This PR adds the function that when a user clicks of "Show App Logs" from the menu, open the Downloads folder with a zip file containing all the Logs and User Configs. This will help the user to easily share logs with us.
This commit moves all the configuration(.json) files into a config folder
if the config folder doesn't already exist. It also updates the places
where these files are being accessed with the new address.
This will help us zip the folder easily in the future.
This PR helps to validate custom/self-signed certificates for servers
by saving the certificate file in certificates folder in user's appData folder.
We now use this certificate with the request while validating the server
when adding the organization. This validation of certificate is done by the request module itself.
Fixes: #126.
This PR uses resolveProxy to read system proxy settings and store
them in proper proxy format string using ConfigUtil. It removes the previous
use proxy option and replaces it with use system proxy and manual proxy
options.
Fixes: #296.
For the new servers we are already pushing the realm
details after escaping data but for already saved servers
we should escape the same to avoid any security issue.
There is a bug in v2 of electron which causes
pale colors. Resetting the color profile to srgb
fixes this problem. This is a temporary solution
until electron officially fixes this.
More info - https://github.com/electron/electron/issues/10732.
Fixes: #497.
Now using the `escape-html` module so that we can decode
the realm description properly and escape the html at the
same time. The encodeURIComponent function doesn't
provide this kind of flexibility. We need to decode the
real description properly since we show the same in the
tooltip and setting page.
* dependencies: Upgrade rc to the depth of 5.
This updates rc dependecies, to fix a vulnerability
deep-extend - Prototype Pollution
Refs: https://nodesecurity.io/advisories/612
* dependencies: Upgrade stringstream to the depth of 6.
This solves, 5 vulnerabilities which were using the vulnerable
version of stringstream.
stringstream - Out-of-bounds Read
Refs: https://nodesecurity.io/advisories/664
* gulp: Upgrade gulp to v4.0.0.
This solves, 5 vulnerabilities.
minimatch - Regular Expression Denial of Service
https://nodesecurity.io/advisories/118
lodash - Prototype Pollution
https://nodesecurity.io/advisories/577
* dependencies: Update request to the depth of 6.
This solves 5 vulnerabilities.
stringstream - Out-of-bounds Read
https://nodesecurity.io/advisories/664
This commit fixes a security bug which was caused by
using innerHTML and not doing proper HTML escaping.
Ideally, we should be doing proper HTML escaping for
any data we get from the server to avoid XSS attack.
We already handle realm icon and url very well, the
realm description was not handled previously but this commit
now fixes this in a right way.
This PR changes the current implementation of the loading indicator by attaching
the indicator to the right dom element, so that it doesn't show up once a server
is loaded.
Fixes: #482.
This adds the do not disturb button to the left sidebar
which disables sound and notifications. It also disables
flash taskbar on windows.
Fixes: #298.
This commit download file attachments using downloadURL method of
webContent, the same way loadURL opens internal links. This
removes the use of hidden webview added in
f70432f4e3.
Improves: #469.
It turns out if you add/remove an org the hidden webview get deleted
since its in #webview-container where other sidebar webviews like which
get removed and readded through that process.
Improves: #469.
