Commit Graph

112 Commits

Author SHA1 Message Date
Anders Kaseorg 6ec808b8df js: Add "use strict" directive to CommonJS files.
ES and TypeScript modules are strict by default and don’t need this
directive.  ESLint will remind us to add it to new CommonJS files and
remove it from ES and TypeScript modules.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-31 22:09:46 -07:00
Anders Kaseorg 4466716f6c util: Remove unused escape_regexp function.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-29 17:40:09 -07:00
Anders Kaseorg d2520cd7e0 js: Replace underscore with lodash and remove it from globals.
Tweaked by tabbott to bump PROVISION_VERSION.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-26 16:12:06 -07:00
Anders Kaseorg aee95ecf7e util: Convert CachedValue to an ES6 class.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-24 16:40:42 -07:00
Anders Kaseorg b65d2e063d js: Reformat with Prettier.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-17 14:31:25 -07:00
Anders Kaseorg 6924d501bc js: Indent case clauses in switch statements.
Prettier would do this anyway, but it’s separated out for a more
reviewable diff.  Generated by ESLint.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-17 14:31:25 -07:00
Anders Kaseorg f3726db89a js: Normalize strings to double quotes.
Prettier would do this anyway, but it’s separated out for a more
reviewable diff.  Generated by ESLint.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-17 14:31:24 -07:00
Anders Kaseorg 569b38fe34 js: Fix no-useless-escape errors.
Generated manually, since ESLint doesn’t have a fixer for this.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-17 14:30:52 -07:00
Anders Kaseorg a79322bc94 eslint: Enable prefer-arrow-callback.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-03 16:55:50 -07:00
Anders Kaseorg b0253c5a2e eslint: Enable arrow-parens.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-03 16:53:39 -07:00
sahil839 40475a41b0 compose_fade: Change would_receive_message to use user_id.
This commit changes the would_receive_message to use user_id
instead of emails.

This change is done because user_ids are immutable and using
user_ids is the correct way of uniquely identifying user.

The change in 'would_receive_message' also leads to change
in util.is_pm_recipient to use a string of user_ids instead
of emails.

We also know that user_ids passed to 'would_receive_message'
are active user_ids, since we get them from buddy_list.
So we don't need to check whether the user is active, which
was previously being checked by get_active_user_for_email.
2020-06-05 16:08:26 -07:00
Anders Kaseorg 83a0006602 clean_user_content_links: Show the full URL in the title.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-05-09 16:32:40 -07:00
Anders Kaseorg 1c8950900f frontend: Defensively filter unsafe links that may come from bugdown.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-01 14:01:45 -07:00
Anders Kaseorg 68cfcd6446 CVE-2020-9444: Prevent reverse tabnabbing attacks.
While we could fix this issue by changing the markdown processor,
doing so is not a robust solution, because even a momentary bug in the
markdown processor could allow cached messages that do not follow our
security policy.

This change ensures that even if our markdown processor has bugs that
result in rendered content that does not properly follow our policy of
using rel="noopener noreferrer" on links, we'll still do something
reasonable.

Co-authored-by: Tim Abbott <tabbott@zulipchat.com>
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-01 14:01:45 -07:00
Anders Kaseorg dbffb2a614 js: Convert _.extend to spread syntax or Object.assign.
This is not always a behavior-preserving translation: _.extend mutates
its first argument.  However, the code does not always appear to have
been written to expect that.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-25 14:09:39 -08:00
shubhamgupta2956 a05f633fc1 util: Replace util.set_message_topic().
Replace `util.set_message_topic(message, topic)` with `message.topic =
topic`.

Fixes #13931
2020-02-21 09:53:45 -05:00
shubhamgupta2956 efda2684ea util: Replace util.get_message_topic().
Replace `util.get_message_topic(message)` with `message.topic`.

Fixes #13931
2020-02-21 09:53:45 -05:00
Steve Howell cb91b7f312 util: Kill off set_topic_links/get_topic_links.
These functions were just shims that were
used in the somewhat painful migration from
subject_* to topic_*.

The commit 4572be8c27
fixed it so that the client never needs to
deal with "subject_links".

So now we just go back to simpler code:

    message.topic_links = links
    links = message.topic_links
2020-02-15 21:15:48 +00:00
Steve Howell 39405fccdc util: Prepare to remove get_message_topic().
I am not quite ready to declare victory on
the subject/topic migration, but we are super
close.  In this commit I bump a blueslip
warning to a blueslip error, so that we'll
be notified of any codepath that is still
using the janky fall-back-to-subject defensive
code here.

If we go a couple days without any errors, then
we can remove the blueslip warning and the
defensive code immediately and then inline
the callers at our leisure.  I wouldn't be
wildly against keeping these wrappers in some
parts of the code, but that debate is out of
the scope of this immediate fix, and I haven't
thought hard about it yet.

We can basically sweep set_message_topic() now,
if we wanted to, since it's truly just a one-liner.
(At one point it was encapsulating something
like `message.subject = foo`).

This required a tiny change to compose_fade
test setup.
2020-02-15 21:14:00 +00:00
Steve Howell c9a52411ae util: Kill off rtrim() helper.
I am 99% sure we can rely on trimRight() and
trim() being available in all browsers that
we support.  I verified in FF.

This removes the util dependency from both
modules touched here.
2020-02-15 12:20:20 -08:00
Steve Howell 9ab07d1038 util.js: Remove util from window.
We now treat util like a leaf module and
use "require" to import it everywhere it's used.

An earlier version of this commit moved
util into our "shared" library, but we
decided to wait on that.  Once we're ready
to do that, we should only need to do a
simple search/replace on various
require/zrequire statements plus a small
tweak to one of the custom linter checks.

It turns out we don't really need util.js
for our most immediate code-sharing goal,
which is to reuse our markdown code on
mobile.  There's a little bit of cleanup
still remaining to break the dependency,
but it's minor.

The util module still calls the global
blueslip module in one place, but that
code is about to be removed in the next
few commits.

I am pretty confident that once we start
sharing things like the typeahead code
more aggressively, we'll start having
dependencies on util.  The module is barely
more than 300 lines long, so we'll probably
just move the whole thing into shared
rather than break it apart.  Also, we
can continue to nibble away at the
cruftier parts of the module.
2020-02-15 12:20:20 -08:00
Anders Kaseorg 207a734d46 util: Remove unused escape_html function.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-13 17:50:59 -08:00
Anders Kaseorg 146f5cd600 util: Convert selected_hash from object to Set.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-12 10:39:01 -08:00
Anders Kaseorg 4948240619 js: Convert _.filter(a, …) to a.filter(…).
And convert the corresponding function expressions to arrow style
while we’re here.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-10 14:08:12 -08:00
Anders Kaseorg ac7b09d57e js: Convert _.map(a, …) to a.map(…).
And convert the corresponding function expressions to arrow style
while we’re here.

import * as babelParser from "recast/parsers/babel";
import * as recast from "recast";
import * as tsParser from "recast/parsers/typescript";
import { builders as b, namedTypes as n } from "ast-types";
import K from "ast-types/gen/kinds";
import fs from "fs";
import path from "path";
import process from "process";

const checkExpression = (node: n.Node): node is K.ExpressionKind =>
  n.Expression.check(node);

for (const file of process.argv.slice(2)) {
  console.log("Parsing", file);
  const ast = recast.parse(fs.readFileSync(file, { encoding: "utf8" }), {
    parser: path.extname(file) === ".ts" ? tsParser : babelParser,
  });
  let changed = false;

  recast.visit(ast, {
    visitCallExpression(path) {
      const { callee, arguments: args } = path.node;
      if (
        n.MemberExpression.check(callee) &&
        !callee.computed &&
        n.Identifier.check(callee.object) &&
        callee.object.name === "_" &&
        n.Identifier.check(callee.property) &&
        callee.property.name === "map" &&
        args.length === 2 &&
        checkExpression(args[0]) &&
        checkExpression(args[1])
      ) {
        const [arr, fn] = args;
        path.replace(
          b.callExpression(b.memberExpression(arr, b.identifier("map")), [
            n.FunctionExpression.check(fn) ||
            n.ArrowFunctionExpression.check(fn)
              ? b.arrowFunctionExpression(
                  fn.params,
                  n.BlockStatement.check(fn.body) &&
                    fn.body.body.length === 1 &&
                    n.ReturnStatement.check(fn.body.body[0])
                    ? fn.body.body[0].argument || b.identifier("undefined")
                    : fn.body
                )
              : fn,
          ])
        );
        changed = true;
      }
      this.traverse(path);
    },
  });

  if (changed) {
    console.log("Writing", file);
    fs.writeFileSync(file, recast.print(ast).code, { encoding: "utf8" });
  }
}

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-10 14:08:12 -08:00
Anders Kaseorg 719546641f js: Convert a.indexOf(…) !== -1 to a.includes(…).
Babel polyfills this for us for Internet Explorer.

import * as babelParser from "recast/parsers/babel";
import * as recast from "recast";
import * as tsParser from "recast/parsers/typescript";
import { builders as b, namedTypes as n } from "ast-types";
import K from "ast-types/gen/kinds";
import fs from "fs";
import path from "path";
import process from "process";

const checkExpression = (node: n.Node): node is K.ExpressionKind =>
  n.Expression.check(node);

for (const file of process.argv.slice(2)) {
  console.log("Parsing", file);
  const ast = recast.parse(fs.readFileSync(file, { encoding: "utf8" }), {
    parser: path.extname(file) === ".ts" ? tsParser : babelParser,
  });
  let changed = false;

  recast.visit(ast, {
    visitBinaryExpression(path) {
      const { operator, left, right } = path.node;
      if (
        n.CallExpression.check(left) &&
        n.MemberExpression.check(left.callee) &&
        !left.callee.computed &&
        n.Identifier.check(left.callee.property) &&
        left.callee.property.name === "indexOf" &&
        left.arguments.length === 1 &&
        checkExpression(left.arguments[0]) &&
        ((["===", "!==", "==", "!=", ">", "<="].includes(operator) &&
          n.UnaryExpression.check(right) &&
          right.operator == "-" &&
          n.Literal.check(right.argument) &&
          right.argument.value === 1) ||
          ([">=", "<"].includes(operator) &&
            n.Literal.check(right) &&
            right.value === 0))
      ) {
        const test = b.callExpression(
          b.memberExpression(left.callee.object, b.identifier("includes")),
          [left.arguments[0]]
        );
        path.replace(
          ["!==", "!=", ">", ">="].includes(operator)
            ? test
            : b.unaryExpression("!", test)
        );
        changed = true;
      }
      this.traverse(path);
    },
  });

  if (changed) {
    console.log("Writing", file);
    fs.writeFileSync(file, recast.print(ast).code, { encoding: "utf8" });
  }
}

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-10 14:08:12 -08:00
Vishnu KS 4572be8c27 api: Rename subject_links to topic_links.
Fixes #13588
2020-02-07 14:35:22 -08:00
Vaibhav Raj Singh 1fa46b1963 compose: Improved warning for wildcard mentions.
Edited the warning to clearly state that most members/most stream members
will be notified on using wildcard mentions, along with the specific
mention (e.g. @ALL, @everyone and @stream).

Did a separate check for all wildcard mentions in util.js and stored the
corresponding mention in wildcard_mention inside compose.js.

Fixes: #13636
2020-01-31 12:24:35 -08:00
Steve Howell 8c0b0092a9 Extract util.escape_html. 2020-01-30 13:11:32 -08:00
Steve Howell 16ae53890b refactor: Move util.prefix_sort to typeahead.triage. 2020-01-28 12:48:02 -08:00
Steve Howell d3e961e179 performance: Improve prefix_sort.
We only convert the query to lowercase outside the
loop for an Nx speedup, where N = number of items.

And then we use startsWith instead of indexOf, which
means we don't senselessly search entire strings
for matches.

(We've had startsWith polyfills for a while now.)

Unfortunately, unless a string start with the
exact casing of the query, we still create an
entire lowercase copy of the string for the case
insensitive match.  For the English use case
(and many other languages), we could further
optimize this by slicing the string before
converting it to lowercase.

Unfortunately, you have languages like German
with the straße/STRASSE problem.  It's not clear
to me how we handle them with the current code,
but I don't want to break that yet.
2020-01-28 13:49:03 +00:00
Steve Howell 10e75e6df5 refactor: Clean up prefix_sort get_item usage.
We use the nice es6 syntax to create the get_item
helpers (in the callers and for the default
value in the function).

Also we use better es6 style for the looping.
2020-01-28 13:07:25 +00:00
Anders Kaseorg 28f3dfa284 js: Automatically convert var to let and const in most files.
This commit was originally automatically generated using `tools/lint
--only=eslint --fix`.  It was then modified by tabbott to contain only
changes to a set of files that are unlikely to result in significant
merge conflicts with any open pull request, excluding about 20 files.
His plan is to merge the remaining changes with more precise care,
potentially involving merging parts of conflicting pull requests
before running the `eslint --fix` operation.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-11-03 12:42:39 -08:00
Anders Kaseorg d17b577d0c js: Purge useless IIFEs.
With webpack, variables declared in each file are already file-local
(Global variables need to be explicitly exported), so these IIFEs are
no longer needed.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-10-25 13:51:21 -07:00
Nikhil-Vats 38be5ea743 message_edit_history: Add UI for seeing topic edits.
Users can previously see only message content edits, this will enable
them to see topic edits too in the same section, fixes #3731.

Fixes #3731.
2019-03-25 15:10:47 -07:00
Steve Howell 37c78abe14 frontend: Use topic on message.
This seems like a small change (apart from all the
test changes), but it fundamentally changes how
the app finds "topic" on message objects.  Now
all code that used to set "subject" now sets "topic"
on message-like objects.  We convert incoming messages
to have topic, and we write to "topic" all the way up
to hitting the server (which now accepts "topic" on
incoming endpoints).

We fall back to subject as needed, but the code will
emit a warning that should be heeded--the "subject"
field is prone to becoming stale for things like
topic changes.
2019-01-07 19:20:56 -08:00
Steve Howell 0c668d13b6 subject -> topic: Make get_event_topic() more flexible. 2019-01-01 20:52:10 -08:00
Steve Howell dc5321fed3 message_edit: Add util.get_edit_event_topic(). 2018-12-29 14:14:43 -08:00
Steve Howell 9b4f804fd1 message_edit: Add util.get_edit_event_orig_topic().
This extracts this bit of parsing logic for message_edit events.
2018-12-29 14:14:40 -08:00
Steve Howell 773e85309c topics: Make util more flexible about subject/topic. 2018-12-29 11:40:57 -08:00
Steve Howell 4e0969bb49 Rename util.set_topic -> set_message_topic(). 2018-12-29 11:38:39 -08:00
Steve Howell 4b2181ffa2 Rename util.get_topic -> get_message_topic().
The specific name will help us when we fully cut
over to "topic" on message objects.
2018-12-29 11:38:39 -08:00
Steve Howell 2fdb44803d filter: Eliminate a few "subject" references.
This continues the effort to isolate "subject" references
to util calls.

Also, we fix a comment.

Finally, we use canonicalized operators in a switch
statement.
2018-12-29 11:38:39 -08:00
Steve Howell 057ee6633a reload: Use "topic" to encode compose topic. 2018-12-16 11:26:18 -08:00
Steve Howell 9861cdfeb6 drafts: Use "topic" internally.
We still have to support "subject" for old drafts,
but we write "topic" for new drafts.
2018-12-16 11:26:18 -08:00
Steve Howell 68d81cb25b subject -> topic: Fix respond_to_message(). 2018-11-16 11:11:40 -08:00
Steve Howell 82b9f2a3db subject -> topic: Fix create_message_object(). 2018-11-16 11:11:40 -08:00
Steve Howell 55362263dd Isolate/eliminate uses of "match_subject". 2018-11-16 11:05:43 -08:00
Steve Howell 89c278d1e5 Isolate/eliminate use of "subject_links".
For message groups, I just changed the internal name
to "topic_links".

For uses of "subject_links" that are tied to how the
server names fields, I introduced these wrappers:

    * util.set_topic_links(obj, topic_links)
    * util.get_topic_links(obj)

These can be used for either messages or events.
2018-11-16 11:05:43 -08:00
Steve Howell 95490e98c9 Break emoji_picker dependency inside util.js.
We don't need util.js to be depending on emoji_picker.js.

The function emoji_prefix_sort is only used
in typeahead_helper, so I just moved the implemenation
to there.
2018-08-04 07:59:42 -07:00