Add API method to retrieve the SID. Fixes #93
This commit is contained in:
parent
30f3114c7c
commit
18d6a91881
10
converse.js
10
converse.js
@ -138,6 +138,7 @@
|
|||||||
this.bosh_service_url = undefined; // The BOSH connection manager URL.
|
this.bosh_service_url = undefined; // The BOSH connection manager URL.
|
||||||
this.cache_otr_key = false;
|
this.cache_otr_key = false;
|
||||||
this.debug = false;
|
this.debug = false;
|
||||||
|
this.expose_rid_and_sid = false;
|
||||||
this.hide_muc_server = false;
|
this.hide_muc_server = false;
|
||||||
this.i18n = locales.en;
|
this.i18n = locales.en;
|
||||||
this.prebind = false;
|
this.prebind = false;
|
||||||
@ -165,6 +166,7 @@
|
|||||||
'cache_otr_key',
|
'cache_otr_key',
|
||||||
'connection',
|
'connection',
|
||||||
'debug',
|
'debug',
|
||||||
|
'expose_rid_and_sid',
|
||||||
'fullname',
|
'fullname',
|
||||||
'hide_muc_server',
|
'hide_muc_server',
|
||||||
'i18n',
|
'i18n',
|
||||||
@ -3586,11 +3588,17 @@
|
|||||||
converse.initialize(settings, callback);
|
converse.initialize(settings, callback);
|
||||||
},
|
},
|
||||||
'getRID': function () {
|
'getRID': function () {
|
||||||
if (typeof converse.connection !== "undefined") {
|
if (converse.expose_rid_and_sid && typeof converse.connection !== "undefined") {
|
||||||
return converse.connection.rid;
|
return converse.connection.rid;
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
},
|
},
|
||||||
|
'getSID': function () {
|
||||||
|
if (converse.expose_rid_and_sid && typeof converse.connection !== "undefined") {
|
||||||
|
return converse.connection.sid;
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
},
|
||||||
'once': function(evt, handler) {
|
'once': function(evt, handler) {
|
||||||
converse.once(evt, handler);
|
converse.once(evt, handler);
|
||||||
},
|
},
|
||||||
|
@ -4,7 +4,8 @@ Changelog
|
|||||||
Unreleased
|
Unreleased
|
||||||
----------
|
----------
|
||||||
|
|
||||||
* Option to display a call button in the chatbox toolbar, to allow third-party libraries to provide a calling feature. [Aupajo]
|
* #93 Add API methods exposing the RID and SID values. Can be disabled. [jcbrand]
|
||||||
|
* #103 Option to display a call button in the chatbox toolbar, to allow third-party libraries to provide a calling feature. [Aupajo]
|
||||||
* #108 Japanese Translations [mako09]
|
* #108 Japanese Translations [mako09]
|
||||||
* #111 OTR not working when using converse.js with prebinding. [jseidl, jcbrand]
|
* #111 OTR not working when using converse.js with prebinding. [jseidl, jcbrand]
|
||||||
* #114 Hewbrew Translations [GreenLunar]
|
* #114 Hewbrew Translations [GreenLunar]
|
||||||
|
Binary file not shown.
@ -306,7 +306,6 @@ Facebook integration
|
|||||||
this myself. Feedback and patches from people who have succesfully done this
|
this myself. Feedback and patches from people who have succesfully done this
|
||||||
will be appreciated.
|
will be appreciated.
|
||||||
|
|
||||||
|
|
||||||
Converse.js uses `Strophe.js <http://strophe.im/strophejs>`_ to connect and
|
Converse.js uses `Strophe.js <http://strophe.im/strophejs>`_ to connect and
|
||||||
communicate with the XMPP server. One nice thing about Strophe.js is that it
|
communicate with the XMPP server. One nice thing about Strophe.js is that it
|
||||||
can be extended via `plugins <http://github.com/strophe/strophejs-plugins>`_.
|
can be extended via `plugins <http://github.com/strophe/strophejs-plugins>`_.
|
||||||
@ -748,6 +747,14 @@ For each room on the server a query is made to fetch further details (e.g.
|
|||||||
features, number of occupants etc.), so on servers with many rooms this
|
features, number of occupants etc.), so on servers with many rooms this
|
||||||
option will create lots of extra connection traffic.
|
option will create lots of extra connection traffic.
|
||||||
|
|
||||||
|
auto_reconnect
|
||||||
|
--------------
|
||||||
|
|
||||||
|
Default = ``true``
|
||||||
|
|
||||||
|
Automatically reconnect to the XMPP server if the connection drops
|
||||||
|
unexpectedly.
|
||||||
|
|
||||||
auto_subscribe
|
auto_subscribe
|
||||||
--------------
|
--------------
|
||||||
|
|
||||||
@ -763,6 +770,30 @@ a middle man between HTTP and XMPP.
|
|||||||
|
|
||||||
See `here <http://metajack.im/2008/09/08/which-bosh-server-do-you-need>`_ for more information.
|
See `here <http://metajack.im/2008/09/08/which-bosh-server-do-you-need>`_ for more information.
|
||||||
|
|
||||||
|
cache_otr_key
|
||||||
|
-------------
|
||||||
|
|
||||||
|
Default = ``false``
|
||||||
|
|
||||||
|
Let the `OTR (Off-the-record encryption) <https://otr.cypherpunks.ca>`_ private
|
||||||
|
key be cached in your browser's session storage.
|
||||||
|
|
||||||
|
The browser's session storage persists across page loads but is deleted once
|
||||||
|
the tab or window is closed.
|
||||||
|
|
||||||
|
If this option is set to ``false``, a new OTR private key will be generated
|
||||||
|
for each page load. While more inconvenient, this is a much more secure option.
|
||||||
|
|
||||||
|
This setting can only be used together with ``allow_otr = true``.
|
||||||
|
|
||||||
|
|
||||||
|
.. Note ::
|
||||||
|
A browser window's session storage is accessible by all javascript that
|
||||||
|
is served from the same domain. So if there is malicious javascript served by
|
||||||
|
the same server (or somehow injected via an attacker), then they will be able
|
||||||
|
to retrieve your private key and read your all the chat messages in your
|
||||||
|
current session. Previous sessions however cannot be decrypted.
|
||||||
|
|
||||||
debug
|
debug
|
||||||
-----
|
-----
|
||||||
|
|
||||||
|
@ -114,30 +114,32 @@
|
|||||||
<li><a class="reference internal" href="#allow-muc" id="id33">allow_muc</a></li>
|
<li><a class="reference internal" href="#allow-muc" id="id33">allow_muc</a></li>
|
||||||
<li><a class="reference internal" href="#animate" id="id34">animate</a></li>
|
<li><a class="reference internal" href="#animate" id="id34">animate</a></li>
|
||||||
<li><a class="reference internal" href="#auto-list-rooms" id="id35">auto_list_rooms</a></li>
|
<li><a class="reference internal" href="#auto-list-rooms" id="id35">auto_list_rooms</a></li>
|
||||||
<li><a class="reference internal" href="#auto-subscribe" id="id36">auto_subscribe</a></li>
|
<li><a class="reference internal" href="#auto-reconnect" id="id36">auto_reconnect</a></li>
|
||||||
<li><a class="reference internal" href="#bosh-service-url" id="id37">bosh_service_url</a></li>
|
<li><a class="reference internal" href="#auto-subscribe" id="id37">auto_subscribe</a></li>
|
||||||
<li><a class="reference internal" href="#debug" id="id38">debug</a></li>
|
<li><a class="reference internal" href="#bosh-service-url" id="id38">bosh_service_url</a></li>
|
||||||
<li><a class="reference internal" href="#fullname" id="id39">fullname</a></li>
|
<li><a class="reference internal" href="#cache-otr-key" id="id39">cache_otr_key</a></li>
|
||||||
<li><a class="reference internal" href="#hide-muc-server" id="id40">hide_muc_server</a></li>
|
<li><a class="reference internal" href="#debug" id="id40">debug</a></li>
|
||||||
<li><a class="reference internal" href="#i18n" id="id41">i18n</a></li>
|
<li><a class="reference internal" href="#fullname" id="id41">fullname</a></li>
|
||||||
<li><a class="reference internal" href="#prebind" id="id42">prebind</a></li>
|
<li><a class="reference internal" href="#hide-muc-server" id="id42">hide_muc_server</a></li>
|
||||||
<li><a class="reference internal" href="#show-controlbox-by-default" id="id43">show_controlbox_by_default</a></li>
|
<li><a class="reference internal" href="#i18n" id="id43">i18n</a></li>
|
||||||
<li><a class="reference internal" href="#show-call-button" id="id44">show_call_button</a></li>
|
<li><a class="reference internal" href="#prebind" id="id44">prebind</a></li>
|
||||||
<li><a class="reference internal" href="#show-only-online-users" id="id45">show_only_online_users</a></li>
|
<li><a class="reference internal" href="#show-controlbox-by-default" id="id45">show_controlbox_by_default</a></li>
|
||||||
<li><a class="reference internal" href="#use-vcards" id="id46">use_vcards</a></li>
|
<li><a class="reference internal" href="#show-call-button" id="id46">show_call_button</a></li>
|
||||||
<li><a class="reference internal" href="#xhr-custom-status" id="id47">xhr_custom_status</a></li>
|
<li><a class="reference internal" href="#show-only-online-users" id="id47">show_only_online_users</a></li>
|
||||||
<li><a class="reference internal" href="#xhr-custom-status-url" id="id48">xhr_custom_status_url</a></li>
|
<li><a class="reference internal" href="#use-vcards" id="id48">use_vcards</a></li>
|
||||||
<li><a class="reference internal" href="#xhr-user-search" id="id49">xhr_user_search</a></li>
|
<li><a class="reference internal" href="#xhr-custom-status" id="id49">xhr_custom_status</a></li>
|
||||||
<li><a class="reference internal" href="#xhr-user-search-url" id="id50">xhr_user_search_url</a></li>
|
<li><a class="reference internal" href="#xhr-custom-status-url" id="id50">xhr_custom_status_url</a></li>
|
||||||
|
<li><a class="reference internal" href="#xhr-user-search" id="id51">xhr_user_search</a></li>
|
||||||
|
<li><a class="reference internal" href="#xhr-user-search-url" id="id52">xhr_user_search_url</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
<li><a class="reference internal" href="#minification" id="id51">Minification</a><ul>
|
<li><a class="reference internal" href="#minification" id="id53">Minification</a><ul>
|
||||||
<li><a class="reference internal" href="#minifying-javascript-and-css" id="id52">Minifying Javascript and CSS</a></li>
|
<li><a class="reference internal" href="#minifying-javascript-and-css" id="id54">Minifying Javascript and CSS</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
<li><a class="reference internal" href="#translations" id="id53">Translations</a></li>
|
<li><a class="reference internal" href="#translations" id="id55">Translations</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="quickstart-to-get-a-demo-up-and-running">
|
<div class="section" id="quickstart-to-get-a-demo-up-and-running">
|
||||||
@ -182,7 +184,7 @@ practical.</p>
|
|||||||
<p>You’ll most likely want to implement some kind of single-signon solution for
|
<p>You’ll most likely want to implement some kind of single-signon solution for
|
||||||
your website, where users authenticate once in your website and then stay
|
your website, where users authenticate once in your website and then stay
|
||||||
logged into their XMPP session upon page reload.</p>
|
logged into their XMPP session upon page reload.</p>
|
||||||
<p>For more info on this, read: <a href="#id54"><span class="problematic" id="id55">`Pre-binding and Single Session Support`_</span></a>.</p>
|
<p>For more info on this, read: <a href="#id56"><span class="problematic" id="id57">`Pre-binding and Single Session Support`_</span></a>.</p>
|
||||||
<p>You might also want to have more fine-grained control of what gets included in
|
<p>You might also want to have more fine-grained control of what gets included in
|
||||||
the minified Javascript file. Read <a class="reference internal" href="#configuration">Configuration</a> and <a class="reference internal" href="#minification">Minification</a> for more info on how to do
|
the minified Javascript file. Read <a class="reference internal" href="#configuration">Configuration</a> and <a class="reference internal" href="#minification">Minification</a> for more info on how to do
|
||||||
that.</p>
|
that.</p>
|
||||||
@ -729,41 +731,66 @@ multi-user chat, then a list of rooms on that server will be fetched.</p>
|
|||||||
features, number of occupants etc.), so on servers with many rooms this
|
features, number of occupants etc.), so on servers with many rooms this
|
||||||
option will create lots of extra connection traffic.</p>
|
option will create lots of extra connection traffic.</p>
|
||||||
</div>
|
</div>
|
||||||
|
<div class="section" id="auto-reconnect">
|
||||||
|
<h3><a class="toc-backref" href="#id36">auto_reconnect</a><a class="headerlink" href="#auto-reconnect" title="Permalink to this headline">¶</a></h3>
|
||||||
|
<p>Default = <tt class="docutils literal"><span class="pre">true</span></tt></p>
|
||||||
|
<p>Automatically reconnect to the XMPP server if the connection drops
|
||||||
|
unexpectedly.</p>
|
||||||
|
</div>
|
||||||
<div class="section" id="auto-subscribe">
|
<div class="section" id="auto-subscribe">
|
||||||
<h3><a class="toc-backref" href="#id36">auto_subscribe</a><a class="headerlink" href="#auto-subscribe" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id37">auto_subscribe</a><a class="headerlink" href="#auto-subscribe" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
||||||
<p>If true, the user will automatically subscribe back to any contact requests.</p>
|
<p>If true, the user will automatically subscribe back to any contact requests.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="bosh-service-url">
|
<div class="section" id="bosh-service-url">
|
||||||
<h3><a class="toc-backref" href="#id37">bosh_service_url</a><a class="headerlink" href="#bosh-service-url" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id38">bosh_service_url</a><a class="headerlink" href="#bosh-service-url" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Connections to an XMPP server depend on a BOSH connection manager which acts as
|
<p>Connections to an XMPP server depend on a BOSH connection manager which acts as
|
||||||
a middle man between HTTP and XMPP.</p>
|
a middle man between HTTP and XMPP.</p>
|
||||||
<p>See <a class="reference external" href="http://metajack.im/2008/09/08/which-bosh-server-do-you-need">here</a> for more information.</p>
|
<p>See <a class="reference external" href="http://metajack.im/2008/09/08/which-bosh-server-do-you-need">here</a> for more information.</p>
|
||||||
</div>
|
</div>
|
||||||
|
<div class="section" id="cache-otr-key">
|
||||||
|
<h3><a class="toc-backref" href="#id39">cache_otr_key</a><a class="headerlink" href="#cache-otr-key" title="Permalink to this headline">¶</a></h3>
|
||||||
|
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
||||||
|
<p>Let the <a class="reference external" href="https://otr.cypherpunks.ca">OTR (Off-the-record encryption)</a> private
|
||||||
|
key be cached in your browser’s session storage.</p>
|
||||||
|
<p>The browser’s session storage persists across page loads but is deleted once
|
||||||
|
the tab or window is closed.</p>
|
||||||
|
<p>If this option is set to <tt class="docutils literal"><span class="pre">false</span></tt>, a new OTR private key will be generated
|
||||||
|
for each page load. While more inconvenient, this is a much more secure option.</p>
|
||||||
|
<p>This setting can only be used together with <tt class="docutils literal"><span class="pre">allow_otr</span> <span class="pre">=</span> <span class="pre">true</span></tt>.</p>
|
||||||
|
<div class="admonition note">
|
||||||
|
<p class="first admonition-title">Note</p>
|
||||||
|
<p class="last">A browser window’s session storage is accessible by all javascript that
|
||||||
|
is served from the same domain. So if there is malicious javascript served by
|
||||||
|
the same server (or somehow injected via an attacker), then they will be able
|
||||||
|
to retrieve your private key and read your all the chat messages in your
|
||||||
|
current session. Previous sessions however cannot be decrypted.</p>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
<div class="section" id="debug">
|
<div class="section" id="debug">
|
||||||
<h3><a class="toc-backref" href="#id38">debug</a><a class="headerlink" href="#debug" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id40">debug</a><a class="headerlink" href="#debug" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
||||||
<p>If set to true, debugging output will be logged to the browser console.</p>
|
<p>If set to true, debugging output will be logged to the browser console.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="fullname">
|
<div class="section" id="fullname">
|
||||||
<h3><a class="toc-backref" href="#id39">fullname</a><a class="headerlink" href="#fullname" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id41">fullname</a><a class="headerlink" href="#fullname" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>If you are using prebinding, can specify the fullname of the currently
|
<p>If you are using prebinding, can specify the fullname of the currently
|
||||||
logged in user, otherwise the user’s vCard will be fetched.</p>
|
logged in user, otherwise the user’s vCard will be fetched.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="hide-muc-server">
|
<div class="section" id="hide-muc-server">
|
||||||
<h3><a class="toc-backref" href="#id40">hide_muc_server</a><a class="headerlink" href="#hide-muc-server" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id42">hide_muc_server</a><a class="headerlink" href="#hide-muc-server" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
||||||
<p>Hide the <tt class="docutils literal"><span class="pre">server</span></tt> input field of the form inside the <tt class="docutils literal"><span class="pre">Room</span></tt> panel of the
|
<p>Hide the <tt class="docutils literal"><span class="pre">server</span></tt> input field of the form inside the <tt class="docutils literal"><span class="pre">Room</span></tt> panel of the
|
||||||
controlbox. Useful if you want to restrict users to a specific XMPP server of
|
controlbox. Useful if you want to restrict users to a specific XMPP server of
|
||||||
your choosing.</p>
|
your choosing.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="i18n">
|
<div class="section" id="i18n">
|
||||||
<h3><a class="toc-backref" href="#id41">i18n</a><a class="headerlink" href="#i18n" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id43">i18n</a><a class="headerlink" href="#i18n" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Specify the locale/language. The language must be in the <tt class="docutils literal"><span class="pre">locales</span></tt> object. Refer to
|
<p>Specify the locale/language. The language must be in the <tt class="docutils literal"><span class="pre">locales</span></tt> object. Refer to
|
||||||
<tt class="docutils literal"><span class="pre">./locale/locales.js</span></tt> to see which locales are supported.</p>
|
<tt class="docutils literal"><span class="pre">./locale/locales.js</span></tt> to see which locales are supported.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="prebind">
|
<div class="section" id="prebind">
|
||||||
<h3><a class="toc-backref" href="#id42">prebind</a><a class="headerlink" href="#prebind" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id44">prebind</a><a class="headerlink" href="#prebind" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
||||||
<p>Use this option when you want to attach to an existing XMPP connection that was
|
<p>Use this option when you want to attach to an existing XMPP connection that was
|
||||||
already authenticated (usually on the backend before page load).</p>
|
already authenticated (usually on the backend before page load).</p>
|
||||||
@ -776,7 +803,7 @@ values as <tt class="docutils literal"><span class="pre">jid</span></tt>, <tt cl
|
|||||||
<p>Additionally, you have to specify <tt class="docutils literal"><span class="pre">bosh_service_url</span></tt>.</p>
|
<p>Additionally, you have to specify <tt class="docutils literal"><span class="pre">bosh_service_url</span></tt>.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="show-controlbox-by-default">
|
<div class="section" id="show-controlbox-by-default">
|
||||||
<h3><a class="toc-backref" href="#id43">show_controlbox_by_default</a><a class="headerlink" href="#show-controlbox-by-default" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id45">show_controlbox_by_default</a><a class="headerlink" href="#show-controlbox-by-default" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
||||||
<p>The “controlbox” refers to the special chatbox containing your contacts roster,
|
<p>The “controlbox” refers to the special chatbox containing your contacts roster,
|
||||||
status widget, chatrooms and other controls.</p>
|
status widget, chatrooms and other controls.</p>
|
||||||
@ -786,7 +813,7 @@ the page with class <em>toggle-online-users</em>.</p>
|
|||||||
page load.</p>
|
page load.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="show-call-button">
|
<div class="section" id="show-call-button">
|
||||||
<h3><a class="toc-backref" href="#id44">show_call_button</a><a class="headerlink" href="#show-call-button" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id46">show_call_button</a><a class="headerlink" href="#show-call-button" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
||||||
<p>Enable to display a call button on the chatbox toolbar.</p>
|
<p>Enable to display a call button on the chatbox toolbar.</p>
|
||||||
<p>When the call button is pressed, it will emit an event that can be used by a third-party library to initiate a call.</p>
|
<p>When the call button is pressed, it will emit an event that can be used by a third-party library to initiate a call.</p>
|
||||||
@ -800,20 +827,20 @@ page load.</p>
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="show-only-online-users">
|
<div class="section" id="show-only-online-users">
|
||||||
<h3><a class="toc-backref" href="#id45">show_only_online_users</a><a class="headerlink" href="#show-only-online-users" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id47">show_only_online_users</a><a class="headerlink" href="#show-only-online-users" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
||||||
<p>If set to <tt class="docutils literal"><span class="pre">true</span></tt>, only online users will be shown in the contacts roster.
|
<p>If set to <tt class="docutils literal"><span class="pre">true</span></tt>, only online users will be shown in the contacts roster.
|
||||||
Users with any other status (e.g. away, busy etc.) will not be shown.</p>
|
Users with any other status (e.g. away, busy etc.) will not be shown.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="use-vcards">
|
<div class="section" id="use-vcards">
|
||||||
<h3><a class="toc-backref" href="#id46">use_vcards</a><a class="headerlink" href="#use-vcards" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id48">use_vcards</a><a class="headerlink" href="#use-vcards" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Default = <tt class="docutils literal"><span class="pre">true</span></tt></p>
|
<p>Default = <tt class="docutils literal"><span class="pre">true</span></tt></p>
|
||||||
<p>Determines whether the XMPP server will be queried for roster contacts’ VCards
|
<p>Determines whether the XMPP server will be queried for roster contacts’ VCards
|
||||||
or not. VCards contain extra personal information such as your fullname and
|
or not. VCards contain extra personal information such as your fullname and
|
||||||
avatar image.</p>
|
avatar image.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="xhr-custom-status">
|
<div class="section" id="xhr-custom-status">
|
||||||
<h3><a class="toc-backref" href="#id47">xhr_custom_status</a><a class="headerlink" href="#xhr-custom-status" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id49">xhr_custom_status</a><a class="headerlink" href="#xhr-custom-status" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
||||||
<div class="admonition note">
|
<div class="admonition note">
|
||||||
<p class="first admonition-title">Note</p>
|
<p class="first admonition-title">Note</p>
|
||||||
@ -823,7 +850,7 @@ avatar image.</p>
|
|||||||
remote server.</p>
|
remote server.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="xhr-custom-status-url">
|
<div class="section" id="xhr-custom-status-url">
|
||||||
<h3><a class="toc-backref" href="#id48">xhr_custom_status_url</a><a class="headerlink" href="#xhr-custom-status-url" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id50">xhr_custom_status_url</a><a class="headerlink" href="#xhr-custom-status-url" title="Permalink to this headline">¶</a></h3>
|
||||||
<div class="admonition note">
|
<div class="admonition note">
|
||||||
<p class="first admonition-title">Note</p>
|
<p class="first admonition-title">Note</p>
|
||||||
<p class="last">XHR stands for XMLHTTPRequest, and is meant here in the AJAX sense (Asynchronous Javascript and XML).</p>
|
<p class="last">XHR stands for XMLHTTPRequest, and is meant here in the AJAX sense (Asynchronous Javascript and XML).</p>
|
||||||
@ -835,7 +862,7 @@ message will be made.</p>
|
|||||||
<p>The message itself is sent in the request under the key <tt class="docutils literal"><span class="pre">msg</span></tt>.</p>
|
<p>The message itself is sent in the request under the key <tt class="docutils literal"><span class="pre">msg</span></tt>.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="xhr-user-search">
|
<div class="section" id="xhr-user-search">
|
||||||
<h3><a class="toc-backref" href="#id49">xhr_user_search</a><a class="headerlink" href="#xhr-user-search" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id51">xhr_user_search</a><a class="headerlink" href="#xhr-user-search" title="Permalink to this headline">¶</a></h3>
|
||||||
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
<p>Default = <tt class="docutils literal"><span class="pre">false</span></tt></p>
|
||||||
<div class="admonition note">
|
<div class="admonition note">
|
||||||
<p class="first admonition-title">Note</p>
|
<p class="first admonition-title">Note</p>
|
||||||
@ -852,7 +879,7 @@ message will be made.</p>
|
|||||||
corresponds to a matched user and needs the keys <tt class="docutils literal"><span class="pre">id</span></tt> and <tt class="docutils literal"><span class="pre">fullname</span></tt>.</p>
|
corresponds to a matched user and needs the keys <tt class="docutils literal"><span class="pre">id</span></tt> and <tt class="docutils literal"><span class="pre">fullname</span></tt>.</p>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="xhr-user-search-url">
|
<div class="section" id="xhr-user-search-url">
|
||||||
<h3><a class="toc-backref" href="#id50">xhr_user_search_url</a><a class="headerlink" href="#xhr-user-search-url" title="Permalink to this headline">¶</a></h3>
|
<h3><a class="toc-backref" href="#id52">xhr_user_search_url</a><a class="headerlink" href="#xhr-user-search-url" title="Permalink to this headline">¶</a></h3>
|
||||||
<div class="admonition note">
|
<div class="admonition note">
|
||||||
<p class="first admonition-title">Note</p>
|
<p class="first admonition-title">Note</p>
|
||||||
<p class="last">XHR stands for XMLHTTPRequest, and is meant here in the AJAX sense (Asynchronous Javascript and XML).</p>
|
<p class="last">XHR stands for XMLHTTPRequest, and is meant here in the AJAX sense (Asynchronous Javascript and XML).</p>
|
||||||
@ -865,9 +892,9 @@ The query string will be included in the request with <tt class="docutils litera
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="minification">
|
<div class="section" id="minification">
|
||||||
<h1><a class="toc-backref" href="#id51">Minification</a><a class="headerlink" href="#minification" title="Permalink to this headline">¶</a></h1>
|
<h1><a class="toc-backref" href="#id53">Minification</a><a class="headerlink" href="#minification" title="Permalink to this headline">¶</a></h1>
|
||||||
<div class="section" id="minifying-javascript-and-css">
|
<div class="section" id="minifying-javascript-and-css">
|
||||||
<h2><a class="toc-backref" href="#id52">Minifying Javascript and CSS</a><a class="headerlink" href="#minifying-javascript-and-css" title="Permalink to this headline">¶</a></h2>
|
<h2><a class="toc-backref" href="#id54">Minifying Javascript and CSS</a><a class="headerlink" href="#minifying-javascript-and-css" title="Permalink to this headline">¶</a></h2>
|
||||||
<p>Please make sure to read the section <a class="reference internal" href="#development">Development</a> and that you have installed
|
<p>Please make sure to read the section <a class="reference internal" href="#development">Development</a> and that you have installed
|
||||||
all development dependencies (long story short, you can run <tt class="docutils literal"><span class="pre">npm</span> <span class="pre">install</span></tt>
|
all development dependencies (long story short, you can run <tt class="docutils literal"><span class="pre">npm</span> <span class="pre">install</span></tt>
|
||||||
and then <tt class="docutils literal"><span class="pre">grunt</span> <span class="pre">fetch</span></tt>).</p>
|
and then <tt class="docutils literal"><span class="pre">grunt</span> <span class="pre">fetch</span></tt>).</p>
|
||||||
@ -884,7 +911,7 @@ using <a class="reference external" href="https://github.com/jrburke/almond">alm
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="section" id="translations">
|
<div class="section" id="translations">
|
||||||
<h1><a class="toc-backref" href="#id53">Translations</a><a class="headerlink" href="#translations" title="Permalink to this headline">¶</a></h1>
|
<h1><a class="toc-backref" href="#id55">Translations</a><a class="headerlink" href="#translations" title="Permalink to this headline">¶</a></h1>
|
||||||
<div class="admonition note">
|
<div class="admonition note">
|
||||||
<p class="first admonition-title">Note</p>
|
<p class="first admonition-title">Note</p>
|
||||||
<p class="last">Translations take up a lot of space and will bloat your minified file.
|
<p class="last">Translations take up a lot of space and will bloat your minified file.
|
||||||
|
File diff suppressed because one or more lines are too long
@ -781,11 +781,19 @@ key be cached in your browser's session storage.
|
|||||||
The browser's session storage persists across page loads but is deleted once
|
The browser's session storage persists across page loads but is deleted once
|
||||||
the tab or window is closed.
|
the tab or window is closed.
|
||||||
|
|
||||||
If this options is set to ``false``, a new OTR private key will be generated
|
If this option is set to ``false``, a new OTR private key will be generated
|
||||||
for each page load. While more inconvenient, this is a much more secure option.
|
for each page load. While more inconvenient, this is a much more secure option.
|
||||||
|
|
||||||
This setting can only be used together with ``allow_otr = true``.
|
This setting can only be used together with ``allow_otr = true``.
|
||||||
|
|
||||||
|
|
||||||
|
.. Note ::
|
||||||
|
A browser window's session storage is accessible by all javascript that
|
||||||
|
is served from the same domain. So if there is malicious javascript served by
|
||||||
|
the same server (or somehow injected via an attacker), then they will be able
|
||||||
|
to retrieve your private key and read your all the chat messages in your
|
||||||
|
current session. Previous sessions however cannot be decrypted.
|
||||||
|
|
||||||
debug
|
debug
|
||||||
-----
|
-----
|
||||||
|
|
||||||
@ -793,6 +801,16 @@ Default = ``false``
|
|||||||
|
|
||||||
If set to true, debugging output will be logged to the browser console.
|
If set to true, debugging output will be logged to the browser console.
|
||||||
|
|
||||||
|
expose_rid_and_sid
|
||||||
|
------------------
|
||||||
|
|
||||||
|
Allow the prebind tokens, RID (request ID) and SID (session ID), to be exposed
|
||||||
|
globally via the API. This allows other scripts served on the same page to use
|
||||||
|
these values.
|
||||||
|
|
||||||
|
*Beware*: a malicious script could use these tokens to assume your identity
|
||||||
|
and inject fake chat messages.
|
||||||
|
|
||||||
fullname
|
fullname
|
||||||
--------
|
--------
|
||||||
|
|
||||||
|
@ -17,11 +17,31 @@
|
|||||||
it("has an API method for retrieving the next RID", $.proxy(function () {
|
it("has an API method for retrieving the next RID", $.proxy(function () {
|
||||||
var old_connection = converse.connection;
|
var old_connection = converse.connection;
|
||||||
converse.connection.rid = '1234';
|
converse.connection.rid = '1234';
|
||||||
|
converse.expose_rid_and_sid = false;
|
||||||
|
expect(converse_api.getRID()).toBe(null);
|
||||||
|
|
||||||
|
converse.expose_rid_and_sid = true;
|
||||||
expect(converse_api.getRID()).toBe('1234');
|
expect(converse_api.getRID()).toBe('1234');
|
||||||
|
|
||||||
converse.connection = undefined;
|
converse.connection = undefined;
|
||||||
expect(converse_api.getRID()).toBe(null);
|
expect(converse_api.getRID()).toBe(null);
|
||||||
// Restore the connection
|
// Restore the connection
|
||||||
converse.connection = old_connection;
|
converse.connection = old_connection;
|
||||||
}, converse));
|
}, converse));
|
||||||
|
|
||||||
|
it("has an API method for retrieving the SID", $.proxy(function () {
|
||||||
|
var old_connection = converse.connection;
|
||||||
|
converse.connection.sid = '1234';
|
||||||
|
converse.expose_rid_and_sid = false;
|
||||||
|
expect(converse_api.getSID()).toBe(null);
|
||||||
|
|
||||||
|
converse.expose_rid_and_sid = true;
|
||||||
|
expect(converse_api.getSID()).toBe('1234');
|
||||||
|
|
||||||
|
converse.connection = undefined;
|
||||||
|
expect(converse_api.getSID()).toBe(null);
|
||||||
|
// Restore the connection
|
||||||
|
converse.connection = old_connection;
|
||||||
|
}, converse));
|
||||||
}, converse, mock, utils));
|
}, converse, mock, utils));
|
||||||
}));
|
}));
|
||||||
|
Loading…
Reference in New Issue
Block a user