Commit Graph

435 Commits

Author SHA1 Message Date
JC Brand
5406df1bc7 Add an animated spinner when generating a private key. 2014-01-31 13:40:33 +02:00
JC Brand
8232cdaff2 Bugfix. Updates #111
When using OTR with prebind, the user password isn't defined.
=============================================================

When not using prebind, the user password is used to encrypt the private key
for the OTR session before it's saved in session storage.

When using prebind, we ideally want to use the same OTR private key across page
loads, so that we don't have to spend the time generating a new one together
with AKE on every page load. To do this, we need to store it somewhere, like
the browser's session storage.

However, I have yet to find a secure way to store the OTR private key that does
not expose it to maliciously injected javascript.

For now, I've updated the code to generate a new private key and do the AKE
with every page reload.

I'm considering adding code to store the private key in Session Storage and
letting the user explicitly enable this (while making them aware of the risks
involved).
2014-01-31 05:50:38 +02:00
JC Brand
9bce25109c Allow non-amd usage of converse.js without requiring OTR modules. 2014-01-30 09:35:35 +02:00
JC Brand
d7c31d5b73 Minor correction of OTR/SMP explanation. Fixes #113 2014-01-28 03:50:51 +02:00
Pete Nicholls
1d3aa9f450 Add model to onCallButtonClicked event payload 2013-12-26 14:48:48 +13:00
Pete Nicholls
6002e0fdf9 Use converse.emit to dispatch call button event 2013-12-19 12:26:11 +13:00
Pete Nicholls
db60894834 Add optional call button to chat box toolbar 2013-12-19 12:26:07 +13:00
JC Brand
478653aebd Bugfix. Wrong number of online contacts shown. Fixes #97 2013-12-18 16:48:02 +02:00
JC Brand
4186bf3ca3 Throw event onRosterViewUpdated whenever the roster HTML changes. Fixes #101 2013-12-18 16:30:19 +02:00
JC Brand
8633d23738 Sanitize text messages to disable Javascript injection attacks.
Thanks to hejsan.
2013-12-18 13:51:59 +02:00
JC Brand
cbde2a1d49 Make the fetching of VCards optional. Updates #100 2013-12-17 19:24:36 +02:00
JC Brand
7b2d16afbc Bugfix. The 'get' function complains when there's no callback 2013-12-17 18:51:47 +02:00
JC Brand
d1bf5b8466 Add event emitter tests for chatrooms. Updates #48 2013-12-16 19:19:25 +02:00
JC Brand
cdc350f592 Add more tests for events emitting. Updates #48 2013-12-16 15:27:07 +02:00
JC Brand
986c17884b Bugfix. 'this' doesn't refer to converse obj. 2013-12-16 14:37:30 +02:00
JC Brand
9a8975f5b0 Add two more emitted events. Updates #48 2013-12-15 18:04:51 +02:00
JC Brand
e729471bbf Event emitting code. Updates #48
Include the event emitting code in converse.js itself and start emitting events.

Still needs tests and to be thoroughly tested manually.
Still needs docs.
2013-12-15 16:58:46 +02:00
JC Brand
512a463750 Create 3 different builds.
* converse.min.js
* converse-no-otr.min.js (Without OTR encryption)
* converse-no-locales-no-otr.min.js (Without OTR encryption or any translations)
2013-11-17 16:55:38 +02:00
JC Brand
d1d896a3be HAS_CRYPTO was actually checking for the opposite 2013-11-16 11:52:45 +02:00
JC Brand
f73ab4e832 Allow otr and CryptoJS to not be defined.
Will allow builds without OTR functionality.
2013-11-16 11:24:22 +02:00
JC Brand
67c99f60fe Don't put define in try/catch. Breaks optimizer.
Add check HAS_CSPRNG instead of the previous check
2013-11-15 23:33:05 +02:00
JC Brand
518c0fca8a We can't not load the crypto libs, breaks r.js optimizer 2013-11-15 22:57:29 +02:00
JC Brand
4a1eac06cb Check if canvas is supported before trying to render the user avatar. 2013-11-15 22:27:24 +02:00
JC Brand
490d96fd26 Don't load the Crypto libraries if the browser doesn't have CSRNG 2013-11-15 22:16:18 +02:00
JC Brand
18ba56bcfc Remove duplicated crypto code and fixed crypto dependencies on non_amd.html page 2013-11-13 08:16:53 +02:00
JC Brand
f90fa641b8 Typeof returns a string 2013-11-12 08:17:40 +02:00
JC Brand
84e28a33b8 Bugfix. Handle case where pass_check is undefined. 2013-11-12 08:16:07 +02:00
JC Brand
0369f11dc5 Bugfix. Contact's name got replaced with JID. updates #58 2013-11-11 21:56:11 +02:00
JC Brand
e8af60e12b OTR Bugfix. Check the data parameter for confirmation. 2013-11-11 21:45:18 +02:00
JC Brand
c15bcf0a23 Bugfix. Menu slid up again after ending OTR session. 2013-11-11 21:03:41 +02:00
JC Brand
cd3540de55 Finally figured out the subscription='from' ask='subscribe' thing 2013-11-06 19:38:16 +02:00
JC Brand
5944ed99e6 Bugfix. Make sure to remove 'requesting' attr again. 2013-11-06 19:07:58 +02:00
JC Brand
7a5bc7fe65 'ask' attribute of 'subscribe' is only for 'pending out' requests.
Did more investigation with regards to subscription requests.

As far as I can tell, roster updates will only show ask='request' for 'pending
out' requests.

For 'pending in' requests (what converse.js calls requesting contacts), roster
updates are not used and instead a presence stanza with type 'subscribe' is
used.

This makes sense. When sending a presence with type 'subscribe', we need a way
to keep track of our outgoing subscriptions. The XMPP server helps us do this by
adding a user to our roster with ask='request' and subscription='none'.

When our contact receives our presence with type 'subscribe', they have the
information they need. If they go offline and online again, the XMPP server
will resend the presence with type 'subscribe'. So a roster item is not needed.

In convere.js's internal representation of the roster (via the RosterItems backbone
object) we need to add roster items for 'pending in' contacts so that we can
render them and we need to know whether they are 'pending in' or 'pending out'.

We already know they're 'pending out' when ask='subscribe' and
subscription='none'. For 'pending in', since these roster items are only stored
locally and not on the XMPP server (because 'pending in' requests are handled
via <presence> stanzas and not the roster) we add a special attribute
'requesting'.
2013-11-06 09:54:58 +02:00
JC Brand
fb8e2cde72 Roster item 'ask' property is always 'subscribe' for subscription requests
* 'pending' state is denoted by subscription='none', ask='subscribe'
* 'requesting' state is denoted by subscription='from', ask='subscribe'

Reference: http://xmpp.org/rfcs/rfc3921.html#int

I'm not yet 100% sure with regards to the 'requesting' state, I can't find
anything about it in the above mentioned reference, but apparantly that's what
prosody's roster response looks like (e.g. <item jid='XYZ' ask='subscribe'
subscription='from'/> ).

With ejabberd I haven't yet received such a roster response and contact
requests are always handled via presence stanzas.

updates #81
2013-11-06 09:04:44 +02:00
JC Brand
4b9054066d Fall back to user's JID when fullname not found 2013-11-04 15:57:22 +02:00
JC Brand
fc3a08400e Add tests for the chat toolbar.
Including the emoticon menu and the OTR menu.
More tests needed for OTR in particular.
2013-11-03 22:28:44 +02:00
JC Brand
d7d8948eba Refactor ChatRoom tests (move code to utils.js) 2013-11-03 12:02:25 +02:00
JC Brand
d4fa43109f Don't use 'testing' attr override.
Can be used to get the unwrapper 'inner' converse object.

Instead, check that the bosh service value of the connection corresponds to the
mock object used for jasmine tests.
The value tested for is not usable in production, so we're sure we're only
running tests.
2013-11-03 11:38:36 +02:00
JC Brand
38c26013d0 Simplify the boilerplate HTML require even more.
Use id 'conversejs' instead of 'chatpanel'.

The controlbox toggle is now generated via a backbone view, you don't need to
manually include it in your markup.
2013-10-20 22:42:34 +02:00
JC Brand
81f4d19a64 Add option to set the XHR user search URL. Fixes #51 2013-10-20 18:36:07 +02:00
JC Brand
25dc4a27e2 Add smiley support for chatrooms as well 2013-10-20 18:13:34 +02:00
JC Brand
4ab3498285 Bugfix. Roster didn't appear in some cases.
Make sure the last roster item is still added (even if it's a zombie), so that
the roster will be shown (roster is only shown when last_item property is
true).
2013-10-20 12:16:14 +02:00
JC Brand
a5daeb017e Emoticons now supported for single-user chat. 2013-10-19 23:18:17 +02:00
JC Brand
546204bed6 Merge branch '0.6.x' 2013-10-19 18:28:31 +02:00
JC Brand
fd349b217f Don't unnecessarily create objects for roster items 2013-10-19 18:24:06 +02:00
JC Brand
3d84b3e7ae IE8 bugfix. Fixes #52 2013-10-19 17:10:56 +02:00
JC Brand
3c57892cbf Add smiley menu to the chat toolbar
Still to do is rendering smileys in the chat area and chatrooms.
2013-10-17 20:30:37 +02:00
JC Brand
b061f403b3 Remove superfluous element #collective-xmpp-chat-data 2013-10-16 22:29:13 +02:00
JC Brand
6e15986a87 Merge branch '0.6.x'
Conflicts:
	index.html
2013-10-15 19:16:11 +02:00
JC Brand
150846849d Bugfix. Don't reconnect while strophe is still disconnecting
Causes infinit loop of connects and disconnects
2013-10-15 19:03:10 +02:00