Commit Graph

59 Commits

Author SHA1 Message Date
Anders Kaseorg 6ec808b8df js: Add "use strict" directive to CommonJS files.
ES and TypeScript modules are strict by default and don’t need this
directive.  ESLint will remind us to add it to new CommonJS files and
remove it from ES and TypeScript modules.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-31 22:09:46 -07:00
Anders Kaseorg a9ca5f603b js: Replace deprecated jQuery event trigger shorthand.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-21 12:01:26 -07:00
Anders Kaseorg 4e42137bd9 js: Replace deprecated jQuery event handler shorthand.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-21 12:01:26 -07:00
Anders Kaseorg b65d2e063d js: Reformat with Prettier.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-17 14:31:25 -07:00
Anders Kaseorg 883e2fd325 js: Remove inner spacing from object literals.
We’re configuring Prettier with bracketSpacing: false.  Generated by
ESLint.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-17 14:31:25 -07:00
Anders Kaseorg f3726db89a js: Normalize strings to double quotes.
Prettier would do this anyway, but it’s separated out for a more
reviewable diff.  Generated by ESLint.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-17 14:31:24 -07:00
Anders Kaseorg e014ea966a eslint: Enable comma-dangle for functions.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-03 16:55:51 -07:00
Anders Kaseorg a79322bc94 eslint: Enable prefer-arrow-callback.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-03 16:55:50 -07:00
Hashir Sarwar c2ba3e20b7 lightbox: Remove inaccurate docstring on lightbox.open(). 2020-04-05 13:13:02 -07:00
Hashir Sarwar 34d24bfdac lightbox: Remove redundant parameter `options` from lightbox.open().
The `options` parameter is not being passed in any call
of `lightbox.open()` and it uses the same option i.e.
`lightbox_canvas` everytime which is now computed inside
`display_image()` directly.
2020-04-05 13:13:02 -07:00
Hashir Sarwar 74ec668e65 lightbox: Rename `original_image` to `$original_image`.
`original_image` is a jQuery object so it should start with
a dollar sign.
2020-04-05 13:13:02 -07:00
Hashir Sarwar 95869974b3 lightbox: Remove redundant conversion of `image` to jQuery object.
`image` passed to lightbox.open() is already a jQuery object,
so we don't need to convert it explicitly. Also, the parameter
is renamed from `image` to `$image`.
2020-04-05 13:13:02 -07:00
Hashir Sarwar 9ffed7afdc lightbox: Parse images' data while rendering `image-list`.
Previously, lightbox.open() was responsible for retrieving
the image data from the DOM, saving it in `asset_map` and
finally displaying the image using that data. This
implementation wasn't correct for image list at bottom of
the lightbox because the `image` parameter passed to
lightbox.open() could contain more than one instances of
the image that had to be opened.

Now, the metadata of all the images in image-list is stored
in the `asset_map` while rendering the `image-list` inside
`render_lightbox_list_images()` and `lightbox.open()` only
looks for the metadata from `asset_map`.

Fixes #14152.
2020-04-05 13:13:02 -07:00
Hashir Sarwar 9a6d83e731 lightbox: Use `$preview_src` as key for `asset_map`.
In case of video embeds, the previous logic used
`data-src-fullsize` or `src` as a key to look
for the metadata of video in `lightbox.open()`,
but while parsing, the key used while storing
the metadata was the video ID.

This doesn't make any sense because video's data
could never be accessed from `asset_map` and we
always needed to lookup the DOM for this.

This commit fixes this by using $img.attr('src')
as a key for `asset_map` for both, images and
videos. Since `src` is the link of preview image
in case of video embeds, it will always uniquely
determine the video ID and we won't loose
anything with the change in how videos handle
things.

Part of #14152.
2020-04-05 13:13:02 -07:00
Tim Abbott 90eda9d9fe lightbox: Convert canvas image element to jQuery object.
The $img variable in this code path was incorrectly tagged as a jQuery
object.
2020-04-05 13:12:22 -07:00
Tim Abbott 31e5765431 lightbox: Fix incorrect use of const and typo.
This was a bug in 1d3827d518.
2020-04-02 17:34:43 -07:00
Hashir Sarwar 1d3827d518 lightbox: Extract image parsing logic from lightbox.open().
Moved the parsing logic to a new function `parse_image_data()`.

Part of #14152.
2020-04-02 15:12:00 -07:00
Steve Howell 16fccd77b7 minor: Fix blueslip error to use zid.
There is no point calling rows.id twice
here.
2020-02-24 12:19:10 -08:00
Anders Kaseorg a889a830dc lightbox: Convert asset_map from object to Map.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-12 10:39:01 -08:00
Anders Kaseorg 2834b051d2 js: Read zid with rows.id.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-12 10:39:01 -08:00
Chris Heald 86faebc2e5 lightbox: Don't blow up for messages not in the message store.
This should somewhat reduce the gravity of the failure mode for cases
where the message the user clicked cannot be found (which would be a
significant bug on its own merit in any case).
2020-02-10 14:00:40 -08:00
Chris Heald c802a1393f lightbox: Cast zid to an int before looking it up in message_store.
The keys for message_store are since the recent Map migration intended
to be integer message IDs, not strings (and likely were always
intended to be integers; the failure mode may simply have shifted).

This may just be a new bug, but this max also fix #9549; certainly
we'll want to redo any investigation with this fix in place.

Fixes #9549.
2020-02-10 13:56:49 -08:00
Anders Kaseorg 8459185970 lightbox: Confine embedded video players to a unique origin.
This fixes a cross-site scripting vulnerability in the upcoming Inline
URL Previews feature found by Graham Bleaney and Ibrahim Mohamed using
Pysa.

This commit doesn't get a CVE because the bug was present in a code
path introduced in the 2.1.x development branch, so it doesn't impact
any Zulip release.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-12-12 15:23:15 -08:00
Anders Kaseorg 28f3dfa284 js: Automatically convert var to let and const in most files.
This commit was originally automatically generated using `tools/lint
--only=eslint --fix`.  It was then modified by tabbott to contain only
changes to a set of files that are unlikely to result in significant
merge conflicts with any open pull request, excluding about 20 files.
His plan is to merge the remaining changes with more precise care,
potentially involving merging parts of conflicting pull requests
before running the `eslint --fix` operation.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-11-03 12:42:39 -08:00
Anders Kaseorg d17b577d0c js: Purge useless IIFEs.
With webpack, variables declared in each file are already file-local
(Global variables need to be explicitly exported), so these IIFEs are
no longer needed.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-10-25 13:51:21 -07:00
Anders Kaseorg 363956428a lightbox.js: Remove computed access of exports.
This wouldn’t work after migration to an ES6 module.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-07-08 21:22:54 -07:00
Puneeth Chaganti 9aa5a2b369 url preview: Use oEmbed html for videos.
Ensure that the html is safe, before using it. The html is considered if it is
in an iframe with a http/https src, based on the recommendations here:
https://oembed.com/#section3

We directly embed the `iframe` html into the lightbox overlay.
2019-05-31 15:59:03 -07:00
Puneeth Chaganti 75635844db lightbox: Set URL in payload instead of computing from video IDs.
Lightbox previews for youtube playlists use the "current" video in the playlist
for the preview. The open link for such previews is incorrectly set to the first
video alone, and not the playlist. This commit fixes the bug by linking to the
original URL for lightbox preview is being shown, instead of computing the URL.
2019-05-29 23:01:54 -07:00
Puneeth Chaganti b9eb2aa8e8 lightbox: Switch to using one argument variation of $(...). 2019-05-27 23:07:07 -07:00
Mohit Gupta 01d34a8575 compose: Use lightbox when clicking images in compose preview.
Fixes #11424.
2019-02-02 11:11:24 -08:00
Mohit Gupta 9ce6cc5097 lightbox: Extract arguments to payload as variables.
This extracts sender_full_name (and the existing $parent), which will
make life easier for using the lightbox for images outside the message
feed.
2019-02-02 11:09:22 -08:00
Aditya Bansal 5b5d8bb310 thumbnails: Rename data-original to data-src-fullsize. 2018-07-30 13:00:23 -07:00
Marco Burstein 11cbe2bf6a lightbox: Fix a "Pan & Zoom" causing an error with thumbnailed images.
Images on the new thumbnailing system generate an error when
"Pan & Zoom" is enabled:

    Browser Error: Lightbox for unknown message undefined
    39648: http://localhost:9991/webpack/app.js
        | Object.blueslip_error [as error]
    50743: http://localhost:9991/webpack/app.js
        | Object../static/js/lightbox.js.exports.open
    50897: http://localhost:9991/webpack/app.js
        | HTMLDivElement.
    39474: http://localhost:9991/webpack/app.js
        | HTMLDivElement.blueslip_wrapper
    16299: http://localhost:9991/webpack/app.js
        | HTMLDivElement.dispatch
    16107: http://localhost:9991/webpack/app.js
        | HTMLDivElement.elemData.handle

To fix this, instead of using the `src` attribute as the key for
`asset_map`, which can be either the original or thumbnailed version
depending on the situation, always use the original version.

Also, create `frontend_tests/node_tests/lightbox.js` to test this
functionality.

Fix #9955.
2018-07-18 10:19:56 -07:00
Marco Burstein a6939a5078 lightbox: Fix lightbox not showing new thumbnails as selected.
The current code for detecting which image to add the `selected` class
to is `preview_source.match(src)`. With the new thumbnails, this no
longer works because thumbnail URLs include a `?`, which has its own
RegEx significance. To solve this, check for equality instead of using
RegExes.
2018-07-18 10:19:56 -07:00
Aditya Bansal 98a4e87e1d thumbor: Complete implementation of thumbnailing.
Various pieces of our thumbor-based thumbnailing system were already
merged; this adds the remaining pieces required for it to work:

* a THUMBOR_URL Django setting that controls whether thumbor is
  enabled on the Zulip server (and if so, where thumbor is hosted).

* Replaces the overly complicated prototype cryptography logic

* Adds a /thumbnail endpoint (supported both on web and mobile) for
  accessing thumbnails in messages, designed to support hosting both
  external URLs as well as uploaded files (and applying Zulip's
  security model for access to thumbnails of uploaded files).

* Modifies bugdown to, when THUMBOR_URL is set, render images with the
  `src` attribute pointing /thumbnail (to provide a small thumbnail
  for the image), along with adding a "data-original" attribute that
  can be used to access the "original/full" size version of the image.

There are a few things that don't work quite yet:
* The S3 backend support is incomplete and doesn't work yet.
* The error pages for unauthorized access are ugly.
* We might want to rename data-original and /thumbnail?size=original
  to use some other name, like "full", that better reflects the fact
  that we're potentially not serving the original image URL.
2018-07-15 00:39:41 +05:30
Armaan Ahluwalia 6d255efe4c app: Prepare JS files for consumption by webpack.
This commit prepares the frontend code to be consumed by webpack.

It is a hack: In theory, modules should be declaring and importing the
modules they depend on and the globals they expose directly.

However, that requires significant per-module work, which we don't
really want to block moving our toolchain to webpack on.

So we expose the modules by setting window.varName = varName; as
needed in the js files.
2018-07-05 10:53:36 +02:00
Steve Howell 9eb3bdaf6c page load: Make initializations more explicit.
We now initialize most modules in ui_init.js, which
isn't the perfect place to do it, but at least now
we have a mostly consolidated entry point.

All the new foo.initialize() methods introduced in
this module run the same order relative to each
other as before this commit. (I did some console
logging with a hacked version of the program to
get the order right.)  They happen a bit later than
before, though.

A couple modules still have the `$(function() {`
idiom for miscellaneous reasons:

       archive - is a different bundle
       common - used elsewhere
       list_render - non-standard code style
       scroll_bar - no exports
       setup - probably special?
       socket - $(function () is nested!
       transmit - coupled to socket
       translations - i18n is a bigger problem
       ui_init - this bootstraps everything
2018-05-15 15:46:04 -07:00
Tim Abbott 7ab8a8e820 js: Fix a bunch of indentation issues found by eslint.
This is preparation for enabling an eslint indentation configuration.
90% of these changes are just fixes for indentation errors that have
snuck into the codebase over the years; the others are more
significant reformatting to make eslint happy (that are not otherwise
actually improvements).

The one area that we do not attempt to work on here is the
"switch/case" indentation.
2018-05-06 16:25:02 -07:00
Tim Abbott 195b96c989 lightbox: Add debugging code for unknown message IDs.
This should help debug a traceback we've been seeing in production
where the fetched message was undefined.
2018-03-23 15:17:21 -07:00
Shreyansh Dwivedi b0fb7aa6b2 bugdown: Add preview for vimeo videos.
This also amends a commit from Brock Whittaker <brock@zulipchat.com>
that merges two separate functions for YouTube videos and Vimeo videos
into a generic video recall function.

Fixes #7550.
2018-01-17 09:11:43 -05:00
pradeepgangwar 445ece4a3c Fix 'v' hotkey image searching behavior.
Fixes #7621
2017-12-13 15:14:18 -06:00
Brock Whittaker 176e4a293b lightbox: Allow for clicking top and bottom to close overlay.
The top and bottom sections of the lightbox overlay do not close the
lightbox when clicked. Now, this triggers the close_overlay path when a
valid non-actionable background element is clicked.

Fixes: #7500.
2017-11-29 11:26:58 -08:00
Yusei Tahara 56cb06dc19 lightbox: Fix repeated code in exports.open.
Call display_XXX function after the payload if-clause, don't repeat
the same thing.
2017-09-10 00:40:03 -07:00
Brock Whittaker 4b4283550f lightbox: Fix incorrectly displayed avatar image.
The lightbox "v" shortcut should not show a user's avatar,
so this limits the scope of images it can choose to ones inside
of the `.message_content` div.
2017-08-09 14:33:00 -07:00
Brock Whittaker 14254f9668 lightbox: On .player-container direct click, hide lightbox.
When a user clicks on the `.player-container` node and the click
target is actually that (and not the YT video iFrame within), then
hide the lightbox – they likely mean to exit out of the lightbox.
2017-08-01 09:25:52 -07:00
Brock Whittaker 8445f886d7 Add ability to pan and zoom lightbox images.
This adds the ability to pan and zoom lightbox images because they
are now converted to <canvas> elements.
2017-07-31 17:03:31 -07:00
Rohitt Vashishtha 2d73e03e37 ui-refactor: Rename modals.js to overlays.js.
Fixed #4702.
2017-05-29 11:24:46 -07:00
Brendan Kiu 361ba50a54 lightbox: select nearest image on 'v' hotkey.
Loop through previous messages to find first instance of a valid image.

Fix: #4217.
2017-05-22 15:02:38 -07:00
Steve Howell f60a829b4d Remove lightbox.is_open property.
Outside of lightbox.js, we now use modals.lightbox_open() to
detect that the lightbox modal is open.
2017-05-10 09:46:21 -07:00
Steve Howell 1d7f93e550 Avoid re-opening the lightbox.
If the lightbox is already open, don't re-open it.
2017-05-10 09:46:21 -07:00