decryptFile: function(file) { |
There was a problem hiding this comment.
I don't love the fact that a function called decryptFile downloads and decrypts a file.
|
|
||
| decryptFile: function(file) { | ||
| var url = MatrixClientPeg.get().mxcUrlToHttp(file.url); | ||
| var self = this; |
There was a problem hiding this comment.
We tend to use arrow functions rather than the self = this hack nowadays
| // The attachment is decrypted in componentDidMount. | ||
| return ( | ||
| <span className="mx_MImageBody" ref="body"> | ||
| <img className="mx_MImageBody_thumbnail" src="img/encrypted-placeholder.svg" ref="image" |
There was a problem hiding this comment.
Where does the placeholder come from?
| self.refs.image.onload = function() { | ||
| window.URL.revokeObjectURL(blobUrl); | ||
| }; | ||
| }); |
There was a problem hiding this comment.
Yeah, this post-render DOM mangling isn't great, but we do appear to do it for animated gifs anyway. Relatedly, this will mean the current play-on-hover behaviour of animated gifs won't work with encrypted attachments, so this is a thing we'll need to fix too.
…matrix-react-sdk into markjh/encrypted-attachments
… so that it can be used normally by the exising templates
…ween different components
|
Thumb-nailing in the browser sounds hard and I think this PR is big enough already. |
…tachments are actually downloaded
|
@dbkr Right I think this is done PTAL |
| limitations under the License. | ||
| */ | ||
|
|
||
| 'use struct'; |
There was a problem hiding this comment.
- It's spelt 'strict'
- We don't need these anyway: babel adds them.
| 'use struct'; | ||
|
|
||
| // Pull in the encryption lib so that we can decrypt attachments. | ||
| var encrypt = require("browser-encrypt-attachment"); |
There was a problem hiding this comment.
If you're making a new file, import encrypt from 'browser-encrypt-attachment'; please.
| */ | ||
|
|
||
| function readBlobAsDataUri(file) { | ||
| var deferred = q.defer(); |
|
|
||
|
|
||
| export function decryptFile(file) { | ||
| var url = MatrixClientPeg.get().mxcUrlToHttp(file.url); |
| }, | ||
|
|
||
| componentDidMount: function() { | ||
| this.dispatcherRef = dis.register(this.onAction); | ||
| this.fixupHeight(); | ||
| var content = this.props.mxEvent.getContent(); |
| @@ -77,14 +86,41 @@ module.exports = React.createClass({ | |||
| imgElement.src = this._getThumbUrl(); | |||
| }, | |||
|
|
|||
| _getContentUrl: function() { | |||
| var content = this.props.mxEvent.getContent(); | |||
| var MatrixClientPeg = require('../../../MatrixClientPeg'); | ||
| var ImageUtils = require('../../../ImageUtils'); | ||
| var Modal = require('../../../Modal'); | ||
| var sdk = require('../../../index'); | ||
| var dis = require("../../../dispatcher"); | ||
| var DecryptFile = require('../../../utils/DecryptFile'); |
There was a problem hiding this comment.
Generally we would follow convention within the file for require vs import, or migrate the whole file. Probably decide which though rather than adding both. ;)
| ); | ||
| } | ||
|
|
||
| var contentUrl = this._getContentUrl(); |
| var content = this.props.mxEvent.getContent(); | ||
| var self = this; | ||
| if (content.file !== undefined && this.state.decryptedUrl === null) { | ||
| DecryptFile.decryptFile(content.file).then(function(url) { |
There was a problem hiding this comment.
s/function(x)/(x) => / then you can ditch the var self = this and just use this.
| @@ -47,22 +54,89 @@ module.exports = React.createClass({ | |||
| return linkText; | |||
| }, | |||
|
|
|||
| _getContentUrl: function() { | |||
| var content = this.props.mxEvent.getContent(); | |||
|
I think I've responded to the review comments @dbkr PTAL. Unfortunately I've discovered that the data URLs don't work reliably on chrome if the URL is bigger than 2MB. https://bugs.chromium.org/p/chromium/issues/detail?id=69227. I have a plan for getting around it, but for now I guess this "sort of works"? It certainly should be enough for people to test against with small attachments. |
TODO:
Thumbnail image attachments before sending.Thumbnail video attachments before sending.