The API allowed strings to be passed from the RFB module to the
application using the disconnect reason. This caused problems since
the application didn't have control over translations for these
strings.
Most of the information being passed using this string was very
technical and not helpful to the end user. One exception to this was
the security result information regarding for example authentication
failures. The protocol allows the VNC server to pass a string
directly to the user in the security result.
So the disconnect reason is replaced by a boolean saying if the
disconnection was clean or not. And for the security result information
from the server, a new event has been added.
Instead of exposing all the internal connection states, the RFB module
will now only send events on connect and on disconnect. This makes it
simpler for the application and gets rid of the double events that were
being sent on disconnect (previously updatestate and disconnect).
An RFB object represents a single connection so it doesn't make
sense to have one without it trying to connect right away. Matches
the behaviour of other APIs, e.g. WebSocket.
Use normal properties with JavaScript setters and getters instead of
our homegrown stuff.
This also changes the properties to follow normal naming conventions.
Sort things by category, and organise everything in the same place.
We don't support reuse of RFB objects so we can safely init everything
in the constructor.
Converted version downloaded from sinonjs.org. Fixed version that
doesn't register itself on the global object. This forces all modules to
do a proper import.
The VNC protocol can't handle different deltas or speeds for a mouse
wheel event. When using a device that sends a lot of small mouse wheel
events, instead of fewer larger steps, the effect was that mouse wheel
scrolling was way to sensitive.
This patch looks at the delta of wheel events and doesn't send events
until the combined delta has passed a threshold. Single events that
doesn't pass the threshold get sent after a timeout in order to not
loose any events.
Fixes#577.
Servers will assume that a scan code is present if this message type
is used, so fall back to the standard key event message if we don't
know the scan code.
IE and Edge have some corner cases (e.g. Ctrl+key) where we get
insufficient information in the keydown event, and we never get
a keypress event. Try to make a guess of the key in those cases.
iOS sends decent key down events, but junk key up events when a
hardware keyboard is used. This confuses the key tracking as a
corresponding release is then never detected. To work around this
we'll treat the hardware keyboard like the virtual ones and send
the key release right away.
Change back to the old, non-modular recording file format. The new
method doesn't work reliably and there are existing recordings already
out there that we might want to handle.
It doesn't need to be this general as the issue is mostly about
Windows. Also use the same modifier shuffle that RealVNC and
TigerVNC uses to get macOS working well.
The fields provided cannot tell us if it is the left or right
version of the key that's pressed, so they are inherently unreliable.
It is also not a huge problem in practice as we'll get in sync on
the next press or release of the modifier.
Look up keys that are independent of layout and state first,
followed by keys that are only mild variations in layouts.
This is more robust as there might be multiple physical keys
generating the same symbols, and Keysyms don't map directly to
Unicode in all cases.
At the same time switch over to using the modern, standardised
'code' field for lookup.
Use the more modern 'key' field, and remove some legacy fallbacks
that are no longer required. This also removes the "stall" mechanism
as it is not needed with current browsers.
There is a drag-threshold in the panning code which the tests didn't
account for. This caused the tests to fail when window.devicePixelRatio
was higher than 1.
This commit makes vnc_playback.html functional once more, and completely
refactors tests/playback.js to make it usable in other scenarios.
In order for vnc_playback.js to properly load playback files now, they
must `export` their variables.
This updates the tests to work with the new structure, and removes the
old `utils/run_from_console.js` files in favor of just using Karma
directly. The Karma debug page now displays the normal mocha HTML, so
we can use that instead of the HTML generation functionality of the old
test runner.
Note that PhantomJS does not work at the moment (PhantomJS 1.5 should
make it possible to test on PhantomJS again).
Previously, setting `innerHTML` was used to display the statuses. These
could include content communicated from the remote VNC server, allowing
the remove VNC server to inject HTML into the noVNC page.
This commit switches all uses of `innerHTML` to use `textContent`, which
is not vulnerable to the HTML injection.
Do all rendering to a hidden canvas and then copy over the finished
frame to the visible canvas once everything is done. This simplifies
things and solves some bugs as we can retain a copy of the entire
frame buffer.
setTimeout() is subject to delays, possible massive ones. As such it
is rather useless for performance sensitive code. Use the non-standard
setImmediate() API instead, emulating it on postMessage() when it
isn't available.
The hacks needed to run these tests require proper handling of
properties. Unfortunately IE and old versions of Chrome mess up,
so just skip the tests there.
We have to temporarily replace window.navigator due to the fact that
its property languages is read-only. The tests for the translation
utilities require different values of this property. The failing tests
were added in merge of PR #718 (in commit
f5bf2d84ef).
Supports server configurations that might prefer wss:// connections
on the default port, then proxies them through the web server to the
VNC server.
This proxy configuration is helpful on servers using self-signed
certificates. Accessing the https://host/vnc_auto.html page and
adding an exception for that host is sufficient to also satisfy the
wss://host/ request, unlike requests to wss://host:port/ which
may require an extra certificate exception.
RFB's _fail function logs the error, disconnects the session and sets
disconnect_reason. The disconnect_reason is upon disconnection sent to
the user interface. It is thus not suitable for including error details
that aren't user friendly. The idea is that you will look in the
browser console for a full log with details of the error.
Samuel Mannehed
Pierre Ossman
Solly Ross
Kyle Russell
Pierre Ossman