Commit Graph

343 Commits

Author SHA1 Message Date
Anmol Sethi d6ea9d78f6
Configuration file bug fixes based on @code-asher's review 2020-05-12 19:59:54 -04:00
Anmol Sethi d288131a33
Fix lint errors 2020-05-12 19:59:54 -04:00
Anmol Sethi e02d94ad2f
Allow password authentication in the config file 2020-05-12 19:59:54 -04:00
Anmol Sethi 4f67f4e096
Disable automatic updates 2020-05-12 19:59:54 -04:00
Anmol Sethi 00d164b67f
Add default config file and improve config/data directory detection 2020-05-12 19:59:54 -04:00
Anmol Sethi c5179c2a06
Add support for a YAML config file 2020-05-12 19:59:53 -04:00
Anmol Sethi be032cf735
Add NPM package, debs, rpms and refactor CI/build process
Closes many issues that I'll prune after adding more docs
for users.
2020-05-06 20:25:52 -04:00
Asher 4875f6aa87
Update VS Code to fix infinite refresh
Fixes #1581.
2020-05-05 12:33:09 -05:00
Asher 0a2f06b296
Update diff command in readme 2020-05-05 12:33:08 -05:00
Anmol Sethi 1898dea314
Unset $PASSWORD after grabbing it
Closes #1583
2020-05-04 22:41:21 -04:00
Asher fd36a99a4c
Update vscode patch notes and bump version 2020-04-29 15:22:11 -05:00
Asher a2b69c8f3f
Fix inconsistencies in log flags and env var
- Fix priority to match the commented behavior.
- Ignore bogus LOG_LEVEL values.
2020-04-28 17:57:55 -05:00
Asher 4cfd7c50ad
Remove unused class
I managed to lose this deletion in a merge.
2020-04-28 17:57:54 -05:00
Anmol Sethi a96606e589
Fix mention of host/port in docs 2020-04-28 18:29:25 -04:00
Anmol Sethi 37184f456c
Merge pull request #1562 from cdr/bindaddr
Deprecate --host and --port in favour of --bind-addr
2020-04-28 14:33:38 -04:00
Anmol Sethi 5accf3fe5f
Add basic rate limiting to login endpoint
Closes #1320
2020-04-28 14:21:08 -04:00
Anmol Sethi af28885ea6
Deprecate --host and --port in favour of --bind-addr 2020-04-28 14:19:24 -04:00
Anmol Sethi d0d5461a67
Remove SSH server
Closes #1502
2020-04-27 09:27:45 -04:00
Asher dcde596002
Document debugging process
Closes #1465.
2020-04-20 18:55:14 -05:00
Asher ee14db20f1
Allow data: in CSP for font-src
Closes #1530.
2020-04-20 18:10:07 -05:00
Asher 27ba64c7e4
Improve request error handling
See #1532 for more context.

- Errored JSON requests will get back the error in JSON instead of using
  the status text. This seems better to me because it seems more correct
  to utilize the response body over hijacking the status text. The
  caller is expecting JSON anyway. Worst of all I never actually set the
  status text like I thought I did so it wasn't working to begin with.
- Allow the update error to propagate for JSON update requests. It was
  caught to show the error inline instead of an error page when using
  the update page but for JSON requests it meant there was no error and
  no error code so it looked like it succeeded.
- Make errors for failed requests to GitHub less incomprehensible.
  Previously they would just be the code which is no context at all.
2020-04-17 15:16:10 -05:00
Asher 974d4cb8fc
Allow specifying a workspace on the command line
Fixes #1535.
2020-04-16 11:56:46 -05:00
Asher 28e91ba70c
Fix domain issues when setting the cookie
Fixes #1507.
2020-04-13 16:14:40 -05:00
Asher 5aded14b87
Merge pull request #1453 from cdr/proxy
HTTP proxy
2020-04-08 12:44:29 -05:00
Asher a288351ad4
Respond when proxy errors
Otherwise the request will just hang.
2020-04-08 11:54:18 -05:00
Asher a5c35af81b
Fix encoding issues with folder and workspace params
The raw value is now passed back to VS Code so it can do the parsing
with its own URI class rather than trying to parse using Node's url
module first since that has no guarantee of working the same way. It
also lets us keep the vscode-remote bit internal to VS Code.

Removed the logic that keeps trying paths until it finds a valid one
because it seems confusing to open a path and silently get some other
path instead of an error for the one you tried to open. Now it'll just
use exactly what you specified or fail trying.

Fixes #1488. The problem here was that url.parse was encoding the spaces
then the validation failed looking for a literal %20.
2020-04-07 15:18:19 -05:00
Asher d1445a8135
Back up code-server directory when updating 2020-04-02 16:21:48 -05:00
Asher a5d1d3b90e
Move proxy logic into main HTTP server
This makes the code much more internally consistent (providers just
return payloads, include the proxy provider).
2020-04-02 13:40:29 -05:00
Asher aaa6c279a1
Use Set for proxy domains 2020-04-02 13:40:28 -05:00
Asher 498becd11f
Use route.fullPath when adding trailing slash
There's no need to specially construct the path.
2020-04-02 13:40:27 -05:00
Asher 411c61fb02
Create helper for determining if route is the root 2020-04-02 13:40:26 -05:00
Asher 74a0bacdcf
Rename hxxp to isHttp 2020-04-02 13:40:25 -05:00
Asher e7e7b0ffb7
Fix redirects through subpath proxy 2020-04-02 13:40:25 -05:00
Asher fd339a7433
Include query parameters when proxying 2020-04-02 13:40:24 -05:00
Asher 561b6343c8
Ensure a trailing slash on subpath proxy 2020-04-02 13:40:23 -05:00
Asher 737a8f5965
Catch proxy errors
Otherwise they'll crash code-server.
2020-04-02 13:40:21 -05:00
Asher c0dd29c591
Fix domains with ports & localhost subdomains 2020-04-02 13:40:20 -05:00
Asher 8aa5675ba2
Implement the actual proxy 2020-04-02 13:40:19 -05:00
Asher 2086648c87
Only handle exact domain matches
This simplifies the logic a bit.
2020-04-02 13:40:18 -05:00
Asher 3a98d856a5
Handle authentication with proxy
The cookie will be set for the proxy domain so it'll work for all of its
subdomains.
2020-04-02 13:40:17 -05:00
Asher 90fd1f7dd1
Add proxy provider
It'll be able to handle /proxy requests as well as subdomains.
2020-04-02 13:40:16 -05:00
Asher 77ad73d579
Set domain on cookie
This allows it to be used in subdomains.
2020-04-02 13:40:15 -05:00
Asher 13534fa0c0
Add proxy-domain flag
This will be used for proxying ports.
2020-04-02 13:40:14 -05:00
Asher 37299abcc9
Minor startup code improvements
- Add type to HTTP options.
- Fix certificate message always saying it was generated.
- Dedent output not directly related to the HTTP server.
- Remove unnecessary comma.
2020-04-02 13:40:13 -05:00
Asher a4c0fd1fdc
Run ssh server listen after http
That way if they happen to conflict code-server doesn't crash.
2020-03-30 17:43:11 -05:00
Asher 6c104c016e
Prevent exiting when an exception is uncaught 2020-03-30 17:43:10 -05:00
Asher 599670136d
Output commit along with the version 2020-03-30 17:43:09 -05:00
Asher ce637d318d
Add descriptions to SSH flags 2020-03-30 17:43:08 -05:00
Asher 7954656610
Set background color using VS Code theme 2020-03-27 16:58:50 -05:00
Asher 0a5687bacf
Fix crash when unable to request an update 2020-03-25 15:00:35 -05:00
Asher 216652fb31
Merge pull request #1446 from maksimr/fix-apple-touch-icon
Returns back apple touch icon
2020-03-25 14:12:44 -05:00
Asher 0f066d30b4
Add data-cfasync="false" to script tags
This prevents Cloudflare's Rocket Loader from acting on them.

Fixes #1451.
2020-03-25 14:04:36 -05:00
Asher d1687c1533
Catch error when SSH server fails to start 2020-03-24 17:38:46 -05:00
Maksim Ryzhikov 5887c1d339 Returns back apple touch icon 2020-03-23 14:44:31 +03:00
Asher cfebf2c67f
Removed unused CSS 2020-03-17 10:36:19 -05:00
Asher b52fbb4cb9
Catch error when openssl isn't installed 2020-03-16 15:14:54 -05:00
Will O'Beirne 3463d56114
SSH server & endpoint 2020-03-16 15:14:53 -05:00
Asher 5f63d2b822
Fix custom socket path 2020-03-16 15:14:52 -05:00
Asher d192726e80
Simplify dashboard 2020-03-16 15:14:50 -05:00
Asher d832f61d5b
Make client-side extensions work at any base 2020-03-16 12:04:09 -05:00
Asher aeb6261189
Update VS Code to 1.43.0 2020-03-13 17:42:10 -05:00
Asher 6cb228037b
Add base path to update endpoint from VS Code
This will make it work regardless of what the current URL happens to be.

Also move the telemetry setting into the options since we might as well
make use of it seeing as how we have to parse it for the base path
anyway.
2020-03-13 16:44:56 -05:00
Asher a00fa85d77
Qualify extensions in help output as VS Code extensions
Also add a description for uninstall-extension and force.
2020-03-13 13:23:30 -05:00
Asher 57de78e12a
Add show-versions flag and add help for list-extensions
Closes #1417.
2020-03-13 13:17:59 -05:00
Asher 2342443368
Set telemetry setting based on disable-telemetry flag
By design the disable-telemetry flag does not affect extension
telemetry, only the setting does, so disabling the setting when the flag
is set should cause extensions to also stop sending telemetry.

Fixes #1116.
2020-03-13 12:36:57 -05:00
Asher 253cf1c438
Remove unnecessary return types 2020-03-11 16:06:32 -05:00
Asher 0b9a478289
Add connection type to websocket query parameters
This allows external services to distinguish between them.
2020-03-05 15:49:37 -06:00
Asher 1f6ff2f763
Show --install-extension in help menu
Also add --force so extensions can be updated without prompts.

Closes #1392.
2020-03-05 10:42:49 -06:00
Asher 04542c99fd
Resolve passed-in directory
Makes relative paths work correctly.
2020-03-05 10:38:13 -06:00
Asher 308a84e6ec
Fix centos image for arm64 2020-03-04 13:12:03 -06:00
Kyle Carberry c54450941c
Update favicon 2020-03-03 02:25:53 +00:00
Asher e0e019fbd5
Fix mime type for compressed client-side extensions
In Firefox using the gzip mime type will (probably correctly) cause it
not to decompress while in Chromium it still will (incorrectly).
2020-03-02 18:24:35 -06:00
Asher 77af2a5b0e
Fix worker require paths when behind proxy 2020-03-02 18:04:27 -06:00
Asher ccd01c49b9
Integrate update notifications into VS Code 2020-03-02 15:01:24 -06:00
Asher 069c5230cd
Move VS Code to the root 2020-03-02 12:55:34 -06:00
Asher c146457de4
Add recents section 2020-03-02 11:52:39 -06:00
Asher 88cab27165
Compress when sending client-side extension tars 2020-02-28 14:25:28 -06:00
Asher a8914b025f
Output code-server version on startup 2020-02-28 13:30:21 -06:00
Asher 0f87798ed6
Don't write bad password back out to input
Closes #1379.
2020-02-28 10:49:43 -06:00
Asher 963ebaca5b
Register a service worker
To make installing as a PWA possible. Fixes #1181.
2020-02-27 16:37:00 -06:00
Kyle Carberry eef2ed0e78
Update PWA icons 2020-02-27 20:43:31 +00:00
Asher 0e3720169f
Add spacing between items
Also fix padding not being respected when blocks exceed container
height.
2020-02-27 12:58:40 -06:00
Asher 21cfeb9da0
Add the ability to kill running VS Code instance 2020-02-27 12:04:23 -06:00
Asher b00f6bf078
Improve error display when VS Code fails to load
Was looking a bit janky with the style changes.
2020-02-26 14:57:07 -06:00
Asher 595ce6f5e3
Update styling
Just sort of winging it.
2020-02-26 14:25:12 -06:00
Asher c870398c86
Switch to loose files
For #1306.
2020-02-25 18:23:35 -06:00
Asher 4c6e4bedeb
Fix port being randomized
Also make it a number.
2020-02-24 16:49:10 -06:00
Asher 04e449c546
Require cert-key with cert
Fixes #1312.
2020-02-24 15:01:59 -06:00
Anmol Sethi c147711ade
Remind user that generated password is in logs
Closes #446
2020-02-21 15:22:13 -05:00
Anmol Sethi bd7583a254
Obey process.env.PORT 2020-02-21 14:49:58 -05:00
Asher 33b3523bf4
Prefer command-line directory to last visited directory
If you want to use the last visited directory you should omit the
directory from the command line.

Fixes #1132.
2020-02-21 12:45:57 -06:00
Asher cf0f11105b
Handle upgrade from binary to loose files
As best we can, anyway.
2020-02-21 12:32:58 -06:00
Anmol Sethi 9b7a203fe5
Make login page pretty 2020-02-20 20:08:25 -05:00
Asher e44ac0a30e
Use last positional argument as working directory
Instead of the first.
2020-02-20 18:48:17 -06:00
Asher 319cd3f7ab
Make updating work for both binary and loose releases 2020-02-20 18:48:16 -06:00
Anmol Sethi 3a2644a2bc
Fix vscode.sh 2020-02-20 18:36:38 -05:00
Anmol Sethi 65690fca65
Fix CSP for Safari 2020-02-20 18:24:32 -05:00
Asher 288e794c99
Update locale file location
Should make language packs work again.
2020-02-20 12:52:23 -06:00
Asher c567a06ff5
Fix HTTPS redirects and TLS sockets
It still won't work behind a base path, but if you're using a reverse
proxy you can just redirect to HTTPS yourself. And should probably
handle TLS termination there too.

For sockets I just needed to add back the proxy call.
2020-02-19 17:59:12 -06:00
Asher 51a5c77cb8
Add binary extraction
I temporarily removed this during the refactor so it needed to be added
back. This time I bundled it with the nbin loader code since it's all
related (will also make it easier to remove).
2020-02-19 14:15:01 -06:00
Asher 80b2d9481f
Don't display stack trace for cli parse failures
Just display the error message and exit. The stack trace isn't necessary
(since it's likely user error) and is potentially confusing.
2020-02-19 11:15:39 -06:00
Asher 0e2eaa9b34
Add valid values for --log 2020-02-19 11:11:29 -06:00
Asher 0263188431
Handle --long=value format in the cli parser 2020-02-19 10:54:23 -06:00
Anmol Sethi 76831f11fc
Merge branch 'fix-ci' into restructure 2020-02-18 19:07:34 -05:00
Anmol Sethi 5681c87e33
Fix bugs in CI 2020-02-18 19:06:35 -05:00
Asher 46d6e17508
Prepare for release
- Add VS Code icon
- Trim dashboard to just display dedicated VS Code section
- Version was getting unset during build
- Add back nbin shim which I temporarily took out earlier
- Update tests for log level env var changes
2020-02-18 17:31:23 -06:00
Asher bdb189a9bb
Allow https images
Fixes extension icons not loading.
2020-02-18 14:57:12 -06:00
Asher 8793110941
Implement endpoint for getting recent directories 2020-02-18 14:13:22 -06:00
Asher f6b092b12d
Merge branch 'restructure' 2020-02-18 13:30:37 -06:00
Asher d47591e253
Inject base path into manifest
Might fix #1181, although not for the reasons I initially
thought (because the URLs are resolved from the manifest path, not the
path of the current page). This should ensure that the URLs used by the
manifest are always correct regardless of the manifest's path.
2020-02-18 13:01:18 -06:00
Asher 39a57700bc
Enable access to vscode cli 2020-02-18 12:24:12 -06:00
Anmol Sethi 1a54f6b7ef
Merge remote-tracking branch 'origin/restructure' into anmol-restructure 2020-02-18 12:52:29 -05:00
Anmol Sethi 61d1af0413
Add macOS release step 2020-02-14 21:16:23 -05:00
Anmol Sethi 4aa15401c3
Format and lint 2020-02-14 20:00:19 -05:00
Asher 0ec83f8736
Check updates daily instead of every time
Also add a way to force a check.
2020-02-14 16:46:22 -06:00
Asher db54f78e8e
Implement automatic updates 2020-02-14 15:58:39 -06:00
Asher b8fa7da972
Simplify frontend
Just a login form and a list of applications. No modals or anything like
that.
2020-02-13 20:10:14 -06:00
Asher bf1be16d11
Fix base path
Now it should work whether you have a trailing slash or not.
2020-02-13 12:41:58 -06:00
Asher cc79edb312
Fix duplicate files opening with folder parameter
Reworked from d574012871 to fit in the
new structure.
2020-02-13 12:04:22 -06:00
Asher 5baf16622f
Fix VS Code product configuration not loading 2020-02-07 16:47:51 -06:00
Asher 256419004d
Implement cli parser 2020-02-07 14:43:08 -06:00
Asher 26f8216ec8
Un-nest a switch 2020-02-06 14:00:38 -06:00
Asher 63f3c04c57
Move user data directory logic out of patch 2020-02-06 13:12:00 -06:00
Asher 8a0f1d846e
Move start path logic out of patch and fix it 2020-02-06 12:29:38 -06:00
Asher efaeb3b110
Add hidden username field for accessibility 2020-02-06 10:26:53 -06:00
Asher 6cebfa469d
Generalize initial app logic 2020-02-05 18:47:00 -06:00
Asher 205775ac97
Only serve HTML on specific index.html requests
Otherwise there is risk of an infinite loop through the iframe where the
fallback keeps loading the root HTML which itself has an iframe...
2020-02-05 17:45:24 -06:00
Asher 4cc181cedc
Make routing base path agnostic 2020-02-05 17:38:21 -06:00
Asher 6e809b6a31
Handle when VS Code fails to load
This is mostly for development where VS Code might not have finished
compiling yet.
2020-02-05 14:23:42 -06:00
Asher 7c6fe56043
Add logo to background 2020-02-05 13:30:29 -06:00
Asher 8cc11d1688
Improve routing 2020-02-05 13:07:07 -06:00
Asher dbc5c065f8
Improve HTTP provider registration 2020-02-04 16:55:27 -06:00
Asher b30aefcfb1
Add linting steps and improve testing steps 2020-02-04 15:42:55 -06:00
Asher b29346ecdf
Implement new structure 2020-02-04 14:31:44 -06:00
Anmol Sethi e6117decd0 Revert "Set display property in manifest to fullscreen"
This reverts commit c7127cb248.
2020-02-04 11:30:00 -06:00
TheHllm c7127cb248
Set display property in manifest to fullscreen 2020-02-04 11:23:21 -06:00
Asher 8122b7f69e
Remove unused upload service
No longer needed since VS Code has their own now.
2020-01-17 12:23:36 -06:00
Asher e2d354c8f2
Move manifest icon to the root as well 2020-01-16 12:11:56 -06:00
Asher 7c178805ea
Add comment about the manifest's served location
Also for #1278.
2020-01-16 11:44:17 -06:00
Asher 45f70e741f
Move manifest to the root
Fixes #1278.
2020-01-16 11:36:17 -06:00
Asher 1474a82c7d
Add insecure access notification 2020-01-16 11:15:22 -06:00
Asher e6d1f2a7c8
Update VS Code to 1.41.0 2019-12-16 16:52:29 -06:00
Asher e5fc63f2c8
Fix accessing manifest behind basic auth
Apparently the manifest spec doesn't include sending credentials in an
attempt to be secure by default.

Fixes #1212.
2019-12-09 11:25:59 -06:00
Asher e14362f322
Pass along Node options 2019-11-14 17:20:23 -06:00
Asher 2018024810
Hash password
Fixes issues with unexpected characters breaking things when setting the
cookie (like semicolons).

This change as-is does not affect the security of code-server
itself (we've just replaced the static password with a static hash) but
if we were to add a salt in the future it would let us invalidate keys
by rehashing with a new salt which could be handy.
2019-11-07 15:57:57 -06:00
Asher a1d6bcb8e5
Handle cookies more robustly
If you visit /login/ instead of /login the cookie will be set at /login
instead of / which means the cookie can't be read at the root. It will
redirect to the login page which *can* read the cookie at /login and
redirect back resulting in an infinite loop.

The previous solution relied on setting the cookie at / (any invalid
value works) which then overrode the login page cookie since
parseCookies only kept a single value. So the login page would see the
same cookie the root was seeing and not redirect back. However, that
behavior depends on the cookies being in the right order which I'm not
sure is guaranteed.

This new method tests all available cookies and always sets the cookie
so the root path will be able to read it in case the login page is
seeing a cookie the root can't.

It also goes a step further and explicitly sets the path on the cookie
which fixes the case where there is a permanent misconfiguration
redirecting /login to /login/. Otherwise the cookie would continually be
set on /login only and you'd have another loop. It also means you only
need to delete one cookie to log out.

Lastly add some properties to make the cookies a bit more secure.
2019-11-07 13:36:18 -06:00
ecrode 727ac6483b Clear password when redirecting to login
Should prevent endless redirects when the cookie is set on a different path or domain (like with a dot prefix).
2019-11-07 11:38:10 -06:00
Asher 2c15c09fc0
Add missing telemetry option 2019-11-06 15:47:34 -06:00
Asher 780a673017
Add meta tag to allow full screen app on iOS
Fixes #933.
2019-11-04 16:01:01 -06:00
Asher af71203955
Fix relaunching during an update 2019-11-01 10:51:23 -05:00