Commit Graph

146 Commits

Author SHA1 Message Date
Asher
288e794c99
Update locale file location
Should make language packs work again.
2020-02-20 12:52:23 -06:00
Asher
c567a06ff5
Fix HTTPS redirects and TLS sockets
It still won't work behind a base path, but if you're using a reverse
proxy you can just redirect to HTTPS yourself. And should probably
handle TLS termination there too.

For sockets I just needed to add back the proxy call.
2020-02-19 17:59:12 -06:00
Asher
51a5c77cb8
Add binary extraction
I temporarily removed this during the refactor so it needed to be added
back. This time I bundled it with the nbin loader code since it's all
related (will also make it easier to remove).
2020-02-19 14:15:01 -06:00
Asher
80b2d9481f
Don't display stack trace for cli parse failures
Just display the error message and exit. The stack trace isn't necessary
(since it's likely user error) and is potentially confusing.
2020-02-19 11:15:39 -06:00
Asher
0e2eaa9b34
Add valid values for --log 2020-02-19 11:11:29 -06:00
Asher
0263188431
Handle --long=value format in the cli parser 2020-02-19 10:54:23 -06:00
Anmol Sethi
76831f11fc
Merge branch 'fix-ci' into restructure 2020-02-18 19:07:34 -05:00
Anmol Sethi
5681c87e33
Fix bugs in CI 2020-02-18 19:06:35 -05:00
Asher
46d6e17508
Prepare for release
- Add VS Code icon
- Trim dashboard to just display dedicated VS Code section
- Version was getting unset during build
- Add back nbin shim which I temporarily took out earlier
- Update tests for log level env var changes
2020-02-18 17:31:23 -06:00
Asher
bdb189a9bb
Allow https images
Fixes extension icons not loading.
2020-02-18 14:57:12 -06:00
Asher
8793110941
Implement endpoint for getting recent directories 2020-02-18 14:13:22 -06:00
Asher
f6b092b12d
Merge branch 'restructure' 2020-02-18 13:30:37 -06:00
Asher
d47591e253
Inject base path into manifest
Might fix #1181, although not for the reasons I initially
thought (because the URLs are resolved from the manifest path, not the
path of the current page). This should ensure that the URLs used by the
manifest are always correct regardless of the manifest's path.
2020-02-18 13:01:18 -06:00
Asher
39a57700bc
Enable access to vscode cli 2020-02-18 12:24:12 -06:00
Anmol Sethi
1a54f6b7ef
Merge remote-tracking branch 'origin/restructure' into anmol-restructure 2020-02-18 12:52:29 -05:00
Anmol Sethi
61d1af0413
Add macOS release step 2020-02-14 21:16:23 -05:00
Anmol Sethi
4aa15401c3
Format and lint 2020-02-14 20:00:19 -05:00
Asher
0ec83f8736
Check updates daily instead of every time
Also add a way to force a check.
2020-02-14 16:46:22 -06:00
Asher
db54f78e8e
Implement automatic updates 2020-02-14 15:58:39 -06:00
Asher
b8fa7da972
Simplify frontend
Just a login form and a list of applications. No modals or anything like
that.
2020-02-13 20:10:14 -06:00
Asher
bf1be16d11
Fix base path
Now it should work whether you have a trailing slash or not.
2020-02-13 12:41:58 -06:00
Asher
cc79edb312
Fix duplicate files opening with folder parameter
Reworked from d574012871 to fit in the
new structure.
2020-02-13 12:04:22 -06:00
Asher
5baf16622f
Fix VS Code product configuration not loading 2020-02-07 16:47:51 -06:00
Asher
256419004d
Implement cli parser 2020-02-07 14:43:08 -06:00
Asher
26f8216ec8
Un-nest a switch 2020-02-06 14:00:38 -06:00
Asher
63f3c04c57
Move user data directory logic out of patch 2020-02-06 13:12:00 -06:00
Asher
8a0f1d846e
Move start path logic out of patch and fix it 2020-02-06 12:29:38 -06:00
Asher
efaeb3b110
Add hidden username field for accessibility 2020-02-06 10:26:53 -06:00
Asher
6cebfa469d
Generalize initial app logic 2020-02-05 18:47:00 -06:00
Asher
205775ac97
Only serve HTML on specific index.html requests
Otherwise there is risk of an infinite loop through the iframe where the
fallback keeps loading the root HTML which itself has an iframe...
2020-02-05 17:45:24 -06:00
Asher
4cc181cedc
Make routing base path agnostic 2020-02-05 17:38:21 -06:00
Asher
6e809b6a31
Handle when VS Code fails to load
This is mostly for development where VS Code might not have finished
compiling yet.
2020-02-05 14:23:42 -06:00
Asher
7c6fe56043
Add logo to background 2020-02-05 13:30:29 -06:00
Asher
8cc11d1688
Improve routing 2020-02-05 13:07:07 -06:00
Asher
dbc5c065f8
Improve HTTP provider registration 2020-02-04 16:55:27 -06:00
Asher
b30aefcfb1
Add linting steps and improve testing steps 2020-02-04 15:42:55 -06:00
Asher
b29346ecdf
Implement new structure 2020-02-04 14:31:44 -06:00
Anmol Sethi
e6117decd0 Revert "Set display property in manifest to fullscreen"
This reverts commit c7127cb248.
2020-02-04 11:30:00 -06:00
TheHllm
c7127cb248
Set display property in manifest to fullscreen 2020-02-04 11:23:21 -06:00
Asher
8122b7f69e
Remove unused upload service
No longer needed since VS Code has their own now.
2020-01-17 12:23:36 -06:00
Asher
e2d354c8f2
Move manifest icon to the root as well 2020-01-16 12:11:56 -06:00
Asher
7c178805ea
Add comment about the manifest's served location
Also for #1278.
2020-01-16 11:44:17 -06:00
Asher
45f70e741f
Move manifest to the root
Fixes #1278.
2020-01-16 11:36:17 -06:00
Asher
1474a82c7d
Add insecure access notification 2020-01-16 11:15:22 -06:00
Asher
e6d1f2a7c8
Update VS Code to 1.41.0 2019-12-16 16:52:29 -06:00
Asher
e5fc63f2c8
Fix accessing manifest behind basic auth
Apparently the manifest spec doesn't include sending credentials in an
attempt to be secure by default.

Fixes #1212.
2019-12-09 11:25:59 -06:00
Asher
e14362f322
Pass along Node options 2019-11-14 17:20:23 -06:00
Asher
2018024810
Hash password
Fixes issues with unexpected characters breaking things when setting the
cookie (like semicolons).

This change as-is does not affect the security of code-server
itself (we've just replaced the static password with a static hash) but
if we were to add a salt in the future it would let us invalidate keys
by rehashing with a new salt which could be handy.
2019-11-07 15:57:57 -06:00
Asher
a1d6bcb8e5
Handle cookies more robustly
If you visit /login/ instead of /login the cookie will be set at /login
instead of / which means the cookie can't be read at the root. It will
redirect to the login page which *can* read the cookie at /login and
redirect back resulting in an infinite loop.

The previous solution relied on setting the cookie at / (any invalid
value works) which then overrode the login page cookie since
parseCookies only kept a single value. So the login page would see the
same cookie the root was seeing and not redirect back. However, that
behavior depends on the cookies being in the right order which I'm not
sure is guaranteed.

This new method tests all available cookies and always sets the cookie
so the root path will be able to read it in case the login page is
seeing a cookie the root can't.

It also goes a step further and explicitly sets the path on the cookie
which fixes the case where there is a permanent misconfiguration
redirecting /login to /login/. Otherwise the cookie would continually be
set on /login only and you'd have another loop. It also means you only
need to delete one cookie to log out.

Lastly add some properties to make the cookies a bit more secure.
2019-11-07 13:36:18 -06:00
ecrode
727ac6483b Clear password when redirecting to login
Should prevent endless redirects when the cookie is set on a different path or domain (like with a dot prefix).
2019-11-07 11:38:10 -06:00