From ec20e1ece2a97476f4c51682f71cbe6e6253411f Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Wed, 5 Feb 2020 16:35:23 +0000
Subject: [PATCH 1/5] Embed CSP meta tag and stop using script-src
unsafe-inline
---
src/vector/app.js | 5 +++--
src/vector/index.html | 11 ++---------
src/vector/index.js | 5 +++++
3 files changed, 10 insertions(+), 11 deletions(-)
diff --git a/src/vector/app.js b/src/vector/app.js
index c77049f51..00699dc52 100644
--- a/src/vector/app.js
+++ b/src/vector/app.js
@@ -162,14 +162,15 @@ function onTokenLoginCompleted() {
}
export async function loadApp() {
- if (window.vector_indexeddb_worker_script === undefined) {
+ const vectorIndexeddbWorkerScript = document.body.dataset.vectorIndexeddbWorkerScript;
+ if (!vectorIndexeddbWorkerScript) {
// If this is missing, something has probably gone wrong with
// the bundling. The js-sdk will just fall back to accessing
// indexeddb directly with no worker script, but we want to
// make sure the indexeddb script is present, so fail hard.
throw new Error("Missing indexeddb worker script!");
}
- MatrixClientPeg.setIndexedDbWorkerScript(window.vector_indexeddb_worker_script);
+ MatrixClientPeg.setIndexedDbWorkerScript(vectorIndexeddbWorkerScript);
CallHandler.setConferenceHandler(VectorConferenceHandler);
window.addEventListener('hashchange', onHashChange);
diff --git a/src/vector/index.html b/src/vector/index.html
index fc880633e..60e7a1199 100644
--- a/src/vector/index.html
+++ b/src/vector/index.html
@@ -22,6 +22,7 @@
+
<% for (var i=0; i < htmlWebpackPlugin.files.css.length; i++) {
var file = htmlWebpackPlugin.files.css[i];
var match = file.match(/^bundles\/.*?\/theme-(.*)\.css$/);
@@ -34,18 +35,10 @@
<% }
} %>
-
+
-
-
diff --git a/src/vector/index.js b/src/vector/index.js
index 278c62107..3f34f2c1d 100644
--- a/src/vector/index.js
+++ b/src/vector/index.js
@@ -29,6 +29,11 @@ require('highlight.js/styles/github.css');
import './rageshakesetup';
import './modernizr';
+// load service worker if available on this platform
+if ('serviceWorker' in navigator) {
+ navigator.serviceWorker.register('sw.js');
+}
+
// Ensure the skin is the very first thing to load for the react-sdk. We don't even want to reference
// the SDK until we have to in imports.
console.log("Loading skin...");
From 2b5e028cbebe155e35cb5a2f42af6947d60ba647 Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Wed, 5 Feb 2020 16:37:19 +0000
Subject: [PATCH 2/5] add comment
---
src/vector/app.js | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/vector/app.js b/src/vector/app.js
index 00699dc52..8ade17d81 100644
--- a/src/vector/app.js
+++ b/src/vector/app.js
@@ -162,6 +162,8 @@ function onTokenLoginCompleted() {
}
export async function loadApp() {
+ // XXX: the way we pass the path to the worker script from webpack via html in body's dataset is a hack
+ // but alternatives seem to require changing the interface to passing Workers to js-sdk
const vectorIndexeddbWorkerScript = document.body.dataset.vectorIndexeddbWorkerScript;
if (!vectorIndexeddbWorkerScript) {
// If this is missing, something has probably gone wrong with
From 074a3cfaaf7ca7c201ade258477ea85444f6520a Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Thu, 6 Feb 2020 10:17:38 +0000
Subject: [PATCH 3/5] fix font-src of CSP
---
src/vector/index.html | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/vector/index.html b/src/vector/index.html
index 60e7a1199..8021d1c20 100644
--- a/src/vector/index.html
+++ b/src/vector/index.html
@@ -22,7 +22,7 @@
-
+
<% for (var i=0; i < htmlWebpackPlugin.files.css.length; i++) {
var file = htmlWebpackPlugin.files.css[i];
var match = file.match(/^bundles\/.*?\/theme-(.*)\.css$/);
From 7d68c2c4659d837b563ef6076f52ad275f769436 Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Thu, 6 Feb 2020 11:52:21 +0000
Subject: [PATCH 4/5] re-add child-src as the common ancestor of worker-src and
frame-src for backwards compat and split onto multiple lines for readability
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---
src/vector/index.html | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/src/vector/index.html b/src/vector/index.html
index 8021d1c20..5fc815c5d 100644
--- a/src/vector/index.html
+++ b/src/vector/index.html
@@ -22,7 +22,21 @@
-
+
<% for (var i=0; i < htmlWebpackPlugin.files.css.length; i++) {
var file = htmlWebpackPlugin.files.css[i];
var match = file.match(/^bundles\/.*?\/theme-(.*)\.css$/);
From 3a5a904afb5b8210061138abffa651760e666268 Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Thu, 6 Feb 2020 11:54:05 +0000
Subject: [PATCH 5/5] Update src/vector/index.html
Co-Authored-By: J. Ryan Stinnett
---
src/vector/index.html | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/vector/index.html b/src/vector/index.html
index 5fc815c5d..3fc2f8ca9 100644
--- a/src/vector/index.html
+++ b/src/vector/index.html
@@ -49,7 +49,7 @@
<% }
} %>
-
+
 %>){kind=small}
 %>){kind=small}
 %>){kind=small}
diff --git a/src/vector/index.js b/src/vector/index.js
index 278c62107..3f34f2c1d 100644
--- a/src/vector/index.js
+++ b/src/vector/index.js
@@ -29,6 +29,11 @@ require('highlight.js/styles/github.css');
import './rageshakesetup';
import './modernizr';
+// load service worker if available on this platform
+if ('serviceWorker' in navigator) {
+ navigator.serviceWorker.register('sw.js');
+}
+
// Ensure the skin is the very first thing to load for the react-sdk. We don't even want to reference
// the SDK until we have to in imports.
console.log("Loading skin...");
From 2b5e028cbebe155e35cb5a2f42af6947d60ba647 Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Wed, 5 Feb 2020 16:37:19 +0000
Subject: [PATCH 2/5] add comment
---
src/vector/app.js | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/vector/app.js b/src/vector/app.js
index 00699dc52..8ade17d81 100644
--- a/src/vector/app.js
+++ b/src/vector/app.js
@@ -162,6 +162,8 @@ function onTokenLoginCompleted() {
}
export async function loadApp() {
+ // XXX: the way we pass the path to the worker script from webpack via html in body's dataset is a hack
+ // but alternatives seem to require changing the interface to passing Workers to js-sdk
const vectorIndexeddbWorkerScript = document.body.dataset.vectorIndexeddbWorkerScript;
if (!vectorIndexeddbWorkerScript) {
// If this is missing, something has probably gone wrong with
From 074a3cfaaf7ca7c201ade258477ea85444f6520a Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Thu, 6 Feb 2020 10:17:38 +0000
Subject: [PATCH 3/5] fix font-src of CSP
---
src/vector/index.html | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/vector/index.html b/src/vector/index.html
index 60e7a1199..8021d1c20 100644
--- a/src/vector/index.html
+++ b/src/vector/index.html
@@ -22,7 +22,7 @@
-
+
<% for (var i=0; i < htmlWebpackPlugin.files.css.length; i++) {
var file = htmlWebpackPlugin.files.css[i];
var match = file.match(/^bundles\/.*?\/theme-(.*)\.css$/);
From 7d68c2c4659d837b563ef6076f52ad275f769436 Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Thu, 6 Feb 2020 11:52:21 +0000
Subject: [PATCH 4/5] re-add child-src as the common ancestor of worker-src and
frame-src for backwards compat and split onto multiple lines for readability
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---
src/vector/index.html | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/src/vector/index.html b/src/vector/index.html
index 8021d1c20..5fc815c5d 100644
--- a/src/vector/index.html
+++ b/src/vector/index.html
@@ -22,7 +22,21 @@
-
+
<% for (var i=0; i < htmlWebpackPlugin.files.css.length; i++) {
var file = htmlWebpackPlugin.files.css[i];
var match = file.match(/^bundles\/.*?\/theme-(.*)\.css$/);
From 3a5a904afb5b8210061138abffa651760e666268 Mon Sep 17 00:00:00 2001
From: Michael Telatynski <7t3chguy@gmail.com>
Date: Thu, 6 Feb 2020 11:54:05 +0000
Subject: [PATCH 5/5] Update src/vector/index.html
Co-Authored-By: J. Ryan Stinnett