Commit Graph

346 Commits

Author SHA1 Message Date
Anmol Sethi 1e432b25ea
Comment on hash(password) 2020-05-12 19:59:54 -04:00
Anmol Sethi d6ea9d78f6
Configuration file bug fixes based on @code-asher's review 2020-05-12 19:59:54 -04:00
Anmol Sethi d288131a33
Fix lint errors 2020-05-12 19:59:54 -04:00
Anmol Sethi e02d94ad2f
Allow password authentication in the config file 2020-05-12 19:59:54 -04:00
Anmol Sethi 4f67f4e096
Disable automatic updates 2020-05-12 19:59:54 -04:00
Anmol Sethi 00d164b67f
Add default config file and improve config/data directory detection 2020-05-12 19:59:54 -04:00
Anmol Sethi c5179c2a06
Add support for a YAML config file 2020-05-12 19:59:53 -04:00
Anmol Sethi be032cf735
Add NPM package, debs, rpms and refactor CI/build process
Closes many issues that I'll prune after adding more docs
for users.
2020-05-06 20:25:52 -04:00
Asher 0a2f06b296
Update diff command in readme 2020-05-05 12:33:08 -05:00
Anmol Sethi 1898dea314
Unset $PASSWORD after grabbing it
Closes #1583
2020-05-04 22:41:21 -04:00
Asher fd36a99a4c
Update vscode patch notes and bump version 2020-04-29 15:22:11 -05:00
Asher a2b69c8f3f
Fix inconsistencies in log flags and env var
- Fix priority to match the commented behavior.
- Ignore bogus LOG_LEVEL values.
2020-04-28 17:57:55 -05:00
Anmol Sethi a96606e589
Fix mention of host/port in docs 2020-04-28 18:29:25 -04:00
Anmol Sethi 37184f456c
Merge pull request #1562 from cdr/bindaddr
Deprecate --host and --port in favour of --bind-addr
2020-04-28 14:33:38 -04:00
Anmol Sethi 5accf3fe5f
Add basic rate limiting to login endpoint
Closes #1320
2020-04-28 14:21:08 -04:00
Anmol Sethi af28885ea6
Deprecate --host and --port in favour of --bind-addr 2020-04-28 14:19:24 -04:00
Anmol Sethi d0d5461a67
Remove SSH server
Closes #1502
2020-04-27 09:27:45 -04:00
Asher 27ba64c7e4
Improve request error handling
See #1532 for more context.

- Errored JSON requests will get back the error in JSON instead of using
  the status text. This seems better to me because it seems more correct
  to utilize the response body over hijacking the status text. The
  caller is expecting JSON anyway. Worst of all I never actually set the
  status text like I thought I did so it wasn't working to begin with.
- Allow the update error to propagate for JSON update requests. It was
  caught to show the error inline instead of an error page when using
  the update page but for JSON requests it meant there was no error and
  no error code so it looked like it succeeded.
- Make errors for failed requests to GitHub less incomprehensible.
  Previously they would just be the code which is no context at all.
2020-04-17 15:16:10 -05:00
Asher 974d4cb8fc
Allow specifying a workspace on the command line
Fixes #1535.
2020-04-16 11:56:46 -05:00
Asher 28e91ba70c
Fix domain issues when setting the cookie
Fixes #1507.
2020-04-13 16:14:40 -05:00
Asher 5aded14b87
Merge pull request #1453 from cdr/proxy
HTTP proxy
2020-04-08 12:44:29 -05:00
Asher a288351ad4
Respond when proxy errors
Otherwise the request will just hang.
2020-04-08 11:54:18 -05:00
Asher a5c35af81b
Fix encoding issues with folder and workspace params
The raw value is now passed back to VS Code so it can do the parsing
with its own URI class rather than trying to parse using Node's url
module first since that has no guarantee of working the same way. It
also lets us keep the vscode-remote bit internal to VS Code.

Removed the logic that keeps trying paths until it finds a valid one
because it seems confusing to open a path and silently get some other
path instead of an error for the one you tried to open. Now it'll just
use exactly what you specified or fail trying.

Fixes #1488. The problem here was that url.parse was encoding the spaces
then the validation failed looking for a literal %20.
2020-04-07 15:18:19 -05:00
Asher d1445a8135
Back up code-server directory when updating 2020-04-02 16:21:48 -05:00
Asher a5d1d3b90e
Move proxy logic into main HTTP server
This makes the code much more internally consistent (providers just
return payloads, include the proxy provider).
2020-04-02 13:40:29 -05:00
Asher aaa6c279a1
Use Set for proxy domains 2020-04-02 13:40:28 -05:00
Asher 498becd11f
Use route.fullPath when adding trailing slash
There's no need to specially construct the path.
2020-04-02 13:40:27 -05:00
Asher 411c61fb02
Create helper for determining if route is the root 2020-04-02 13:40:26 -05:00
Asher 74a0bacdcf
Rename hxxp to isHttp 2020-04-02 13:40:25 -05:00
Asher e7e7b0ffb7
Fix redirects through subpath proxy 2020-04-02 13:40:25 -05:00
Asher fd339a7433
Include query parameters when proxying 2020-04-02 13:40:24 -05:00
Asher 561b6343c8
Ensure a trailing slash on subpath proxy 2020-04-02 13:40:23 -05:00
Asher 737a8f5965
Catch proxy errors
Otherwise they'll crash code-server.
2020-04-02 13:40:21 -05:00
Asher c0dd29c591
Fix domains with ports & localhost subdomains 2020-04-02 13:40:20 -05:00
Asher 8aa5675ba2
Implement the actual proxy 2020-04-02 13:40:19 -05:00
Asher 2086648c87
Only handle exact domain matches
This simplifies the logic a bit.
2020-04-02 13:40:18 -05:00
Asher 3a98d856a5
Handle authentication with proxy
The cookie will be set for the proxy domain so it'll work for all of its
subdomains.
2020-04-02 13:40:17 -05:00
Asher 90fd1f7dd1
Add proxy provider
It'll be able to handle /proxy requests as well as subdomains.
2020-04-02 13:40:16 -05:00
Asher 77ad73d579
Set domain on cookie
This allows it to be used in subdomains.
2020-04-02 13:40:15 -05:00
Asher 13534fa0c0
Add proxy-domain flag
This will be used for proxying ports.
2020-04-02 13:40:14 -05:00
Asher 37299abcc9
Minor startup code improvements
- Add type to HTTP options.
- Fix certificate message always saying it was generated.
- Dedent output not directly related to the HTTP server.
- Remove unnecessary comma.
2020-04-02 13:40:13 -05:00
Asher a4c0fd1fdc
Run ssh server listen after http
That way if they happen to conflict code-server doesn't crash.
2020-03-30 17:43:11 -05:00
Asher 6c104c016e
Prevent exiting when an exception is uncaught 2020-03-30 17:43:10 -05:00
Asher 599670136d
Output commit along with the version 2020-03-30 17:43:09 -05:00
Asher ce637d318d
Add descriptions to SSH flags 2020-03-30 17:43:08 -05:00
Asher 0a5687bacf
Fix crash when unable to request an update 2020-03-25 15:00:35 -05:00
Asher d1687c1533
Catch error when SSH server fails to start 2020-03-24 17:38:46 -05:00
Asher b52fbb4cb9
Catch error when openssl isn't installed 2020-03-16 15:14:54 -05:00
Will O'Beirne 3463d56114
SSH server & endpoint 2020-03-16 15:14:53 -05:00
Asher d192726e80
Simplify dashboard 2020-03-16 15:14:50 -05:00
Asher d832f61d5b
Make client-side extensions work at any base 2020-03-16 12:04:09 -05:00
Asher 6cb228037b
Add base path to update endpoint from VS Code
This will make it work regardless of what the current URL happens to be.

Also move the telemetry setting into the options since we might as well
make use of it seeing as how we have to parse it for the base path
anyway.
2020-03-13 16:44:56 -05:00
Asher a00fa85d77
Qualify extensions in help output as VS Code extensions
Also add a description for uninstall-extension and force.
2020-03-13 13:23:30 -05:00
Asher 57de78e12a
Add show-versions flag and add help for list-extensions
Closes #1417.
2020-03-13 13:17:59 -05:00
Asher 2342443368
Set telemetry setting based on disable-telemetry flag
By design the disable-telemetry flag does not affect extension
telemetry, only the setting does, so disabling the setting when the flag
is set should cause extensions to also stop sending telemetry.

Fixes #1116.
2020-03-13 12:36:57 -05:00
Asher 253cf1c438
Remove unnecessary return types 2020-03-11 16:06:32 -05:00
Asher 0b9a478289
Add connection type to websocket query parameters
This allows external services to distinguish between them.
2020-03-05 15:49:37 -06:00
Asher 1f6ff2f763
Show --install-extension in help menu
Also add --force so extensions can be updated without prompts.

Closes #1392.
2020-03-05 10:42:49 -06:00
Asher 04542c99fd
Resolve passed-in directory
Makes relative paths work correctly.
2020-03-05 10:38:13 -06:00
Asher 308a84e6ec
Fix centos image for arm64 2020-03-04 13:12:03 -06:00
Asher e0e019fbd5
Fix mime type for compressed client-side extensions
In Firefox using the gzip mime type will (probably correctly) cause it
not to decompress while in Chromium it still will (incorrectly).
2020-03-02 18:24:35 -06:00
Asher 77af2a5b0e
Fix worker require paths when behind proxy 2020-03-02 18:04:27 -06:00
Asher ccd01c49b9
Integrate update notifications into VS Code 2020-03-02 15:01:24 -06:00
Asher 069c5230cd
Move VS Code to the root 2020-03-02 12:55:34 -06:00
Asher c146457de4
Add recents section 2020-03-02 11:52:39 -06:00
Asher 88cab27165
Compress when sending client-side extension tars 2020-02-28 14:25:28 -06:00
Asher a8914b025f
Output code-server version on startup 2020-02-28 13:30:21 -06:00
Asher 0f87798ed6
Don't write bad password back out to input
Closes #1379.
2020-02-28 10:49:43 -06:00
Asher 963ebaca5b
Register a service worker
To make installing as a PWA possible. Fixes #1181.
2020-02-27 16:37:00 -06:00
Asher 21cfeb9da0
Add the ability to kill running VS Code instance 2020-02-27 12:04:23 -06:00
Asher b00f6bf078
Improve error display when VS Code fails to load
Was looking a bit janky with the style changes.
2020-02-26 14:57:07 -06:00
Asher 595ce6f5e3
Update styling
Just sort of winging it.
2020-02-26 14:25:12 -06:00
Asher c870398c86
Switch to loose files
For #1306.
2020-02-25 18:23:35 -06:00
Asher 4c6e4bedeb
Fix port being randomized
Also make it a number.
2020-02-24 16:49:10 -06:00
Asher 04e449c546
Require cert-key with cert
Fixes #1312.
2020-02-24 15:01:59 -06:00
Anmol Sethi bd7583a254
Obey process.env.PORT 2020-02-21 14:49:58 -05:00
Asher 33b3523bf4
Prefer command-line directory to last visited directory
If you want to use the last visited directory you should omit the
directory from the command line.

Fixes #1132.
2020-02-21 12:45:57 -06:00
Asher cf0f11105b
Handle upgrade from binary to loose files
As best we can, anyway.
2020-02-21 12:32:58 -06:00
Asher e44ac0a30e
Use last positional argument as working directory
Instead of the first.
2020-02-20 18:48:17 -06:00
Asher 319cd3f7ab
Make updating work for both binary and loose releases 2020-02-20 18:48:16 -06:00
Anmol Sethi 3a2644a2bc
Fix vscode.sh 2020-02-20 18:36:38 -05:00
Asher 288e794c99
Update locale file location
Should make language packs work again.
2020-02-20 12:52:23 -06:00
Asher c567a06ff5
Fix HTTPS redirects and TLS sockets
It still won't work behind a base path, but if you're using a reverse
proxy you can just redirect to HTTPS yourself. And should probably
handle TLS termination there too.

For sockets I just needed to add back the proxy call.
2020-02-19 17:59:12 -06:00
Asher 51a5c77cb8
Add binary extraction
I temporarily removed this during the refactor so it needed to be added
back. This time I bundled it with the nbin loader code since it's all
related (will also make it easier to remove).
2020-02-19 14:15:01 -06:00
Asher 80b2d9481f
Don't display stack trace for cli parse failures
Just display the error message and exit. The stack trace isn't necessary
(since it's likely user error) and is potentially confusing.
2020-02-19 11:15:39 -06:00
Asher 0e2eaa9b34
Add valid values for --log 2020-02-19 11:11:29 -06:00
Asher 0263188431
Handle --long=value format in the cli parser 2020-02-19 10:54:23 -06:00
Asher 46d6e17508
Prepare for release
- Add VS Code icon
- Trim dashboard to just display dedicated VS Code section
- Version was getting unset during build
- Add back nbin shim which I temporarily took out earlier
- Update tests for log level env var changes
2020-02-18 17:31:23 -06:00
Asher 8793110941
Implement endpoint for getting recent directories 2020-02-18 14:13:22 -06:00
Asher f6b092b12d
Merge branch 'restructure' 2020-02-18 13:30:37 -06:00
Asher d47591e253
Inject base path into manifest
Might fix #1181, although not for the reasons I initially
thought (because the URLs are resolved from the manifest path, not the
path of the current page). This should ensure that the URLs used by the
manifest are always correct regardless of the manifest's path.
2020-02-18 13:01:18 -06:00
Asher 39a57700bc
Enable access to vscode cli 2020-02-18 12:24:12 -06:00
Anmol Sethi 1a54f6b7ef
Merge remote-tracking branch 'origin/restructure' into anmol-restructure 2020-02-18 12:52:29 -05:00
Anmol Sethi 4aa15401c3
Format and lint 2020-02-14 20:00:19 -05:00
Asher 0ec83f8736
Check updates daily instead of every time
Also add a way to force a check.
2020-02-14 16:46:22 -06:00
Asher db54f78e8e
Implement automatic updates 2020-02-14 15:58:39 -06:00
Asher b8fa7da972
Simplify frontend
Just a login form and a list of applications. No modals or anything like
that.
2020-02-13 20:10:14 -06:00
Asher bf1be16d11
Fix base path
Now it should work whether you have a trailing slash or not.
2020-02-13 12:41:58 -06:00
Asher cc79edb312
Fix duplicate files opening with folder parameter
Reworked from d574012871 to fit in the
new structure.
2020-02-13 12:04:22 -06:00
Asher 5baf16622f
Fix VS Code product configuration not loading 2020-02-07 16:47:51 -06:00
Asher 256419004d
Implement cli parser 2020-02-07 14:43:08 -06:00
Asher 26f8216ec8
Un-nest a switch 2020-02-06 14:00:38 -06:00
Asher 63f3c04c57
Move user data directory logic out of patch 2020-02-06 13:12:00 -06:00
Asher 8a0f1d846e
Move start path logic out of patch and fix it 2020-02-06 12:29:38 -06:00
Asher 6cebfa469d
Generalize initial app logic 2020-02-05 18:47:00 -06:00
Asher 205775ac97
Only serve HTML on specific index.html requests
Otherwise there is risk of an infinite loop through the iframe where the
fallback keeps loading the root HTML which itself has an iframe...
2020-02-05 17:45:24 -06:00
Asher 4cc181cedc
Make routing base path agnostic 2020-02-05 17:38:21 -06:00
Asher 6e809b6a31
Handle when VS Code fails to load
This is mostly for development where VS Code might not have finished
compiling yet.
2020-02-05 14:23:42 -06:00
Asher 8cc11d1688
Improve routing 2020-02-05 13:07:07 -06:00
Asher dbc5c065f8
Improve HTTP provider registration 2020-02-04 16:55:27 -06:00
Asher b30aefcfb1
Add linting steps and improve testing steps 2020-02-04 15:42:55 -06:00
Asher b29346ecdf
Implement new structure 2020-02-04 14:31:44 -06:00
Asher e2d354c8f2
Move manifest icon to the root as well 2020-01-16 12:11:56 -06:00
Asher 7c178805ea
Add comment about the manifest's served location
Also for #1278.
2020-01-16 11:44:17 -06:00
Asher 45f70e741f
Move manifest to the root
Fixes #1278.
2020-01-16 11:36:17 -06:00
Asher e6d1f2a7c8
Update VS Code to 1.41.0 2019-12-16 16:52:29 -06:00
Asher e14362f322
Pass along Node options 2019-11-14 17:20:23 -06:00
Asher 2018024810
Hash password
Fixes issues with unexpected characters breaking things when setting the
cookie (like semicolons).

This change as-is does not affect the security of code-server
itself (we've just replaced the static password with a static hash) but
if we were to add a salt in the future it would let us invalidate keys
by rehashing with a new salt which could be handy.
2019-11-07 15:57:57 -06:00
Asher a1d6bcb8e5
Handle cookies more robustly
If you visit /login/ instead of /login the cookie will be set at /login
instead of / which means the cookie can't be read at the root. It will
redirect to the login page which *can* read the cookie at /login and
redirect back resulting in an infinite loop.

The previous solution relied on setting the cookie at / (any invalid
value works) which then overrode the login page cookie since
parseCookies only kept a single value. So the login page would see the
same cookie the root was seeing and not redirect back. However, that
behavior depends on the cookies being in the right order which I'm not
sure is guaranteed.

This new method tests all available cookies and always sets the cookie
so the root path will be able to read it in case the login page is
seeing a cookie the root can't.

It also goes a step further and explicitly sets the path on the cookie
which fixes the case where there is a permanent misconfiguration
redirecting /login to /login/. Otherwise the cookie would continually be
set on /login only and you'd have another loop. It also means you only
need to delete one cookie to log out.

Lastly add some properties to make the cookies a bit more secure.
2019-11-07 13:36:18 -06:00
ecrode 727ac6483b Clear password when redirecting to login
Should prevent endless redirects when the cookie is set on a different path or domain (like with a dot prefix).
2019-11-07 11:38:10 -06:00
Asher af71203955
Fix relaunching during an update 2019-11-01 10:51:23 -05:00
Asher fc3acfabb2
Fix update check 2019-10-30 17:35:50 -05:00
Asher 73cf8f34e3
Fix outgoing scheme transformation
Accidentally used local instead of remote.

Fixes #1127.
2019-10-30 10:32:57 -05:00
Asher 87485948ad
Kill inner process if parent process dies
Fixes #1076.
2019-10-29 14:43:27 -05:00
Asher 2f0878d9b7
Revert remote scheme change
It doesn't show in the explorer anymore so there's no point. Also remove
the local scheme transform which is no longer required with the latest
client-side extension implementation.
2019-10-29 11:26:50 -05:00
Asher e22964915a
Support opening workspaces from command line
Partly addresses #1121.
2019-10-28 16:25:51 -05:00
Asher 422503ef98
Proxy child exit code when exiting parent process
This fixes code-server exiting with zero on errors.
2019-10-28 14:57:01 -05:00
Asher ea36345d2c
Allow fetching any resource
Fixes #1118.
2019-10-28 14:29:51 -05:00
Asher a89d83cbba
Fix other incorrect usages of `split` 2019-10-28 14:03:13 -05:00
Asher 83ff31b620
Fix passwords that contain `=`
Fixes #1119.

Apparently `split` does not work the way I'd expect.
2019-10-28 13:47:31 -05:00
Asher 3a9b032c72
Add heartbeat file (#1115)
Fixes #1050.
2019-10-28 09:59:34 -05:00
Asher f73e9225b4
Remove directory restrictions for /webview/vscode-resource
This makes viewing images work. Fixes #1111.
2019-10-25 15:52:39 -05:00
Asher 58f7f5b769
Properly fix blank --cert flag
See #1109.
2019-10-25 12:04:43 -05:00
Asher b8e6369fbe
Fix empty --cert not generating self-signed certificate
Fixes #1101.
2019-10-25 11:01:42 -05:00
Asher 95693fb58e
Handle /webview/vscode-resource/file urls
See #1103.
2019-10-24 14:35:25 -05:00
Asher e7945bea94
Enable password authentication by default
Fixes #1062.
2019-10-24 12:35:26 -05:00
Asher ece840834d
Move login page to browser directory
Fixes it not being included in the optimized build as well as making it
more consistent.
2019-10-21 15:02:41 -05:00
Asher 76f6ff4145
Fix alpine check 2019-10-21 14:09:04 -05:00
Asher bdd11f741b
Update to 1.39.2
Also too the opportunity to rewrite the build script since there was a
change in the build steps (mainly how the product JSON is inserted) and
to get the build changes out of the patch. It also no longer relies on
external caching (we'll want to do this within CI instead).
2019-10-18 18:20:02 -05:00
Asher 56ce780522
Prevent process.exit() 2019-10-11 17:00:17 -05:00
Asher 567010e163
Cache extension tar requests 2019-10-11 14:28:02 -05:00
Asher 4ae2c81157
Remember last workspace or directory 2019-10-11 14:26:20 -05:00
Asher ae43e2016f
Handle up/down on server 2019-10-10 17:05:30 -05:00
Asher 1c50b5285e
Resolve bundling issues with node-browser 2019-10-10 15:36:56 -05:00
Asher ea9c511db8
Check major version when getting latest version 2019-10-08 16:23:39 -05:00
Asher 548d095611
Add support for running extensions in the browser 2019-10-04 18:14:19 -05:00