diff options
author | Ganesh Varadarajan <ganesh@coriolis.co.in> | 2015-10-22 19:57:07 +0530 |
---|---|---|
committer | Ganesh Varadarajan <ganesh@coriolis.co.in> | 2015-10-23 18:54:08 +0530 |
commit | 494b407a0a54c43a395110f99141e8123c96e2a4 (patch) | |
tree | 97d550233aaca954803ed6003e6d635af68c7724 | |
parent | 6a90803feb124791960e3962e328aa3cfb729aeb (diff) | |
download | novnc-494b407a0a54c43a395110f99141e8123c96e2a4.tar.gz |
Add hash fragment as an optional method to supply config variables.
Any config variable like host, port, password, token may be
specified either in the query string (like now), or in the URL hash
fragment. In case a given variable is present in both, the value in the
fragment takes precedence. Supplying variables in the fragment avoids
leaking them to the web server hosting the noVNC viewer HTML.
-rw-r--r-- | include/ui.js | 4 | ||||
-rw-r--r-- | include/webutil.js | 23 | ||||
-rw-r--r-- | vnc.html | 2 | ||||
-rw-r--r-- | vnc_auto.html | 30 |
4 files changed, 43 insertions, 16 deletions
diff --git a/include/ui.js b/include/ui.js index cb5717c..38fbe4b 100644 --- a/include/ui.js +++ b/include/ui.js @@ -97,7 +97,7 @@ var UI; UI.initSetting('path', 'websockify'); UI.initSetting('repeaterID', ''); - var autoconnect = WebUtil.getQueryVar('autoconnect', false); + var autoconnect = WebUtil.getConfigVar('autoconnect', false); if (autoconnect === 'true' || autoconnect == '1') { autoconnect = true; UI.connect(); @@ -355,7 +355,7 @@ var UI; // Initial page load read/initialization of settings initSetting: function(name, defVal) { // Check Query string followed by cookie - var val = WebUtil.getQueryVar(name); + var val = WebUtil.getConfigVar(name); if (val === null) { val = WebUtil.readSetting(name, defVal); } diff --git a/include/webutil.js b/include/webutil.js index e674bf9..f10aa0d 100644 --- a/include/webutil.js +++ b/include/webutil.js @@ -90,6 +90,29 @@ WebUtil.getQueryVar = function (name, defVal) { } }; +// Read a hash fragment variable +WebUtil.getHashVar = function (name, defVal) { + "use strict"; + var re = new RegExp('.*[&#]' + name + '=([^&]*)'), + match = document.location.hash.match(re); + if (typeof defVal === 'undefined') { defVal = null; } + if (match) { + return decodeURIComponent(match[1]); + } else { + return defVal; + } +}; + +// Read a variable from the fragment or the query string +// Fragment takes precedence +WebUtil.getConfigVar = function (name, defVal) { + "use strict"; + var val = WebUtil.getHashVar(name); + if (val === null) { + val = WebUtil.getQueryVar(name, defVal); + } + return val; +}; /* * Cookie handling. Dervied from: http://www.quirksmode.org/js/cookies.html @@ -11,6 +11,8 @@ Connect parameters are provided in query string: http://example.com/?host=HOST&port=PORT&encrypt=1&true_color=1 + or the fragment: + http://example.com/#host=HOST&port=PORT&encrypt=1&true_color=1 --> <title>noVNC</title> diff --git a/vnc_auto.html b/vnc_auto.html index 86cfde7..0480322 100644 --- a/vnc_auto.html +++ b/vnc_auto.html @@ -11,6 +11,8 @@ Connect parameters are provided in query string: http://example.com/?host=HOST&port=PORT&encrypt=1&true_color=1 + or the fragment: + http://example.com/#host=HOST&port=PORT&encrypt=1&true_color=1 --> <title>noVNC</title> @@ -84,7 +86,7 @@ function UIresize() { - if (WebUtil.getQueryVar('resize', false)) { + if (WebUtil.getConfigVar('resize', false)) { var innerW = window.innerWidth; var innerH = window.innerHeight; var controlbarH = $D('noVNC_status_bar').offsetHeight; @@ -183,11 +185,11 @@ $D('xvpRebootButton').onclick = xvpReboot; $D('xvpResetButton').onclick = xvpReset; - WebUtil.init_logging(WebUtil.getQueryVar('logging', 'warn')); - document.title = unescape(WebUtil.getQueryVar('title', 'noVNC')); + WebUtil.init_logging(WebUtil.getConfigVar('logging', 'warn')); + document.title = unescape(WebUtil.getConfigVar('title', 'noVNC')); // By default, use the host and port of server that served this file - host = WebUtil.getQueryVar('host', window.location.hostname); - port = WebUtil.getQueryVar('port', window.location.port); + host = WebUtil.getConfigVar('host', window.location.hostname); + port = WebUtil.getConfigVar('port', window.location.port); // if port == 80 (or 443) then it won't be present and should be // set manually @@ -202,13 +204,13 @@ // If a token variable is passed in, set the parameter in a cookie. // This is used by nova-novncproxy. - token = WebUtil.getQueryVar('token', null); + token = WebUtil.getConfigVar('token', null); if (token) { WebUtil.createCookie('token', token, 1) } - password = WebUtil.getQueryVar('password', ''); - path = WebUtil.getQueryVar('path', 'websockify'); + password = WebUtil.getConfigVar('password', ''); + path = WebUtil.getConfigVar('path', 'websockify'); if ((!host) || (!port)) { updateState(null, 'fatal', null, 'Must specify host and port in URL'); @@ -217,13 +219,13 @@ try { rfb = new RFB({'target': $D('noVNC_canvas'), - 'encrypt': WebUtil.getQueryVar('encrypt', + 'encrypt': WebUtil.getConfigVar('encrypt', (window.location.protocol === "https:")), - 'repeaterID': WebUtil.getQueryVar('repeaterID', ''), - 'true_color': WebUtil.getQueryVar('true_color', true), - 'local_cursor': WebUtil.getQueryVar('cursor', true), - 'shared': WebUtil.getQueryVar('shared', true), - 'view_only': WebUtil.getQueryVar('view_only', false), + 'repeaterID': WebUtil.getConfigVar('repeaterID', ''), + 'true_color': WebUtil.getConfigVar('true_color', true), + 'local_cursor': WebUtil.getConfigVar('cursor', true), + 'shared': WebUtil.getConfigVar('shared', true), + 'view_only': WebUtil.getConfigVar('view_only', false), 'onUpdateState': updateState, 'onXvpInit': xvpInit, 'onPasswordRequired': passwordRequired, |