misc work on webui
parent
cf26232d61
commit
170cca9620
|
@ -52,9 +52,9 @@ class PublicAPISecurity:
|
|||
# Network API version
|
||||
resp.headers['X-API'] = public_api.API_VERSION
|
||||
# Delete some HTTP headers for Onionr user agents
|
||||
NON_NETWORK_HEADERS = ('Content-Security-Policy', 'X-Frame-Options',
|
||||
'X-Content-Type-Options', 'Feature-Policy', 'Clear-Site-Data', 'Referrer-Policy')
|
||||
if g.is_onionr_client:
|
||||
del resp.headers['Content-Security-Policy']
|
||||
del resp.headers['X-Frame-Options']
|
||||
del resp.headers['X-Content-Type-Options']
|
||||
for header in NON_NETWORK_HEADERS: del resp.headers[header]
|
||||
public_api.lastRequest = epoch.get_rounded_epoch(roundS=5)
|
||||
return resp
|
|
@ -118,8 +118,6 @@ class Block:
|
|||
else:
|
||||
retData = True
|
||||
self.decrypted = True
|
||||
else:
|
||||
logger.warn('symmetric decryption is not yet supported by this API')
|
||||
return retData
|
||||
|
||||
def verifySig(self):
|
||||
|
@ -189,7 +187,7 @@ class Block:
|
|||
|
||||
return True
|
||||
except Exception as e:
|
||||
logger.warn('Failed to parse block %s.' % self.getHash(), error = e, timestamp = False)
|
||||
logger.warn('Failed to parse block %s' % self.getHash(), error = e, timestamp = False)
|
||||
|
||||
# if block can't be parsed, it's a waste of precious space. Throw it away.
|
||||
if not self.delete():
|
||||
|
@ -213,8 +211,9 @@ class Block:
|
|||
os.remove(self.getBlockFile())
|
||||
except TypeError:
|
||||
pass
|
||||
|
||||
removeblock.remove_block(self.getHash())
|
||||
b_hash = self.getHash()
|
||||
onionrstorage.deleteBlock(b_hash)
|
||||
removeblock.remove_block(b_hash)
|
||||
return True
|
||||
return False
|
||||
|
||||
|
|
|
@ -115,7 +115,7 @@ def insert_block(data, header='txt', sign=False, encryptType='', symKey='', asym
|
|||
|
||||
# ensure expire is integer and of sane length
|
||||
if type(expire) is not type(None):
|
||||
assert len(str(int(expire))) < 14
|
||||
assert len(str(int(expire))) < 20
|
||||
metadata['expire'] = expire
|
||||
|
||||
# send block data (and metadata) to POW module to get tokenized block data
|
||||
|
|
|
@ -17,6 +17,10 @@
|
|||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
'''
|
||||
FEATURE_POLICY = """vibrate; vr; webauthn; usb; sync-xhr; speaker;
|
||||
picture-in-picture; payment; midi; microphone; magnetometer; gyroscope;
|
||||
geolocation; fullscreen; encrypted-media; document-domain;
|
||||
camera; accelerometer; ambient-light-sensor""".replace('\n', '') # have to remove \n for flask
|
||||
def set_default_onionr_http_headers(flask_response):
|
||||
'''Response headers'''
|
||||
flask_response.headers['Content-Security-Policy'] = "default-src 'none'; style-src data: 'unsafe-inline'; img-src data:"
|
||||
|
@ -25,4 +29,7 @@ def set_default_onionr_http_headers(flask_response):
|
|||
flask_response.headers['Server'] = ''
|
||||
flask_response.headers['Date'] = 'Thu, 1 Jan 1970 00:00:00 GMT' # Clock info is probably useful to attackers. Set to unix epoch.
|
||||
flask_response.headers['Connection'] = "close"
|
||||
flask_response.headers['Clear-Site-Data'] = '"cache", "cookies", "storage", "executionContexts"'
|
||||
flask_response.headers['Feature-Policy'] = FEATURE_POLICY
|
||||
flask_response.headers['Referrer-Policy'] = 'no-referrer'
|
||||
return flask_response
|
|
@ -57,10 +57,12 @@ def process_block_metadata(blockHash: str):
|
|||
pass
|
||||
# Set block expire time if specified
|
||||
try:
|
||||
expireTime = myBlock.getHeader('expire')
|
||||
assert len(str(int(expireTime))) < 20 # test that expire time is an integer of sane length (for epoch)
|
||||
expireTime = int(myBlock.getHeader('expire'))
|
||||
assert len(str(expireTime)) < 20 # test that expire time is an integer of sane length (for epoch)
|
||||
except (AssertionError, ValueError, TypeError) as e:
|
||||
expireTime = onionrvalues.DEFAULT_EXPIRE + curTime
|
||||
finally:
|
||||
expireTime = min(expireTime, curTime + onionrvalues.DEFAULT_EXPIRE)
|
||||
blockmetadb.update_block_info(blockHash, 'expire', expireTime)
|
||||
|
||||
onionrevents.event('processblocks', data = {'block': myBlock, 'type': blockType, 'signer': signer, 'validSig': valid})
|
||||
|
|
|
@ -94,7 +94,7 @@ function getBlocks(){
|
|||
}
|
||||
var feedText = httpGet('/flow/getpostsbyboard/' + ch)
|
||||
var blockList = feedText.split(',').reverse()
|
||||
console.log(blockList)
|
||||
|
||||
for (i = 0; i < blockList.length; i++){
|
||||
while (blockList[i].length < 64) blockList[i] = "0" + blockList[i]
|
||||
if (! requested.includes(blockList[i])){
|
||||
|
|
|
@ -86,7 +86,7 @@
|
|||
</div>
|
||||
<footer class="card-footer">
|
||||
<a class="card-footer-item">
|
||||
<input class='button' type='submit' value='Post'>
|
||||
<input class='button is-primary' type='submit' value='Post'>
|
||||
</a>
|
||||
</footer>
|
||||
</form>
|
||||
|
|
|
@ -27,8 +27,10 @@ function removeFriend(pubkey){
|
|||
addForm.onsubmit = function(){
|
||||
var friend = document.getElementsByName('addKey')[0]
|
||||
var alias = document.getElementsByName('data')[0]
|
||||
if (alias.value.toLowerCase() == 'anonymous'){
|
||||
alert('Anonymous is a reserved name')
|
||||
if (alias.value.toLowerCase().trim() == 'anonymous'){
|
||||
PNotify.error({
|
||||
text: "Anonymous is a reserved alias name"
|
||||
})
|
||||
return false
|
||||
}
|
||||
|
||||
|
|
|
@ -9,9 +9,15 @@
|
|||
Friends
|
||||
</title>
|
||||
<link rel='shortcut icon' type='image/ico' href='/shared/images/favicon.ico'>
|
||||
<link rel='stylesheet' href='/shared/main/PNotifyBrightTheme.css'>
|
||||
<link rel='stylesheet' href='/shared/main/bulma.min.css'>
|
||||
<link rel='stylesheet' href='/shared/main/styles-new.css'>
|
||||
<link rel='stylesheet' href='/friends/style.css'>
|
||||
<script defer src="/shared/node_modules/pnotify/dist/iife/PNotify.js"></script>
|
||||
<script defer src="/shared/node_modules/pnotify/dist/iife/PNotifyButtons.js"></script>
|
||||
<script defer src="/shared/navbar.js"></script>
|
||||
<script defer src="/shared/misc.js"></script>
|
||||
<script defer src="/friends/friends.js"></script>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
|
@ -102,14 +108,14 @@
|
|||
<div class="field">
|
||||
<label class="label">Alias</label>
|
||||
<p class="control is-expanded">
|
||||
<input id="" class="input" type="text" name='data' placeholder='Name'>
|
||||
<input id="" class="input" type="text" name='data' placeholder='Name' required>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<footer class="card-footer">
|
||||
<a class="card-footer-item">
|
||||
<button class="button" type='submit'>Add to list</button>
|
||||
<button class="button is-success" type='submit'>Add Friend</button>
|
||||
</a>
|
||||
</footer>
|
||||
</div>
|
||||
|
@ -151,9 +157,6 @@
|
|||
</div>
|
||||
</div>
|
||||
</template>
|
||||
<script src='/shared/navbar.js'></script>
|
||||
<script src='/shared/misc.js'></script>
|
||||
<script src='/friends/friends.js'></script>
|
||||
</body>
|
||||
|
||||
</html>
|
|
@ -13,6 +13,7 @@
|
|||
<link rel="stylesheet" href="/shared/main/bulma.min.css">
|
||||
<link rel="stylesheet" href="/shared/main/styles-new.css">
|
||||
<script defer src='/shared/navbar.js'></script>
|
||||
<script defer src='/shared/loadabout.js'></script>
|
||||
<script defer src='/shared/misc.js'></script>
|
||||
<script defer src='/shared/main/stats.js'></script>
|
||||
<script defer src='/shared/panel.js'></script>
|
||||
|
@ -51,6 +52,9 @@
|
|||
<a class="navbar-item idLink" href="/board/">Circles</a>
|
||||
<a class="navbar-item idLink" href="/chat/">Chat</a>
|
||||
</div>
|
||||
<div class="navbar-end">
|
||||
<a class="navbar-item idLink aboutLink">About</a>
|
||||
</div>
|
||||
</div>
|
||||
</nav>
|
||||
|
||||
|
@ -205,6 +209,17 @@
|
|||
</div>
|
||||
</div>
|
||||
<br>
|
||||
<div class="modal aboutModal">
|
||||
<div class="modal-background"></div>
|
||||
<div class="modal-card">
|
||||
<header class="modal-card-head">
|
||||
<button class="closeAboutModal delete" aria-label="close"></button>
|
||||
</header>
|
||||
<section class="modal-card-body aboutBody">
|
||||
Loading... <i class="fas fa-spinner fa-spin"></i>
|
||||
</section>
|
||||
</div>
|
||||
</div>
|
||||
</body>
|
||||
|
||||
</html>
|
|
@ -0,0 +1,16 @@
|
|||
<img src="shared/images/onionr-text.png" class="aboutLogo" alt="Onionr">
|
||||
|
||||
<p>Onionr is a private decentralized communication network</p>
|
||||
|
||||
<br>
|
||||
|
||||
<b>Onionr is built with:</b>
|
||||
<br>
|
||||
<ul>
|
||||
<li><a href="https://torproject.org/">Tor</a> - Onionr routes all traffic through Tor by default</li>
|
||||
<li><a href="https://stem.torproject.org/">Stem</a> - Python library to interact with Tor</li>
|
||||
<li><a href="https://palletsprojects.com/p/flask/">Flask</a> - Lightweight Python web framework</li>
|
||||
<li><a href="http://gevent.org">Gevent</a> - For the thread-safe WSGI servers</li>
|
||||
<li><a href="https://2.python-requests.org/en/master/">Requests</a> - HTTP requests for humans</li>
|
||||
|
||||
</ul>
|
|
@ -0,0 +1,5 @@
|
|||
fetch('shared/about.html')
|
||||
.then(resp=>resp.text())
|
||||
.then(function(response) {
|
||||
aboutText = response
|
||||
})
|
|
@ -54,3 +54,8 @@ html {
|
|||
margin-right: 5px;
|
||||
color: red;
|
||||
}
|
||||
|
||||
.aboutLogo{
|
||||
max-width: 25%;
|
||||
margin-bottom: 1em;
|
||||
}
|
|
@ -112,15 +112,53 @@ if (typeof myPubCopy != "undefined"){
|
|||
var copyText = document.getElementById("myPub");
|
||||
copyText.select()
|
||||
document.execCommand("copy")
|
||||
if (typeof PNotify != 'undefined'){
|
||||
PNotify.success({
|
||||
text: "Copied to clipboard"
|
||||
})
|
||||
}
|
||||
console.log("copied pubkey to clipboard")
|
||||
}
|
||||
}
|
||||
|
||||
/* For Config toggle on homepage */
|
||||
var toggle = document.getElementById("configToggle");
|
||||
var content = document.getElementById("configContent");
|
||||
var toggle = document.getElementById("configToggle")
|
||||
var content = document.getElementById("configContent")
|
||||
|
||||
if(typeof toggle !== 'undefined' && toggle !== null) {
|
||||
toggle.addEventListener("click", function() {
|
||||
content.classList.toggle("show");
|
||||
})
|
||||
}
|
||||
|
||||
var aboutBtns = document.getElementsByClassName('aboutLink')
|
||||
var aboutModals = document.getElementsByClassName('aboutModal')
|
||||
var aboutCloseBtns = document.getElementsByClassName('closeAboutModal')
|
||||
|
||||
var aboutText = ''
|
||||
|
||||
setAbout = function(){
|
||||
if (aboutText === ''){
|
||||
setTimeout(function(){setAbout()}, 100)
|
||||
return
|
||||
}
|
||||
let aboutBody = document.getElementsByClassName('aboutBody')
|
||||
for (i = 0; i < aboutBody.length; i++){
|
||||
aboutBody[i].innerHTML = aboutText
|
||||
}
|
||||
}
|
||||
|
||||
for (x = 0; x < aboutBtns.length; x++){
|
||||
aboutBtns[x].onclick = function(){
|
||||
for (i = 0; i < aboutModals.length; i++){
|
||||
aboutModals[i].classList.add('is-active')
|
||||
}
|
||||
}
|
||||
}
|
||||
for (i = 0; i < aboutCloseBtns.length; i++){
|
||||
aboutCloseBtns[i].onclick = function(e){
|
||||
e.target.parentElement.parentElement.parentElement.classList.remove('is-active')
|
||||
}
|
||||
}
|
||||
|
||||
setAbout()
|
Loading…
Reference in New Issue