1
0
mirror of https://github.com/coder/code-server.git synced 2024-12-05 07:13:06 +08:00
code-server/patches/insecure-notification.diff
Asher a1af9e2a56
chore: move to patches (#4997)
* Move integration types into code-server

This will be easier to maintain than to have it as a patch.

* Disable connection token

Using a flag means we will not need to patch it out.  I think this is
new from 1.64?

* Add product.json to build process

This way we do not have to patch it.

* Ship with remote agent package.json

Instead of the root one.  This contains fewer dependencies.

* Let Code handle errors

This way we will not have to patch Code to make this work and I think it
makes sense to let Code handle the request.

If we do want to handle errors we can do it cleanly by patching their
error handler to throw instead.

* Move manifest override into code-server

This way we will not have to patch it.

* Move to patches

- Switch submodule to track upstream
- Add quilt to the process
- Add patches

The node-* ignore was ignoring one of the diffs so I removed it.  This
was added when we were curling Node as node-v{version}-darwin-x64 for
the macOS build but this no longer happens (we use the Node action to
install a specific version now so we just use the system-wide Node).

* Use pre-packaged Code
2022-03-22 15:07:14 -05:00

58 lines
1.7 KiB
Diff

Add a notification when accessing code-server in an insecure context
This is done because otherwise when things like the clipboard do not work users
may think code-server is broken. Ideally there would be a notification at the
point where these things are used instead of this though.
To test access over something like an HTTP domain or an IP address (not
localhost).
Index: code-server/lib/vscode/src/vs/workbench/browser/client.ts
===================================================================
--- code-server.orig/lib/vscode/src/vs/workbench/browser/client.ts
+++ code-server/lib/vscode/src/vs/workbench/browser/client.ts
@@ -1,7 +1,10 @@
import { Disposable } from 'vs/base/common/lifecycle';
+import { localize } from 'vs/nls';
+import { INotificationService, Severity } from 'vs/platform/notification/common/notification';
export class CodeServerClient extends Disposable {
constructor (
+ @INotificationService private notificationService: INotificationService,
) {
super();
}
@@ -42,5 +45,32 @@ export class CodeServerClient extends Di
}
});
}
+
+ if (!window.isSecureContext) {
+ this.notificationService.notify({
+ severity: Severity.Warning,
+ message: localize(
+ 'insecureContext',
+ "{0} is being accessed in an insecure context. Web views, the clipboard, and other functionality may not work as expected.",
+ 'code-server',
+ ),
+ actions: {
+ primary: [
+ {
+ id: 'understand',
+ label: localize('confirmInsecure', "I understand"),
+ tooltip: '',
+ class: undefined,
+ enabled: true,
+ checked: true,
+ dispose: () => undefined,
+ run: () => {
+ return Promise.resolve();
+ },
+ },
+ ],
+ },
+ });
+ }
}
}