diff --git a/docs/backend_api/Note.html b/docs/backend_api/Note.html
index 9f35c02f9..0588994f7 100644
--- a/docs/backend_api/Note.html
+++ b/docs/backend_api/Note.html
@@ -350,7 +350,7 @@
Source:
@@ -535,7 +535,7 @@
Source:
@@ -700,7 +700,7 @@
Source:
@@ -876,7 +876,7 @@
Source:
@@ -980,7 +980,7 @@
Source:
@@ -1080,7 +1080,7 @@
Source:
@@ -1184,7 +1184,7 @@
Source:
@@ -1288,7 +1288,7 @@
Source:
@@ -1388,7 +1388,7 @@
Source:
@@ -1619,7 +1619,7 @@
Source:
@@ -1815,7 +1815,7 @@
Source:
@@ -2011,7 +2011,7 @@
Source:
@@ -2111,7 +2111,7 @@
Source:
@@ -2260,7 +2260,7 @@
Source:
@@ -2425,7 +2425,7 @@
Source:
@@ -2590,7 +2590,7 @@
Source:
@@ -2743,7 +2743,7 @@
Source:
@@ -2851,7 +2851,7 @@
Source:
@@ -2955,7 +2955,7 @@
Source:
@@ -3055,7 +3055,7 @@
Source:
@@ -3155,7 +3155,7 @@
Source:
@@ -3259,7 +3259,7 @@
Source:
@@ -3412,7 +3412,7 @@
Source:
@@ -3577,7 +3577,7 @@
Source:
@@ -3742,7 +3742,7 @@
Source:
@@ -3895,7 +3895,7 @@
Source:
@@ -4051,7 +4051,7 @@
Source:
@@ -4159,7 +4159,7 @@
Source:
@@ -4259,7 +4259,7 @@
Source:
@@ -4367,7 +4367,7 @@
Source:
@@ -4467,7 +4467,7 @@
Source:
@@ -4643,7 +4643,7 @@
Source:
@@ -4747,7 +4747,7 @@
Source:
@@ -4900,7 +4900,7 @@
Source:
@@ -5053,7 +5053,7 @@
Source:
@@ -5162,7 +5162,7 @@ Cache is note instance scoped.
Source:
@@ -5244,7 +5244,7 @@ Cache is note instance scoped.
Source:
@@ -5348,7 +5348,7 @@ Cache is note instance scoped.
Source:
@@ -5452,7 +5452,7 @@ Cache is note instance scoped.
Source:
@@ -5556,7 +5556,7 @@ Cache is note instance scoped.
Source:
@@ -5660,7 +5660,7 @@ Cache is note instance scoped.
Source:
@@ -5764,7 +5764,7 @@ Cache is note instance scoped.
Source:
@@ -5991,7 +5991,7 @@ Cache is note instance scoped.
Source:
@@ -6187,7 +6187,7 @@ Cache is note instance scoped.
Source:
@@ -6383,7 +6383,7 @@ Cache is note instance scoped.
Source:
@@ -6610,7 +6610,7 @@ Cache is note instance scoped.
Source:
@@ -6710,7 +6710,7 @@ Cache is note instance scoped.
Source:
@@ -6810,7 +6810,7 @@ Cache is note instance scoped.
Source:
@@ -7006,7 +7006,7 @@ Cache is note instance scoped.
Source:
@@ -7202,7 +7202,7 @@ Cache is note instance scoped.
Source:
@@ -7460,7 +7460,7 @@ Cache is note instance scoped.
Source:
@@ -7687,7 +7687,7 @@ Cache is note instance scoped.
Source:
@@ -7914,7 +7914,7 @@ Cache is note instance scoped.
Source:
diff --git a/docs/backend_api/entities_note.js.html b/docs/backend_api/entities_note.js.html
index c0fe2f8cf..507c6fe89 100644
--- a/docs/backend_api/entities_note.js.html
+++ b/docs/backend_api/entities_note.js.html
@@ -41,6 +41,8 @@ const LABEL_DEFINITION = 'label-definition';
const RELATION = 'relation';
const RELATION_DEFINITION = 'relation-definition';
+const STRING_MIME_TYPES = ["application/x-javascript"];
+
/**
* This represents a Note which is a central object in the Trilium Notes project.
*
@@ -132,7 +134,7 @@ class Note extends Entity {
/** @returns {Promise} */
async setJsonContent(content) {
- await this.setContent(JSON.stringify(content));
+ await this.setContent(JSON.stringify(content, null, '\t'));
}
/** @returns {boolean} true if this note is the root of the note tree. Root note has "root" noteId */
@@ -160,7 +162,9 @@ class Note extends Entity {
/** @returns {boolean} true if the note has string content (not binary) */
isStringNote() {
- return ["text", "code", "relation-map", "search"].includes(this.type) || this.mime.startsWith('text/');
+ return ["text", "code", "relation-map", "search"].includes(this.type)
+ || this.mime.startsWith('text/')
+ || STRING_MIME_TYPES.includes(this.mime);
}
/** @returns {string} JS script environment - either "frontend" or "backend" */
@@ -709,6 +713,7 @@ class Note extends Entity {
delete pojo.isContentAvailable;
delete pojo.__attributeCache;
delete pojo.titleCipherText;
+ delete pojo.noteContent;
}
}
diff --git a/docs/frontend_api/FrontendScriptApi.html b/docs/frontend_api/FrontendScriptApi.html
index 2782ec98d..73e9bb535 100644
--- a/docs/frontend_api/FrontendScriptApi.html
+++ b/docs/frontend_api/FrontendScriptApi.html
@@ -1244,7 +1244,7 @@
- getCodeMimeTypes() → {array}
+ getActiveNote() → {NoteFull}
@@ -1292,7 +1292,7 @@
Source:
@@ -1319,7 +1319,7 @@
- list of currently used code mime types
+ active note (loaded into right pane)
@@ -1330,7 +1330,7 @@
-array
+NoteFull
@@ -1348,7 +1348,7 @@
- getCurrentNoteContent() → {string}
+ getActiveNoteContent() → {string}
@@ -1423,7 +1423,7 @@
- content of currently loaded note in the editor (HTML, code etc.)
+ content of active note (loaded into right pane)
@@ -1452,6 +1452,110 @@
+ getCodeMimeTypes() → {array}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ - Source:
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Returns:
+
+
+
+ list of currently used code mime types
+
+
+
+
+
+ -
+ Type
+
+ -
+
+array
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
getDefaultCodeMimeTypes() → {array}
@@ -1500,7 +1604,7 @@
Source:
@@ -1860,7 +1964,7 @@ otherwise (by e.g. createNoteLink())
- isNoteStillLoaded() → {boolean}
+ isNoteStillActive() → {boolean}
@@ -1915,7 +2019,7 @@ note.
Source:
@@ -2068,7 +2172,7 @@ note.
Source:
@@ -2255,7 +2359,7 @@ note.
- protectCurrentNote()
+ protectActiveNote()
@@ -2303,7 +2407,7 @@ note.
Source:
@@ -2719,7 +2823,7 @@ Internally this serializes the anonymous function into string and sends it to ba
Source:
@@ -2850,7 +2954,7 @@ Internally this serializes the anonymous function into string and sends it to ba
Source:
diff --git a/docs/frontend_api/services_frontend_script_api.js.html b/docs/frontend_api/services_frontend_script_api.js.html
index 23aa73166..7d8adbce9 100644
--- a/docs/frontend_api/services_frontend_script_api.js.html
+++ b/docs/frontend_api/services_frontend_script_api.js.html
@@ -228,9 +228,15 @@ function FrontendScriptApi(startNote, currentNote, originEntity = null) {
/**
* @method
- * @returns {string} content of currently loaded note in the editor (HTML, code etc.)
+ * @returns {string} content of active note (loaded into right pane)
*/
- this.getCurrentNoteContent = noteDetailService.getCurrentNoteContent;
+ this.getActiveNoteContent = noteDetailService.getCurrentNoteContent;
+
+ /**
+ * @method
+ * @returns {NoteFull} active note (loaded into right pane)
+ */
+ this.getActiveNote = noteDetailService.getCurrentNote;
/**
* This method checks whether user navigated away from the note from which the scripts has been started.
@@ -241,7 +247,7 @@ function FrontendScriptApi(startNote, currentNote, originEntity = null) {
* @method
* @return {boolean} returns true if the original note is still loaded, false if user switched to another
*/
- this.isNoteStillLoaded = () => {
+ this.isNoteStillActive = () => {
return this.originEntity.noteId === noteDetailService.getCurrentNoteId();
};
@@ -278,7 +284,7 @@ function FrontendScriptApi(startNote, currentNote, originEntity = null) {
/**
* @method
*/
- this.protectCurrentNote = protectedSessionService.protectNoteAndSendToServer;
+ this.protectActiveNote = protectedSessionService.protectNoteAndSendToServer;
}
export default FrontendScriptApi;
diff --git a/package-lock.json b/package-lock.json
index 8403dc408..5cc899145 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
{
"name": "trilium",
- "version": "0.30.4",
+ "version": "0.30.5",
"lockfileVersion": 1,
"requires": true,
"dependencies": {
diff --git a/package.json b/package.json
index 5a7dabef3..40e89b216 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
"name": "trilium",
"productName": "Trilium Notes",
"description": "Trilium Notes",
- "version": "0.30.4",
+ "version": "0.30.5",
"license": "AGPL-3.0-only",
"main": "electron.js",
"bin": {
diff --git a/src/public/javascripts/desktop.js b/src/public/javascripts/desktop.js
index 52ac85d69..9f64d56ab 100644
--- a/src/public/javascripts/desktop.js
+++ b/src/public/javascripts/desktop.js
@@ -17,7 +17,8 @@ import link from './services/link.js';
import messagingService from './services/messaging.js';
import noteDetailService from './services/note_detail.js';
import noteType from './services/note_type.js';
-import protected_session from './services/protected_session.js';
+import protectedSessionService from './services/protected_session.js';
+import protectedSessionHolder from './services/protected_session_holder.js';
import searchNotesService from './services/search_notes.js';
import FrontendScriptApi from './services/frontend_script_api.js';
import ScriptContext from './services/script_context.js';
@@ -52,6 +53,8 @@ window.glob.getCurrentNote = noteDetailService.getCurrentNote;
window.glob.requireLibrary = libraryLoader.requireLibrary;
window.glob.ESLINT = libraryLoader.ESLINT;
+protectedSessionHolder.setProtectedSessionId(null);
+
window.onerror = function (msg, url, lineNo, columnNo, error) {
const string = msg.toLowerCase();
diff --git a/src/public/javascripts/dialogs/export.js b/src/public/javascripts/dialogs/export.js
index 9c8bdc8fc..3ea317154 100644
--- a/src/public/javascripts/dialogs/export.js
+++ b/src/public/javascripts/dialogs/export.js
@@ -79,7 +79,7 @@ $form.submit(() => {
function exportBranch(branchId, type, format, version) {
exportId = utils.randomString(10);
- const url = utils.getHost() + `/api/notes/${branchId}/export/${type}/${format}/${version}/${exportId}?protectedSessionId=` + encodeURIComponent(protectedSessionHolder.getProtectedSessionId());
+ const url = utils.getHost() + `/api/notes/${branchId}/export/${type}/${format}/${version}/${exportId}`;
utils.download(url);
}
diff --git a/src/public/javascripts/services/bundle.js b/src/public/javascripts/services/bundle.js
index 1548a1e0f..a8de63181 100644
--- a/src/public/javascripts/services/bundle.js
+++ b/src/public/javascripts/services/bundle.js
@@ -9,8 +9,6 @@ async function getAndExecuteBundle(noteId, originEntity = null) {
}
async function executeBundle(bundle, originEntity) {
- console.log(bundle);
-
const apiContext = await ScriptContext(bundle.noteId, bundle.allNoteIds, originEntity);
try {
diff --git a/src/public/javascripts/services/frontend_script_api.js b/src/public/javascripts/services/frontend_script_api.js
index 1f89e1dac..7c79931d2 100644
--- a/src/public/javascripts/services/frontend_script_api.js
+++ b/src/public/javascripts/services/frontend_script_api.js
@@ -200,9 +200,15 @@ function FrontendScriptApi(startNote, currentNote, originEntity = null) {
/**
* @method
- * @returns {string} content of currently loaded note in the editor (HTML, code etc.)
+ * @returns {string} content of active note (loaded into right pane)
*/
- this.getCurrentNoteContent = noteDetailService.getCurrentNoteContent;
+ this.getActiveNoteContent = noteDetailService.getCurrentNoteContent;
+
+ /**
+ * @method
+ * @returns {NoteFull} active note (loaded into right pane)
+ */
+ this.getActiveNote = noteDetailService.getCurrentNote;
/**
* This method checks whether user navigated away from the note from which the scripts has been started.
@@ -213,7 +219,7 @@ function FrontendScriptApi(startNote, currentNote, originEntity = null) {
* @method
* @return {boolean} returns true if the original note is still loaded, false if user switched to another
*/
- this.isNoteStillLoaded = () => {
+ this.isNoteStillActive = () => {
return this.originEntity.noteId === noteDetailService.getCurrentNoteId();
};
@@ -250,7 +256,7 @@ function FrontendScriptApi(startNote, currentNote, originEntity = null) {
/**
* @method
*/
- this.protectCurrentNote = protectedSessionService.protectNoteAndSendToServer;
+ this.protectActiveNote = protectedSessionService.protectNoteAndSendToServer;
}
export default FrontendScriptApi;
\ No newline at end of file
diff --git a/src/public/javascripts/services/note_detail_file.js b/src/public/javascripts/services/note_detail_file.js
index df8e48328..23f8e9f06 100644
--- a/src/public/javascripts/services/note_detail_file.js
+++ b/src/public/javascripts/services/note_detail_file.js
@@ -51,8 +51,7 @@ $openButton.click(() => {
function getFileUrl() {
// electron needs absolute URL so we extract current host, port, protocol
- return utils.getHost() + "/api/notes/" + noteDetailService.getCurrentNoteId()
- + "/download?protectedSessionId=" + encodeURIComponent(protectedSessionHolder.getProtectedSessionId());
+ return utils.getHost() + "/api/notes/" + noteDetailService.getCurrentNoteId();
}
export default {
diff --git a/src/public/javascripts/services/note_detail_image.js b/src/public/javascripts/services/note_detail_image.js
index 592d382c0..8e5769a74 100644
--- a/src/public/javascripts/services/note_detail_image.js
+++ b/src/public/javascripts/services/note_detail_image.js
@@ -62,8 +62,7 @@ $copyToClipboardButton.click(() => {
function getFileUrl() {
// electron needs absolute URL so we extract current host, port, protocol
- return utils.getHost() + "/api/notes/" + noteDetailService.getCurrentNoteId()
- + "/download?protectedSessionId=" + encodeURIComponent(protectedSessionHolder.getProtectedSessionId());
+ return utils.getHost() + "/api/notes/" + noteDetailService.getCurrentNoteId() + "/download";
}
export default {
diff --git a/src/public/javascripts/services/protected_session_holder.js b/src/public/javascripts/services/protected_session_holder.js
index b95a8c8d0..89a6f4324 100644
--- a/src/public/javascripts/services/protected_session_holder.js
+++ b/src/public/javascripts/services/protected_session_holder.js
@@ -1,9 +1,10 @@
import utils from "./utils.js";
import optionsInitService from './options_init.js';
+const PROTECTED_SESSION_ID_KEY = 'protectedSessionId';
+
let lastProtectedSessionOperationDate = null;
let protectedSessionTimeout = null;
-let protectedSessionId = null;
optionsInitService.optionsReady.then(options => protectedSessionTimeout = options.protectedSessionTimeout);
@@ -17,16 +18,13 @@ function setProtectedSessionTimeout(encSessTimeout) {
protectedSessionTimeout = encSessTimeout;
}
-function getProtectedSessionId() {
- return protectedSessionId;
-}
-
function setProtectedSessionId(id) {
- protectedSessionId = id;
+ // using session cookie so that it disappears after browser/tab is closed
+ utils.setSessionCookie(PROTECTED_SESSION_ID_KEY, id);
}
function resetProtectedSession() {
- protectedSessionId = null;
+ utils.setSessionCookie(PROTECTED_SESSION_ID_KEY, null);
// most secure solution - guarantees nothing remained in memory
// since this expires because user doesn't use the app, it shouldn't be disruptive
@@ -34,17 +32,16 @@ function resetProtectedSession() {
}
function isProtectedSessionAvailable() {
- return protectedSessionId !== null;
+ return !!utils.getCookie(PROTECTED_SESSION_ID_KEY);
}
function touchProtectedSession() {
if (isProtectedSessionAvailable()) {
- lastProtectedSessionOperationDate = new Date();
+ setProtectedSessionId(utils.getCookie(PROTECTED_SESSION_ID_KEY));
}
}
export default {
- getProtectedSessionId,
setProtectedSessionId,
resetProtectedSession,
isProtectedSessionAvailable,
diff --git a/src/public/javascripts/services/server.js b/src/public/javascripts/services/server.js
index 9fb4279ca..6dc7236f3 100644
--- a/src/public/javascripts/services/server.js
+++ b/src/public/javascripts/services/server.js
@@ -3,18 +3,10 @@ import utils from './utils.js';
import infoService from "./info.js";
function getHeaders() {
- let protectedSessionId = null;
-
- try { // this is because protected session might not be declared in some cases
- protectedSessionId = protectedSessionHolder.getProtectedSessionId();
- }
- catch(e) {}
-
// headers need to be lowercase because node.js automatically converts them to lower case
// so hypothetical protectedSessionId becomes protectedsessionid on the backend
// also avoiding using underscores instead of dashes since nginx filters them out by default
return {
- 'trilium-protected-session-id': protectedSessionId,
'trilium-source-id': glob.sourceId
};
}
diff --git a/src/public/javascripts/services/utils.js b/src/public/javascripts/services/utils.js
index ecd404d14..d831a9e5c 100644
--- a/src/public/javascripts/services/utils.js
+++ b/src/public/javascripts/services/utils.js
@@ -164,11 +164,23 @@ function isDesktop() {
|| (!window.device && !/Mobi/.test(navigator.userAgent));
}
+// cookie code below works for simple use cases only - ASCII only
+// not setting path so that cookies do not leak into other websites if multiplexed with reverse proxy
+
function setCookie(name, value) {
const date = new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000);
const expires = "; expires=" + date.toUTCString();
- document.cookie = name + "=" + (value || "") + expires + "; path=/";
+ document.cookie = name + "=" + (value || "") + expires + ";";
+}
+
+function setSessionCookie(name, value) {
+ document.cookie = name + "=" + (value || "") + ";";
+}
+
+function getCookie(name) {
+ const valueMatch = document.cookie.match('(^|;) ?' + name + '=([^;]*)(;|$)');
+ return valueMatch ? valueMatch[2] : null;
}
function getNoteTypeClass(type) {
@@ -213,6 +225,8 @@ export default {
isMobile,
isDesktop,
setCookie,
+ setSessionCookie,
+ getCookie,
getNoteTypeClass,
getMimeTypeClass
};
\ No newline at end of file
diff --git a/src/services/build.js b/src/services/build.js
index 4675c7bb5..a06001521 100644
--- a/src/services/build.js
+++ b/src/services/build.js
@@ -1 +1 @@
-module.exports = { buildDate:"2019-03-07T22:40:05+01:00", buildRevision: "02eddc347abebce63a8882f6f83ac73655005849" };
+module.exports = { buildDate:"2019-03-12T22:21:35+01:00", buildRevision: "0144dc12dfe46fc9e5d15d64cdd8c9e3f7398637" };
diff --git a/src/services/protected_session.js b/src/services/protected_session.js
index 283e04279..5a24d5ef9 100644
--- a/src/services/protected_session.js
+++ b/src/services/protected_session.js
@@ -15,7 +15,7 @@ function setDataKey(decryptedDataKey) {
}
function setProtectedSessionId(req) {
- cls.namespace.set('protectedSessionId', req.headers['trilium-protected-session-id'] || req.query.protectedSessionId);
+ cls.namespace.set('protectedSessionId', req.cookies.protectedSessionId);
}
function getProtectedSessionId() {