Commit Graph

430 Commits

Author SHA1 Message Date
pdlan f974b73137 Cleanup for the cryptographic algorithms that are not supported by SubtleCrypto 2023-01-20 05:54:00 -05:00
Pierre Ossman 12a7c6f0de Check for Android using userAgent
Modern Android systems seem to report "Linux" for navigator.platform, so
we can no longer rely on that.
2022-12-27 12:50:57 +01:00
Pierre Ossman a187821e4f Add OS checks for Android and ChromeOS 2022-12-27 12:50:57 +01:00
Pierre Ossman 8fb30fb9dc Add unit tests for OS detection 2022-12-27 12:50:57 +01:00
Pierre Ossman ee5e3c5fa3 Refine browser detection
Try to follow the principle outlined by Mozilla when detecting browsers
and engines.
2022-12-27 12:50:57 +01:00
Pierre Ossman 88a36370a9 Add unit tests for browser detection 2022-12-27 12:50:57 +01:00
Pierre Ossman 28c9670427 Remove test code for old Chrome
We don't care about ancient versions of Chrome anyway, so let's keep
things simple.
2022-12-27 12:50:57 +01:00
Dinglan Peng b776e1495e Add MSLogonII security type 2022-12-21 15:52:31 -05:00
Pierre Ossman 6eb17b27a0 Correctly mask non-BMP clipboard characters
JavaScript strings use UTF-16 encoding under the hood, but we only want
a single '?' per character we replace. So we need to be more careful
which methods we use when iterating over the clipboard string.
2022-10-27 16:24:27 +02:00
Pierre Ossman 6b555f1f74 Mask unsupported clipboard characters
Add a more explicit '?' for characters that the clipboard cannot handle,
instead of getting random junk.
2022-10-27 16:03:22 +02:00
Pierre Ossman 0410cbc190 Remove redundant inspect() override
We do this for all RFB tests now, not just these specific assertions.
2022-10-27 16:03:01 +02:00
Pierre Ossman 337fb06535 Restore Websock.allocateBuffers() after tests
This was accidentally removed in 0a6aec3578.
2022-10-27 16:02:02 +02:00
Pierre Ossman fee115b13f Update method to limit assertion output
Newer versions of the test framework use the inspect() method instead of
toString() for overriding the default output.
2022-10-27 15:59:48 +02:00
Miroslav Šedivý 1971823a4f auto release keys while meta is held down. 2022-10-15 14:48:39 +02:00
Pierre Ossman df8d005de9 VeNCrypt should handle classical types
VeNCrypt is a superset of the original security types, so it should be
fine to send any of the classical values here as well.
2022-08-18 16:26:33 +02:00
Pierre Ossman 795494ade1 Prefer security types in the server's order
This is how TigerVNC has been behaving for years and has worked well
there, so let's follow them.
2022-08-18 16:26:27 +02:00
Pierre Ossman 6719b932cf Avoiding internal variables for security tests
A good test uses only input and output, so let's avoid assuming internal
variable names or behaviours.
2022-08-18 16:26:09 +02:00
Pierre Ossman 5671072dfe Expect security result for RFB 3.7
The cut off was wrong here. 3.7 will send a security result, but not a
security reason. It also fixes the issue that < 3.7 (e.g. 3.3) supports
VNC authentication as well.
2022-08-18 16:25:59 +02:00
Pierre Ossman 8a7089c0c6 Remove redundant security result tests
The event is the desired behaviour. RFB._fail() being called is just an
internal detail that we shouldn't care about.
2022-08-18 16:24:24 +02:00
Pierre Ossman 42ec5f3321 Merge branch 'appleremotedesktop' of https://github.com/pauldumais/noVNC 2022-04-05 07:55:14 +02:00
Paul Dumais e21ed2e689 Added support for Apple Remote Desktop authentication
Fixed eslint warnings

Fixing tests that failed

Added unit tests for ARD authentication

Fixed an issue with the ARD rfb version number in the unit tests

Fixed issue with username/password lengths

Username and password lengths are now capped at 63 characters each.  Improved code for sign bit on public key bytes.

UTF Encoder username and password before packing it

Change UTF encoding to encode the username and password before packing it to prevent it from being expanded beyond the allowed size.  Public key is truncated to proper key length.

Replaced forge with web crypto for ARD authentication

Changed the way in which the async methods are handled, added unit tests to verify ARD encryption output.

Update .eslintignore
2022-04-04 11:40:19 -04:00
Pierre Ossman eac11d5799 Merge branch 'add-ra2ne-security-type' of https://github.com/pdlan/noVNC 2022-03-10 12:37:34 +01:00
pdlan a1709b999e Added support for RSA-AES Unencrypted Security Type 2022-03-08 13:24:26 -05:00
Samuel Mannehed 0ff0844a14 Ignore resize observation caused by server resizes
If we increase the remote screen size from the server in such a way that
it no longer fits the browser window, the browser will probably want to
show scrollbars. The same happens if you enable 'clipping' while the
remote is larger than the browser window. These scrollbars do, in turn,
decrease the available space in the browser window. This causes our
ResizeObserver to trigger.

If the resize observation triggers a requestRemoteResize() we will
overwrite the size and request a new one just because scrollbars have
appeared. We don't want that.

We can save the expected client size after resizing, and then compare
the current client size with the expected one. If there is no change
compared to the expected size, we shouldn't send the request.

Fixes issue #1616.
2021-12-13 11:20:14 +01:00
Samuel Mannehed 6cd69705d6 Make sure we wait for the resizeTimeout in tests
Not waiting for the full timeout can obscure future bugs.
2021-12-13 11:20:14 +01:00
Samuel Mannehed acc30093ad Replace resize events with observations in tests
This was missed in commit 375f36c575,
probably because these unit tests still passed (due to the expectancy
was for the code to not act on the resize events).
2021-12-13 11:20:14 +01:00
Samuel Mannehed c0d4dc8eb3 Breakdown of ExtendedDesktopSize message in tests
Saves time by not requiring the developer to look up the RFB protocol
each time viewing these tests.
2021-12-13 11:20:14 +01:00
Samuel Mannehed a7b96087d7 Add some explanatory comments to test.rfb.js 2021-12-13 11:20:13 +01:00
Pierre Ossman 6710410356 Merge branch 'add-jpeg-encoding' of https://github.com/pdlan/noVNC 2021-11-29 09:18:50 +01:00
Pierre Ossman 721eaa4f50 Fix lint error in encodings test 2021-11-26 11:38:01 +01:00
Pierre Ossman 65d6357cdf Add missing ZRLE encoding constant
Also add a unit test to catch omissions like this in the future.
2021-11-26 11:13:06 +01:00
pdlan 7f84160147 Add RealVNC's JPEG encoding
Add support for RealVNC's JPEG encoding.

Add tests for JPEGDecoder. Fix the corner case of caching Huffman or quantization tables.
2021-11-26 03:59:19 -05:00
Pierre Ossman bfb6ac259d Merge branch 'zrle' of https://github.com/pauldumais/noVNC 2021-11-26 09:27:08 +01:00
Paul Dumais d4c887e23f Added support for ZRLE encoding
Fixed eslint warnings

Improved memory usage of zrle decoding.  Added unit tests for zrle decoding.

Added support for ZRLE encoding

Fixed eslint warnings

Reverted allowIncomplete changes to Inflator

Fixed failing tests for zrle decoder.
2021-11-23 12:02:42 -05:00
Pierre Ossman 301714928b Avoid scrolling on RFB object focus
Chrome scrolls the view to show as much as possible of the canvas when
we call focus(), which is likely not the desired behaviour.

This also exposes the ability to pass on future options when focusing
the RFB object manually.
2021-11-16 09:38:14 +01:00
Pierre Ossman 096449da35 Add unit tests for Inflator 2021-11-16 09:37:56 +01:00
Samuel Mannehed f69d55c02f Fix parsing of query string variables
This space that was added here was added to the parsed value of the
query variable. This broke any comparisons with the value, for example
"myvar=true" resulted in a value of "true ".

This was broken by f796b05e42

The commit also adds unit tests for webutil.getConfigVar() that will
detect problems like this in the future.
2021-09-08 15:37:42 +02:00
Samuel Mannehed 375f36c575 Modify unit tests to work with ResizeObserver 2021-09-03 16:52:20 +02:00
Pierre Ossman 7485e82b72 Update playback test to use new API
Hooking in to the underlying WebSocket after it has been created no
longer works, so clean things up and use the new method of passing an
existing object to the RFB constructor.
2021-07-22 16:56:49 +02:00
Pierre Ossman dbd519558c Initiate connection from RFB constructor
We need to do this in order to safely attach to existing WebSocket
objects. There may be message events already pending so we must set up
our event handlers before returning.

This means we will now throw errors instead of generating "disconnect"
events on problems as the caller no longer has the opportunity to set up
event handlers.

This might have been the correct approach from the start as it mimics
how e.g. the WebSocket constructor works.
2021-04-18 14:27:57 +02:00
Pierre Ossman de9fc9508c Don't fake open events in Websock
We don't know if the caller is prepared to receive those events right
now as normally they would get them on a fresh new stack later. We also
can't delay delivery since then we might deliver the event after any
pending "message" events.

Better to push the problem one layer up to the caller, which now needs
to be more aware of the state of the WebSocket object it is trying to
use.
2021-04-18 14:26:30 +02:00
Pierre Ossman 9376191fc4 Refuse to use already closed WebSocket objects
We can't do anything useful with them anyway.
2021-04-18 14:26:28 +02:00
Pierre Ossman b7b7e4e26b Provide readyState for Websock objects
It mainly reports the state of the underlying object in consistent
manner.
2021-04-18 14:26:05 +02:00
Pierre Ossman 42100e8233 Add unit tests for connect/attach errors 2021-04-18 14:25:59 +02:00
Pierre Ossman ae3c01f782 Add unit tests for passing WebSocket objects 2021-04-18 14:25:03 +02:00
Pierre Ossman f0e4908dec Stop explicitly testing connection states
These are internal and we should be testing the externally observable
behaviour.
2021-04-18 14:24:05 +02:00
lhchavez f9a8c4ccd5 Add VeNCrypt Plain authentication tests
This change adds tests for the VeNCrypt Plain authentication. In doing
that, this also fixes a typo that was introduced in a recent change.
2021-03-13 05:40:38 -08:00
Tim Stableford 44d384b99c Added support for RTCDataChannel
This work is originally by Ryan Castner <castner.rr@gmail.com> and
submitted as a PR here https://github.com/novnc/noVNC/pull/1362

Architecturally it is much the same except it doesn't rename a lot
of variables to make this more reviewable. It also avoids unrelated
changes such as replacing .onclose with an event listener, which
caused numerous test failures.

It also adds in ppoffice's fix to initialise the buffers.

Like the original author I don't have enough time available to
refactor this project to the new style event listeners.

Review cleanup for RTCDataChannel support (see below)

* More descriptive error when url or channel not set.
* Moved websocket property check to WebSock.
  This had unintended consequences in the tests that required some
  fixup. Mostly due to some tests not always passing FakeWebsocket.
  FakeWebsocket also needs to set the listeners to null to be compatible
  with what is in thw browser and expected by the property check code.
  The property check code now also takes into account class prototypes
  for test compatibility.
* Removed unreachable code.
* Reverted comment.
* Cleanup raw channel reference in rfb on websock close.
* Use readyState to check whether a socket is open rather than assuming.
* Updated RFB constructor documentation

Removed an unused boolean passed to attach
2021-03-04 18:55:06 +00:00
Pierre Ossman 4ae9d3e75a Remove some unnecessary use of done argument 2020-12-10 10:21:21 +01:00
Pierre Ossman 0cdf2962c0 Fake key releases for some Japanese IM keys
Windows behaves very oddly for some Japanese IM keys in that it won't
send a key release event when the key is released. In some keys it never
sends the event, and in some cases it sends the release as the key is
pressed the subsequent time.
2020-12-10 10:21:21 +01:00