We should have constants local for the test function when doing
comparisons or we might have false positives because we compare with
buggy values in the code under test.
Avoid poking around in the internals and instead test things using the
official methods and events. This should give us more realistic and
robust tests.
JavaScript strings use UTF-16 encoding under the hood, but we only want
a single '?' per character we replace. So we need to be more careful
which methods we use when iterating over the clipboard string.
The cut off was wrong here. 3.7 will send a security result, but not a
security reason. It also fixes the issue that < 3.7 (e.g. 3.3) supports
VNC authentication as well.
Fixed eslint warnings
Fixing tests that failed
Added unit tests for ARD authentication
Fixed an issue with the ARD rfb version number in the unit tests
Fixed issue with username/password lengths
Username and password lengths are now capped at 63 characters each. Improved code for sign bit on public key bytes.
UTF Encoder username and password before packing it
Change UTF encoding to encode the username and password before packing it to prevent it from being expanded beyond the allowed size. Public key is truncated to proper key length.
Replaced forge with web crypto for ARD authentication
Changed the way in which the async methods are handled, added unit tests to verify ARD encryption output.
Update .eslintignore
If we increase the remote screen size from the server in such a way that
it no longer fits the browser window, the browser will probably want to
show scrollbars. The same happens if you enable 'clipping' while the
remote is larger than the browser window. These scrollbars do, in turn,
decrease the available space in the browser window. This causes our
ResizeObserver to trigger.
If the resize observation triggers a requestRemoteResize() we will
overwrite the size and request a new one just because scrollbars have
appeared. We don't want that.
We can save the expected client size after resizing, and then compare
the current client size with the expected one. If there is no change
compared to the expected size, we shouldn't send the request.
Fixes issue #1616.
This was missed in commit 375f36c575,
probably because these unit tests still passed (due to the expectancy
was for the code to not act on the resize events).
Chrome scrolls the view to show as much as possible of the canvas when
we call focus(), which is likely not the desired behaviour.
This also exposes the ability to pass on future options when focusing
the RFB object manually.
We need to do this in order to safely attach to existing WebSocket
objects. There may be message events already pending so we must set up
our event handlers before returning.
This means we will now throw errors instead of generating "disconnect"
events on problems as the caller no longer has the opportunity to set up
event handlers.
This might have been the correct approach from the start as it mimics
how e.g. the WebSocket constructor works.
We don't know if the caller is prepared to receive those events right
now as normally they would get them on a fresh new stack later. We also
can't delay delivery since then we might deliver the event after any
pending "message" events.
Better to push the problem one layer up to the caller, which now needs
to be more aware of the state of the WebSocket object it is trying to
use.