Merge branch 'staging' of github.com:xwiki-labs/cryptpad into staging
|
@ -1,16 +0,0 @@
|
|||
<!-- This is an HTML fragment which is included into the bottom toolbar -->
|
||||
<div>
|
||||
<div class="bottom-bar">
|
||||
<div class="bottom-bar-left">
|
||||
<span class="bottom-bar-language">
|
||||
<select id="language-selector"></select>
|
||||
</span>
|
||||
<p data-localization="bottom_france">
|
||||
</p>
|
||||
</div>
|
||||
<div class="bottom-bar-right">
|
||||
<p data-localization="bottom_support">
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
Before Width: | Height: | Size: 1.3 MiB |
Before Width: | Height: | Size: 256 KiB |
Before Width: | Height: | Size: 545 B |
Before Width: | Height: | Size: 749 B |
Before Width: | Height: | Size: 780 B |
Before Width: | Height: | Size: 4.8 KiB |
Before Width: | Height: | Size: 28 KiB |
Before Width: | Height: | Size: 5.8 KiB |
21
rpc.js
|
@ -785,6 +785,24 @@ var upload_status = function (Env, publicKey, filesize, cb) {
|
|||
});
|
||||
};
|
||||
|
||||
var isAuthenticatedCall = function (call) {
|
||||
return [
|
||||
//'COOKIE',
|
||||
'RESET',
|
||||
'PIN',
|
||||
'UNPIN',
|
||||
'GET_HASH',
|
||||
'GET_TOTAL_SIZE',
|
||||
'GET_FILE_SIZE',
|
||||
'UPDATE_LIMITS',
|
||||
'GET_LIMIT',
|
||||
'GET_MULTIPLE_FILE_SIZE',
|
||||
'UPLOAD',
|
||||
'UPLOAD_COMPLETE',
|
||||
'UPLOAD_CANCEL',
|
||||
].indexOf(call) !== -1;
|
||||
};
|
||||
|
||||
/*::const ConfigType = require('./config.example.js');*/
|
||||
RPC.create = function (config /*:typeof(ConfigType)*/, cb /*:(?Error, ?Function)=>void*/) {
|
||||
// load pin-store...
|
||||
|
@ -840,7 +858,6 @@ RPC.create = function (config /*:typeof(ConfigType)*/, cb /*:(?Error, ?Function)
|
|||
beginSession(Sessions, publicKey);
|
||||
|
||||
var cookie = msg[0];
|
||||
|
||||
if (!isValidCookie(Sessions, publicKey, cookie)) {
|
||||
// no cookie is fine if the RPC is to get a cookie
|
||||
if (msg[1] !== 'COOKIE') {
|
||||
|
@ -854,9 +871,11 @@ RPC.create = function (config /*:typeof(ConfigType)*/, cb /*:(?Error, ?Function)
|
|||
return void respond('INVALID_MESSAGE_OR_PUBLIC_KEY');
|
||||
}
|
||||
|
||||
if (isAuthenticatedCall(msg[1])) {
|
||||
if (checkSignature(serialized, signature, publicKey) !== true) {
|
||||
return void respond("INVALID_SIGNATURE_OR_PUBLIC_KEY");
|
||||
}
|
||||
}
|
||||
|
||||
var safeKey = escapeKeyCharacters(publicKey);
|
||||
/* If you have gotten this far, you have signed the message with the
|
||||
|
|