-
-
Notifications
You must be signed in to change notification settings - Fork 832
Encrypt attachments in encrypted rooms, #533
Conversation
…n displaying them
Can one of the admins verify this patch? |
@matrixbot test this please |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The main thing here is probably the fact that it doesn't work with the gif hover behaviour, but I'm not about to ask you to rewrite our react code to support this. Maybe one of us can fix this on the PR branch.
} | ||
}, | ||
|
||
decryptFile: function(file) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't love the fact that a function called decryptFile
downloads and decrypts a file.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
...and also then displays it.
|
||
decryptFile: function(file) { | ||
var url = MatrixClientPeg.get().mxcUrlToHttp(file.url); | ||
var self = this; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We tend to use arrow functions rather than the self = this hack nowadays
// The attachment is decrypted in componentDidMount. | ||
return ( | ||
<span className="mx_MImageBody" ref="body"> | ||
<img className="mx_MImageBody_thumbnail" src="img/encrypted-placeholder.svg" ref="image" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where does the placeholder come from?
self.refs.image.onload = function() { | ||
window.URL.revokeObjectURL(blobUrl); | ||
}; | ||
}); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, this post-render DOM mangling isn't great, but we do appear to do it for animated gifs anyway. Relatedly, this will mean the current play-on-hover behaviour of animated gifs won't work with encrypted attachments, so this is a thing we'll need to fix too.
…matrix-react-sdk into markjh/encrypted-attachments
… so that it can be used normally by the exising templates
…ween different components
Thumb-nailing in the browser sounds hard and I think this PR is big enough already. |
…tachments are actually downloaded
@dbkr Right I think this is done PTAL |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is looking nice. Have made some language comments. Maybe a warning somewhere about it downloading full content of everything currently, until thumbnails are sorted out?
limitations under the License. | ||
*/ | ||
|
||
'use struct'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- It's spelt 'strict'
- We don't need these anyway: babel adds them.
'use struct'; | ||
|
||
// Pull in the encryption lib so that we can decrypt attachments. | ||
var encrypt = require("browser-encrypt-attachment"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you're making a new file, import encrypt from 'browser-encrypt-attachment';
please.
*/ | ||
|
||
function readBlobAsDataUri(file) { | ||
var deferred = q.defer(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
const
please
|
||
|
||
export function decryptFile(file) { | ||
var url = MatrixClientPeg.get().mxcUrlToHttp(file.url); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
more const
}, | ||
|
||
componentDidMount: function() { | ||
this.dispatcherRef = dis.register(this.onAction); | ||
this.fixupHeight(); | ||
var content = this.props.mxEvent.getContent(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
const
@@ -77,14 +86,41 @@ module.exports = React.createClass({ | |||
imgElement.src = this._getThumbUrl(); | |||
}, | |||
|
|||
_getContentUrl: function() { | |||
var content = this.props.mxEvent.getContent(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
const
again
var MatrixClientPeg = require('../../../MatrixClientPeg'); | ||
var ImageUtils = require('../../../ImageUtils'); | ||
var Modal = require('../../../Modal'); | ||
var sdk = require('../../../index'); | ||
var dis = require("../../../dispatcher"); | ||
var DecryptFile = require('../../../utils/DecryptFile'); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Generally we would follow convention within the file for require vs import, or migrate the whole file. Probably decide which though rather than adding both. ;)
); | ||
} | ||
|
||
var contentUrl = this._getContentUrl(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
more consts please
var content = this.props.mxEvent.getContent(); | ||
var self = this; | ||
if (content.file !== undefined && this.state.decryptedUrl === null) { | ||
DecryptFile.decryptFile(content.file).then(function(url) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/function(x)/(x) => / then you can ditch the var self = this
and just use this
.
@@ -47,22 +54,89 @@ module.exports = React.createClass({ | |||
return linkText; | |||
}, | |||
|
|||
_getContentUrl: function() { | |||
var content = this.props.mxEvent.getContent(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
const
I think I've responded to the review comments @dbkr PTAL. Unfortunately I've discovered that the data URLs don't work reliably on chrome if the URL is bigger than 2MB. https://bugs.chromium.org/p/chromium/issues/detail?id=69227. I have a plan for getting around it, but for now I guess this "sort of works"? It certainly should be enough for people to test against with small attachments. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
TODO:
Thumbnail image attachments before sending.Thumbnail video attachments before sending.