This repository has been archived by the owner on Sep 11, 2024. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 832
Encrypt attachments in encrypted rooms, #533
Merged
Merged
Changes from 16 commits
Commits
Show all changes
19 commits
Select commit
Hold shift + click to select a range
e0cea74
Encrypt attachments in encrypted rooms, decrypt image attachments whe…
NegativeMjark 4630172
Actually add isomorphic-fetch
dbkr e949d91
Handle decryption errors
NegativeMjark d61714a
Merge branch 'markjh/encrypted-attachments' of github.com:matrix-org/…
NegativeMjark 842b5ae
The variable is called roomId here
dbkr 12fc70c
Include the mimetype with the file info. Store the objectURL in state…
NegativeMjark b6653dd
Move decryptFile into a utility function so that it can be shared bet…
NegativeMjark 48cfd4f
Decypt m.video events
NegativeMjark 71c002d
Remove spurious TODO
NegativeMjark 9112343
Fix unencrypted video thumbnail
NegativeMjark 94bfe31
Decrypt m.audio attachments
NegativeMjark 6ea0085
Decrypt m.file attachments
NegativeMjark 8f778f5
Use data:// URI rather than blob: URI to avoid XSS
NegativeMjark 1529396
Make everything use MFileBody for downloads, ensure that encrypted at…
NegativeMjark 4214c67
Pass the decryptedUrl to the MFileBody so that it doesn't need to dec…
NegativeMjark dc679a8
Fix gif hoverover
NegativeMjark 911f9e4
Review comments
NegativeMjark 93ddb55
Make imports more consistent, fix m.video
NegativeMjark c838164
Make the promises be q promises
NegativeMjark File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,11 +20,18 @@ var React = require('react'); | |
var filesize = require('filesize'); | ||
var MatrixClientPeg = require('../../../MatrixClientPeg'); | ||
var sdk = require('../../../index'); | ||
var dis = require("../../../dispatcher"); | ||
var DecryptFile = require('../../../utils/DecryptFile'); | ||
|
||
|
||
module.exports = React.createClass({ | ||
displayName: 'MFileBody', | ||
|
||
getInitialState: function() { | ||
return { | ||
decryptedUrl: (this.props.decryptedUrl ? this.props.decryptedUrl : null), | ||
}; | ||
}, | ||
|
||
presentableTextForFile: function(content) { | ||
var linkText = 'Attachment'; | ||
if (content.body && content.body.length > 0) { | ||
|
@@ -47,22 +54,89 @@ module.exports = React.createClass({ | |
return linkText; | ||
}, | ||
|
||
_getContentUrl: function() { | ||
var content = this.props.mxEvent.getContent(); | ||
if (content.file !== undefined) { | ||
return this.state.decryptedUrl; | ||
} else { | ||
return MatrixClientPeg.get().mxcUrlToHttp(content.url); | ||
} | ||
}, | ||
|
||
componentDidMount: function() { | ||
var content = this.props.mxEvent.getContent(); | ||
var self = this; | ||
if (content.file !== undefined && this.state.decryptedUrl === null) { | ||
DecryptFile.decryptFile(content.file).then(function(url) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. s/function(x)/(x) => / then you can ditch the |
||
self.setState({ | ||
decryptedUrl: url, | ||
}); | ||
}).catch(function (err) { | ||
console.warn("Unable to decrypt attachment: ", err) | ||
// Set a placeholder image when we can't decrypt the image. | ||
self.refs.image.src = "img/warning.svg"; | ||
}); | ||
} | ||
}, | ||
|
||
render: function() { | ||
var content = this.props.mxEvent.getContent(); | ||
var cli = MatrixClientPeg.get(); | ||
|
||
var httpUrl = cli.mxcUrlToHttp(content.url); | ||
var text = this.presentableTextForFile(content); | ||
|
||
var TintableSvg = sdk.getComponent("elements.TintableSvg"); | ||
if (content.file !== undefined && this.state.decryptedUrl === null) { | ||
|
||
// Need to decrypt the attachment | ||
// The attachment is decrypted in componentDidMount. | ||
// For now add an img tag with a spinner. | ||
return ( | ||
<span className="mx_MFileBody" ref="body"> | ||
<img src="img/spinner.gif" ref="image" | ||
alt={content.body} /> | ||
</span> | ||
); | ||
} | ||
|
||
var contentUrl = this._getContentUrl(); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. more consts please |
||
|
||
var fileName = content.body && content.body.length > 0 ? content.body : "Attachment"; | ||
|
||
var downloadAttr = undefined; | ||
if (this.state.decryptedUrl) { | ||
// If the file is encrypted then we MUST download it rather than displaying it | ||
// because Firefox is vunerable to XSS attacks in data:// URLs | ||
// and all browsers are vunerable to XSS attacks in blob: URLs | ||
// created with window.URL.createObjectURL | ||
// See https://bugzilla.mozilla.org/show_bug.cgi?id=255107 | ||
// See https://w3c.github.io/FileAPI/#originOfBlobURL | ||
// | ||
// This is not a problem for unencrypted links because they are | ||
// either fetched from a different domain so are safe because of | ||
// the same-origin policy or they are fetch from the same domain, | ||
// in which case we trust that the homeserver will set a | ||
// Content-Security-Policy that disables script execution. | ||
// It is reasonable to trust the homeserver in that case since | ||
// it is the same domain that controls this javascript. | ||
// | ||
// We can't apply the same workaround for encrypted files because | ||
// we can't supply HTTP headers when the user clicks on a blob: | ||
// or data:// uri. | ||
// | ||
// We should probably provide a download attribute anyway so that | ||
// the file will have the correct name when the user tries to | ||
// download it. We can't provide a Content-Disposition header | ||
// like we would for HTTP. | ||
downloadAttr = fileName; | ||
} | ||
|
||
if (httpUrl) { | ||
if (contentUrl) { | ||
if (this.props.tileShape === "file_grid") { | ||
return ( | ||
<span className="mx_MFileBody"> | ||
<div className="mx_MImageBody_download"> | ||
<a className="mx_ImageBody_downloadLink" href={cli.mxcUrlToHttp(content.url)} target="_blank" rel="noopener"> | ||
{ content.body && content.body.length > 0 ? content.body : "Attachment" } | ||
<a className="mx_ImageBody_downloadLink" href={contentUrl} target="_blank" rel="noopener" download={downloadAttr}> | ||
{ fileName } | ||
</a> | ||
<div className="mx_MImageBody_size"> | ||
{ content.info && content.info.size ? filesize(content.info.size) : "" } | ||
|
@@ -75,7 +149,7 @@ module.exports = React.createClass({ | |
return ( | ||
<span className="mx_MFileBody"> | ||
<div className="mx_MImageBody_download"> | ||
<a href={cli.mxcUrlToHttp(content.url)} target="_blank" rel="noopener"> | ||
<a href={contentUrl} target="_blank" rel="noopener" download={downloadAttr}> | ||
<TintableSvg src="img/download.svg" width="12" height="14"/> | ||
Download {text} | ||
</a> | ||
|
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
const