mirror of
https://github.com/danog/code-server.git
synced 2024-11-30 04:39:46 +01:00
2bfe15b3e9
* Update upstream Code to 1.70 * Update CSP hashes * Update comment on remote authority Also remove it from script-src since it is invalid anyway. * Use absolute path for disable download patch Just to keep it consistent with the other imports. We initially added the patch like this so it was not part of the upgrade but might as well fix it now. * Fix inability to change language while code-server is running Co-authored-by: Asher <ash@coder.com>
63 lines
1.9 KiB
Diff
63 lines
1.9 KiB
Diff
Add a notification when accessing code-server in an insecure context
|
|
|
|
This is done because otherwise when things like the clipboard do not work users
|
|
may think code-server is broken. Ideally there would be a notification at the
|
|
point where these things are used instead of this though.
|
|
|
|
To test access over something like an HTTP domain or an IP address (not
|
|
localhost). For example:
|
|
|
|
1. run code-server
|
|
2. use ngrok to expose code-server
|
|
3. access via HTTP
|
|
4. look for notification in bottom right
|
|
|
|
Index: code-server/lib/vscode/src/vs/workbench/browser/client.ts
|
|
===================================================================
|
|
--- code-server.orig/lib/vscode/src/vs/workbench/browser/client.ts
|
|
+++ code-server/lib/vscode/src/vs/workbench/browser/client.ts
|
|
@@ -1,7 +1,10 @@
|
|
import { Disposable } from 'vs/base/common/lifecycle';
|
|
+import { localize } from 'vs/nls';
|
|
+import { INotificationService, Severity } from 'vs/platform/notification/common/notification';
|
|
|
|
export class CodeServerClient extends Disposable {
|
|
constructor (
|
|
+ @INotificationService private notificationService: INotificationService,
|
|
) {
|
|
super();
|
|
}
|
|
@@ -42,5 +45,32 @@ export class CodeServerClient extends Di
|
|
}
|
|
});
|
|
}
|
|
+
|
|
+ if (!window.isSecureContext) {
|
|
+ this.notificationService.notify({
|
|
+ severity: Severity.Warning,
|
|
+ message: localize(
|
|
+ 'insecureContext',
|
|
+ "{0} is being accessed in an insecure context. Web views, the clipboard, and other functionality may not work as expected.",
|
|
+ 'code-server',
|
|
+ ),
|
|
+ actions: {
|
|
+ primary: [
|
|
+ {
|
|
+ id: 'understand',
|
|
+ label: localize('confirmInsecure', "I understand"),
|
|
+ tooltip: '',
|
|
+ class: undefined,
|
|
+ enabled: true,
|
|
+ checked: true,
|
|
+ dispose: () => undefined,
|
|
+ run: () => {
|
|
+ return Promise.resolve();
|
|
+ },
|
|
+ },
|
|
+ ],
|
|
+ },
|
|
+ });
|
|
+ }
|
|
}
|
|
}
|