misc work on webui
parent
cf26232d61
commit
170cca9620
|
@ -52,9 +52,9 @@ class PublicAPISecurity:
|
||||||
# Network API version
|
# Network API version
|
||||||
resp.headers['X-API'] = public_api.API_VERSION
|
resp.headers['X-API'] = public_api.API_VERSION
|
||||||
# Delete some HTTP headers for Onionr user agents
|
# Delete some HTTP headers for Onionr user agents
|
||||||
|
NON_NETWORK_HEADERS = ('Content-Security-Policy', 'X-Frame-Options',
|
||||||
|
'X-Content-Type-Options', 'Feature-Policy', 'Clear-Site-Data', 'Referrer-Policy')
|
||||||
if g.is_onionr_client:
|
if g.is_onionr_client:
|
||||||
del resp.headers['Content-Security-Policy']
|
for header in NON_NETWORK_HEADERS: del resp.headers[header]
|
||||||
del resp.headers['X-Frame-Options']
|
|
||||||
del resp.headers['X-Content-Type-Options']
|
|
||||||
public_api.lastRequest = epoch.get_rounded_epoch(roundS=5)
|
public_api.lastRequest = epoch.get_rounded_epoch(roundS=5)
|
||||||
return resp
|
return resp
|
|
@ -118,8 +118,6 @@ class Block:
|
||||||
else:
|
else:
|
||||||
retData = True
|
retData = True
|
||||||
self.decrypted = True
|
self.decrypted = True
|
||||||
else:
|
|
||||||
logger.warn('symmetric decryption is not yet supported by this API')
|
|
||||||
return retData
|
return retData
|
||||||
|
|
||||||
def verifySig(self):
|
def verifySig(self):
|
||||||
|
@ -189,7 +187,7 @@ class Block:
|
||||||
|
|
||||||
return True
|
return True
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
logger.warn('Failed to parse block %s.' % self.getHash(), error = e, timestamp = False)
|
logger.warn('Failed to parse block %s' % self.getHash(), error = e, timestamp = False)
|
||||||
|
|
||||||
# if block can't be parsed, it's a waste of precious space. Throw it away.
|
# if block can't be parsed, it's a waste of precious space. Throw it away.
|
||||||
if not self.delete():
|
if not self.delete():
|
||||||
|
@ -213,8 +211,9 @@ class Block:
|
||||||
os.remove(self.getBlockFile())
|
os.remove(self.getBlockFile())
|
||||||
except TypeError:
|
except TypeError:
|
||||||
pass
|
pass
|
||||||
|
b_hash = self.getHash()
|
||||||
removeblock.remove_block(self.getHash())
|
onionrstorage.deleteBlock(b_hash)
|
||||||
|
removeblock.remove_block(b_hash)
|
||||||
return True
|
return True
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
|
@ -115,7 +115,7 @@ def insert_block(data, header='txt', sign=False, encryptType='', symKey='', asym
|
||||||
|
|
||||||
# ensure expire is integer and of sane length
|
# ensure expire is integer and of sane length
|
||||||
if type(expire) is not type(None):
|
if type(expire) is not type(None):
|
||||||
assert len(str(int(expire))) < 14
|
assert len(str(int(expire))) < 20
|
||||||
metadata['expire'] = expire
|
metadata['expire'] = expire
|
||||||
|
|
||||||
# send block data (and metadata) to POW module to get tokenized block data
|
# send block data (and metadata) to POW module to get tokenized block data
|
||||||
|
|
|
@ -17,6 +17,10 @@
|
||||||
You should have received a copy of the GNU General Public License
|
You should have received a copy of the GNU General Public License
|
||||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
'''
|
'''
|
||||||
|
FEATURE_POLICY = """vibrate; vr; webauthn; usb; sync-xhr; speaker;
|
||||||
|
picture-in-picture; payment; midi; microphone; magnetometer; gyroscope;
|
||||||
|
geolocation; fullscreen; encrypted-media; document-domain;
|
||||||
|
camera; accelerometer; ambient-light-sensor""".replace('\n', '') # have to remove \n for flask
|
||||||
def set_default_onionr_http_headers(flask_response):
|
def set_default_onionr_http_headers(flask_response):
|
||||||
'''Response headers'''
|
'''Response headers'''
|
||||||
flask_response.headers['Content-Security-Policy'] = "default-src 'none'; style-src data: 'unsafe-inline'; img-src data:"
|
flask_response.headers['Content-Security-Policy'] = "default-src 'none'; style-src data: 'unsafe-inline'; img-src data:"
|
||||||
|
@ -25,4 +29,7 @@ def set_default_onionr_http_headers(flask_response):
|
||||||
flask_response.headers['Server'] = ''
|
flask_response.headers['Server'] = ''
|
||||||
flask_response.headers['Date'] = 'Thu, 1 Jan 1970 00:00:00 GMT' # Clock info is probably useful to attackers. Set to unix epoch.
|
flask_response.headers['Date'] = 'Thu, 1 Jan 1970 00:00:00 GMT' # Clock info is probably useful to attackers. Set to unix epoch.
|
||||||
flask_response.headers['Connection'] = "close"
|
flask_response.headers['Connection'] = "close"
|
||||||
|
flask_response.headers['Clear-Site-Data'] = '"cache", "cookies", "storage", "executionContexts"'
|
||||||
|
flask_response.headers['Feature-Policy'] = FEATURE_POLICY
|
||||||
|
flask_response.headers['Referrer-Policy'] = 'no-referrer'
|
||||||
return flask_response
|
return flask_response
|
|
@ -57,10 +57,12 @@ def process_block_metadata(blockHash: str):
|
||||||
pass
|
pass
|
||||||
# Set block expire time if specified
|
# Set block expire time if specified
|
||||||
try:
|
try:
|
||||||
expireTime = myBlock.getHeader('expire')
|
expireTime = int(myBlock.getHeader('expire'))
|
||||||
assert len(str(int(expireTime))) < 20 # test that expire time is an integer of sane length (for epoch)
|
assert len(str(expireTime)) < 20 # test that expire time is an integer of sane length (for epoch)
|
||||||
except (AssertionError, ValueError, TypeError) as e:
|
except (AssertionError, ValueError, TypeError) as e:
|
||||||
expireTime = onionrvalues.DEFAULT_EXPIRE + curTime
|
expireTime = onionrvalues.DEFAULT_EXPIRE + curTime
|
||||||
finally:
|
finally:
|
||||||
|
expireTime = min(expireTime, curTime + onionrvalues.DEFAULT_EXPIRE)
|
||||||
blockmetadb.update_block_info(blockHash, 'expire', expireTime)
|
blockmetadb.update_block_info(blockHash, 'expire', expireTime)
|
||||||
|
|
||||||
onionrevents.event('processblocks', data = {'block': myBlock, 'type': blockType, 'signer': signer, 'validSig': valid})
|
onionrevents.event('processblocks', data = {'block': myBlock, 'type': blockType, 'signer': signer, 'validSig': valid})
|
||||||
|
|
|
@ -94,7 +94,7 @@ function getBlocks(){
|
||||||
}
|
}
|
||||||
var feedText = httpGet('/flow/getpostsbyboard/' + ch)
|
var feedText = httpGet('/flow/getpostsbyboard/' + ch)
|
||||||
var blockList = feedText.split(',').reverse()
|
var blockList = feedText.split(',').reverse()
|
||||||
console.log(blockList)
|
|
||||||
for (i = 0; i < blockList.length; i++){
|
for (i = 0; i < blockList.length; i++){
|
||||||
while (blockList[i].length < 64) blockList[i] = "0" + blockList[i]
|
while (blockList[i].length < 64) blockList[i] = "0" + blockList[i]
|
||||||
if (! requested.includes(blockList[i])){
|
if (! requested.includes(blockList[i])){
|
||||||
|
|
|
@ -86,7 +86,7 @@
|
||||||
</div>
|
</div>
|
||||||
<footer class="card-footer">
|
<footer class="card-footer">
|
||||||
<a class="card-footer-item">
|
<a class="card-footer-item">
|
||||||
<input class='button' type='submit' value='Post'>
|
<input class='button is-primary' type='submit' value='Post'>
|
||||||
</a>
|
</a>
|
||||||
</footer>
|
</footer>
|
||||||
</form>
|
</form>
|
||||||
|
|
|
@ -27,8 +27,10 @@ function removeFriend(pubkey){
|
||||||
addForm.onsubmit = function(){
|
addForm.onsubmit = function(){
|
||||||
var friend = document.getElementsByName('addKey')[0]
|
var friend = document.getElementsByName('addKey')[0]
|
||||||
var alias = document.getElementsByName('data')[0]
|
var alias = document.getElementsByName('data')[0]
|
||||||
if (alias.value.toLowerCase() == 'anonymous'){
|
if (alias.value.toLowerCase().trim() == 'anonymous'){
|
||||||
alert('Anonymous is a reserved name')
|
PNotify.error({
|
||||||
|
text: "Anonymous is a reserved alias name"
|
||||||
|
})
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,9 +9,15 @@
|
||||||
Friends
|
Friends
|
||||||
</title>
|
</title>
|
||||||
<link rel='shortcut icon' type='image/ico' href='/shared/images/favicon.ico'>
|
<link rel='shortcut icon' type='image/ico' href='/shared/images/favicon.ico'>
|
||||||
|
<link rel='stylesheet' href='/shared/main/PNotifyBrightTheme.css'>
|
||||||
<link rel='stylesheet' href='/shared/main/bulma.min.css'>
|
<link rel='stylesheet' href='/shared/main/bulma.min.css'>
|
||||||
<link rel='stylesheet' href='/shared/main/styles-new.css'>
|
<link rel='stylesheet' href='/shared/main/styles-new.css'>
|
||||||
<link rel='stylesheet' href='/friends/style.css'>
|
<link rel='stylesheet' href='/friends/style.css'>
|
||||||
|
<script defer src="/shared/node_modules/pnotify/dist/iife/PNotify.js"></script>
|
||||||
|
<script defer src="/shared/node_modules/pnotify/dist/iife/PNotifyButtons.js"></script>
|
||||||
|
<script defer src="/shared/navbar.js"></script>
|
||||||
|
<script defer src="/shared/misc.js"></script>
|
||||||
|
<script defer src="/friends/friends.js"></script>
|
||||||
</head>
|
</head>
|
||||||
|
|
||||||
<body>
|
<body>
|
||||||
|
@ -102,14 +108,14 @@
|
||||||
<div class="field">
|
<div class="field">
|
||||||
<label class="label">Alias</label>
|
<label class="label">Alias</label>
|
||||||
<p class="control is-expanded">
|
<p class="control is-expanded">
|
||||||
<input id="" class="input" type="text" name='data' placeholder='Name'>
|
<input id="" class="input" type="text" name='data' placeholder='Name' required>
|
||||||
</p>
|
</p>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<footer class="card-footer">
|
<footer class="card-footer">
|
||||||
<a class="card-footer-item">
|
<a class="card-footer-item">
|
||||||
<button class="button" type='submit'>Add to list</button>
|
<button class="button is-success" type='submit'>Add Friend</button>
|
||||||
</a>
|
</a>
|
||||||
</footer>
|
</footer>
|
||||||
</div>
|
</div>
|
||||||
|
@ -151,9 +157,6 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</template>
|
</template>
|
||||||
<script src='/shared/navbar.js'></script>
|
|
||||||
<script src='/shared/misc.js'></script>
|
|
||||||
<script src='/friends/friends.js'></script>
|
|
||||||
</body>
|
</body>
|
||||||
|
|
||||||
</html>
|
</html>
|
|
@ -13,6 +13,7 @@
|
||||||
<link rel="stylesheet" href="/shared/main/bulma.min.css">
|
<link rel="stylesheet" href="/shared/main/bulma.min.css">
|
||||||
<link rel="stylesheet" href="/shared/main/styles-new.css">
|
<link rel="stylesheet" href="/shared/main/styles-new.css">
|
||||||
<script defer src='/shared/navbar.js'></script>
|
<script defer src='/shared/navbar.js'></script>
|
||||||
|
<script defer src='/shared/loadabout.js'></script>
|
||||||
<script defer src='/shared/misc.js'></script>
|
<script defer src='/shared/misc.js'></script>
|
||||||
<script defer src='/shared/main/stats.js'></script>
|
<script defer src='/shared/main/stats.js'></script>
|
||||||
<script defer src='/shared/panel.js'></script>
|
<script defer src='/shared/panel.js'></script>
|
||||||
|
@ -51,6 +52,9 @@
|
||||||
<a class="navbar-item idLink" href="/board/">Circles</a>
|
<a class="navbar-item idLink" href="/board/">Circles</a>
|
||||||
<a class="navbar-item idLink" href="/chat/">Chat</a>
|
<a class="navbar-item idLink" href="/chat/">Chat</a>
|
||||||
</div>
|
</div>
|
||||||
|
<div class="navbar-end">
|
||||||
|
<a class="navbar-item idLink aboutLink">About</a>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</nav>
|
</nav>
|
||||||
|
|
||||||
|
@ -205,6 +209,17 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<br>
|
<br>
|
||||||
|
<div class="modal aboutModal">
|
||||||
|
<div class="modal-background"></div>
|
||||||
|
<div class="modal-card">
|
||||||
|
<header class="modal-card-head">
|
||||||
|
<button class="closeAboutModal delete" aria-label="close"></button>
|
||||||
|
</header>
|
||||||
|
<section class="modal-card-body aboutBody">
|
||||||
|
Loading... <i class="fas fa-spinner fa-spin"></i>
|
||||||
|
</section>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
</body>
|
</body>
|
||||||
|
|
||||||
</html>
|
</html>
|
|
@ -0,0 +1,16 @@
|
||||||
|
<img src="shared/images/onionr-text.png" class="aboutLogo" alt="Onionr">
|
||||||
|
|
||||||
|
<p>Onionr is a private decentralized communication network</p>
|
||||||
|
|
||||||
|
<br>
|
||||||
|
|
||||||
|
<b>Onionr is built with:</b>
|
||||||
|
<br>
|
||||||
|
<ul>
|
||||||
|
<li><a href="https://torproject.org/">Tor</a> - Onionr routes all traffic through Tor by default</li>
|
||||||
|
<li><a href="https://stem.torproject.org/">Stem</a> - Python library to interact with Tor</li>
|
||||||
|
<li><a href="https://palletsprojects.com/p/flask/">Flask</a> - Lightweight Python web framework</li>
|
||||||
|
<li><a href="http://gevent.org">Gevent</a> - For the thread-safe WSGI servers</li>
|
||||||
|
<li><a href="https://2.python-requests.org/en/master/">Requests</a> - HTTP requests for humans</li>
|
||||||
|
|
||||||
|
</ul>
|
|
@ -0,0 +1,5 @@
|
||||||
|
fetch('shared/about.html')
|
||||||
|
.then(resp=>resp.text())
|
||||||
|
.then(function(response) {
|
||||||
|
aboutText = response
|
||||||
|
})
|
|
@ -54,3 +54,8 @@ html {
|
||||||
margin-right: 5px;
|
margin-right: 5px;
|
||||||
color: red;
|
color: red;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.aboutLogo{
|
||||||
|
max-width: 25%;
|
||||||
|
margin-bottom: 1em;
|
||||||
|
}
|
|
@ -112,15 +112,53 @@ if (typeof myPubCopy != "undefined"){
|
||||||
var copyText = document.getElementById("myPub");
|
var copyText = document.getElementById("myPub");
|
||||||
copyText.select()
|
copyText.select()
|
||||||
document.execCommand("copy")
|
document.execCommand("copy")
|
||||||
|
if (typeof PNotify != 'undefined'){
|
||||||
|
PNotify.success({
|
||||||
|
text: "Copied to clipboard"
|
||||||
|
})
|
||||||
|
}
|
||||||
|
console.log("copied pubkey to clipboard")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* For Config toggle on homepage */
|
/* For Config toggle on homepage */
|
||||||
var toggle = document.getElementById("configToggle");
|
var toggle = document.getElementById("configToggle")
|
||||||
var content = document.getElementById("configContent");
|
var content = document.getElementById("configContent")
|
||||||
|
|
||||||
if(typeof toggle !== 'undefined' && toggle !== null) {
|
if(typeof toggle !== 'undefined' && toggle !== null) {
|
||||||
toggle.addEventListener("click", function() {
|
toggle.addEventListener("click", function() {
|
||||||
content.classList.toggle("show");
|
content.classList.toggle("show");
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var aboutBtns = document.getElementsByClassName('aboutLink')
|
||||||
|
var aboutModals = document.getElementsByClassName('aboutModal')
|
||||||
|
var aboutCloseBtns = document.getElementsByClassName('closeAboutModal')
|
||||||
|
|
||||||
|
var aboutText = ''
|
||||||
|
|
||||||
|
setAbout = function(){
|
||||||
|
if (aboutText === ''){
|
||||||
|
setTimeout(function(){setAbout()}, 100)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
let aboutBody = document.getElementsByClassName('aboutBody')
|
||||||
|
for (i = 0; i < aboutBody.length; i++){
|
||||||
|
aboutBody[i].innerHTML = aboutText
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
for (x = 0; x < aboutBtns.length; x++){
|
||||||
|
aboutBtns[x].onclick = function(){
|
||||||
|
for (i = 0; i < aboutModals.length; i++){
|
||||||
|
aboutModals[i].classList.add('is-active')
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
for (i = 0; i < aboutCloseBtns.length; i++){
|
||||||
|
aboutCloseBtns[i].onclick = function(e){
|
||||||
|
e.target.parentElement.parentElement.parentElement.classList.remove('is-active')
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
setAbout()
|
Loading…
Reference in New Issue