OCram85/code-server
Archived
1
0
Fork 0
Code Pull Requests 2 Activity
3,402 Commits 15 Branches 149 Tags
74330a1e05c064bc72351fd14cd1874a910f10ab
Commit Graph

3402 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Asher
8024144381 Update VS Code to 1.41.1 2020-01-07 18:27:41 -06:00
Asher
6a1dcab7a6 Update nbin 
Should finally be able to build with Node v12 now.
 2020-01-07 18:27:28 -06:00
Asher
e6d1f2a7c8 Update VS Code to 1.41.0 2019-12-16 16:52:29 -06:00
Asher
44c4722edf Fix data directory path in Dockerfile 2019-12-10 12:06:52 -06:00
Asher
e5fc63f2c8 Fix accessing manifest behind basic auth 
Apparently the manifest spec doesn't include sending credentials in an
attempt to be secure by default.

Fixes #1212.
 2019-12-09 11:25:59 -06:00
Asher
015a99e87d Always install VS Code dependencies 
This fixes the case where the script is killed before all the
dependencies were fully installed.
 2019-12-09 10:55:24 -06:00
Simen Eriksen
884491d72b Update Dockerfile to fix EACCES issue on mount (#1191) 
https://github.com/cdr/code-server/issues/1188 
Fixes issue with permissions mounting in directories in the container. Folders are generated by root causing issues when the container user "coder" wants to create sub-folders. This fix solves it, at least on Crostini (ChromeOS)
 2019-12-05 13:38:03 -06:00
Asher
e14362f322 Pass along Node options 2.1692-vsc1.39.2 2019-11-14 17:20:23 -06:00
Asher
917aa48072 Update enterprise link 
Fixes #1172.
 2019-11-14 11:16:08 -06:00
Asher
938c6ef829 Update fail2ban configuration 
Fixes #1177.
 2019-11-14 11:14:27 -06:00
Sandro
0add01d383 Delete apt lists from final image (#1174) 2019-11-14 11:12:21 -06:00
Asher
2018024810 Hash password 
Fixes issues with unexpected characters breaking things when setting the
cookie (like semicolons).

This change as-is does not affect the security of code-server
itself (we've just replaced the static password with a static hash) but
if we were to add a salt in the future it would let us invalidate keys
by rehashing with a new salt which could be handy.
2.1688-vsc1.39.2 		2019-11-07 15:57:57 -06:00
Asher
a1d6bcb8e5 Handle cookies more robustly 
If you visit /login/ instead of /login the cookie will be set at /login
instead of / which means the cookie can't be read at the root. It will
redirect to the login page which *can* read the cookie at /login and
redirect back resulting in an infinite loop.

The previous solution relied on setting the cookie at / (any invalid
value works) which then overrode the login page cookie since
parseCookies only kept a single value. So the login page would see the
same cookie the root was seeing and not redirect back. However, that
behavior depends on the cookies being in the right order which I'm not
sure is guaranteed.

This new method tests all available cookies and always sets the cookie
so the root path will be able to read it in case the login page is
seeing a cookie the root can't.

It also goes a step further and explicitly sets the path on the cookie
which fixes the case where there is a permanent misconfiguration
redirecting /login to /login/. Otherwise the cookie would continually be
set on /login only and you'd have another loop. It also means you only
need to delete one cookie to log out.

Lastly add some properties to make the cookies a bit more secure.
 2019-11-07 13:36:18 -06:00
ecrode
727ac6483b Clear password when redirecting to login 
Should prevent endless redirects when the cookie is set on a different path or domain (like with a dot prefix).
 2019-11-07 11:38:10 -06:00
Asher
2c15c09fc0 Add missing telemetry option 2019-11-06 15:47:34 -06:00
Asher
2ad2582cc0 Minor readme updates and fixes 2019-11-05 13:49:18 -06:00
Asher
cee0ac213c Fix error activating extensions on insecure domains 
Doesn't affect Firefox but it does affect other browsers.

Fixes #1136.
 2019-11-04 17:10:00 -06:00
Asher
780a673017 Add meta tag to allow full screen app on iOS 
Fixes #933.
 2019-11-04 16:01:01 -06:00
Asher
af71203955 Fix relaunching during an update 2019-11-01 10:51:23 -05:00
Asher
fc3acfabb2 Fix update check 2019-10-30 17:35:50 -05:00
Asher
3d5db8313a Add secure domain to requirements 2.1665-vsc1.39.2 2019-10-30 10:33:07 -05:00
Asher
73cf8f34e3 Fix outgoing scheme transformation 
Accidentally used local instead of remote.

Fixes #1127.
 2019-10-30 10:32:57 -05:00
dependabot[bot]
766efd6079 Bump mixin-deep from 1.3.1 to 1.3.2 (#1126) 
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)

Signed-off-by: dependabot[bot] <support@github.com>
2.1662-vsc1.39.2 		2019-10-29 15:20:12 -05:00
Asher
87485948ad Kill inner process if parent process dies 
Fixes #1076.
 2019-10-29 14:43:27 -05:00
Asher
7e4a73ce2d Fix schema matching against vscode-remote 
Fixes #1104.
 2019-10-29 11:42:28 -05:00
Asher
2f0878d9b7 Revert remote scheme change 
It doesn't show in the explorer anymore so there's no point. Also remove
the local scheme transform which is no longer required with the latest
client-side extension implementation.
 2019-10-29 11:26:50 -05:00
Marc-André Daigneault
f65c9b23fc Add docker-compose file (#680) 2019-10-29 11:08:01 -05:00
Asher
cd859d117f Start pushing to latest Docker tag 2019-10-29 11:04:38 -05:00
Asher
e22964915a Support opening workspaces from command line 
Partly addresses #1121.
2.1655-vsc1.39.2 		2019-10-28 16:25:51 -05:00
Asher
197d0b6ca9 Strip internal env vars when spawning the shell 
This should fix all those reports of code-server dropping straight to
Node and things like #1121.
 2019-10-28 16:08:32 -05:00
Asher
422503ef98 Proxy child exit code when exiting parent process 
This fixes code-server exiting with zero on errors.
 2019-10-28 14:57:01 -05:00
Asher
ea36345d2c Allow fetching any resource 
Fixes #1118.
 2019-10-28 14:29:51 -05:00
Asher
a89d83cbba Fix other incorrect usages of split 2019-10-28 14:03:13 -05:00
Asher
83ff31b620 Fix passwords that contain = 
Fixes #1119.

Apparently `split` does not work the way I'd expect.
 2019-10-28 13:47:31 -05:00
Asher
3a9b032c72 Add heartbeat file (#1115) 
Fixes #1050.
 2019-10-28 09:59:34 -05:00
Asher
f73e9225b4 Remove directory restrictions for /webview/vscode-resource 
This makes viewing images work. Fixes #1111.
2.1650-vsc1.39.2 		2019-10-25 15:52:39 -05:00
Asher
168ccb0dfc Prevent cache changes when patch updates 2019-10-25 13:12:04 -05:00
Asher
58f7f5b769 Properly fix blank --cert flag 
See #1109.
 2019-10-25 12:04:43 -05:00
Asher
b8e6369fbe Fix empty --cert not generating self-signed certificate 
Fixes #1101.
 2019-10-25 11:01:42 -05:00
Asher
d81d5f499f Remove Cloud Run button 
Unfortunately it doesn't allow websockets so it's not working.
 2019-10-24 16:45:22 -05:00
Asher
4be178d234 Move Google Cloud button to match Digital Ocean 2019-10-24 16:09:02 -05:00
Ayane Satomi
9c40466b4b Add Google Cloud quick-launch button (#1069) 2019-10-24 16:07:44 -05:00
Asher
95693fb58e Handle /webview/vscode-resource/file urls 
See #1103.
 2019-10-24 14:35:25 -05:00
Asher
e7945bea94 Enable password authentication by default 
Fixes #1062.
2.1638-vsc1.39.2 		2019-10-24 12:35:26 -05:00
Asher
91f49e1efd Set SHELL to /bin/bash in Docker 
Fixes #1081, fixes #918.
2.1637-vsc1.39.2 		2019-10-23 13:34:00 -05:00
Asher
eea9c1618c Move client-side extension code out of patch 2019-10-23 13:12:11 -05:00
Asher
f1b38e4e48 Fix out-of-order readme section 2019-10-23 11:54:47 -05:00
Asher
ff99a1d768 Add security section to readme 
See #1062.
 2019-10-23 11:49:17 -05:00
Asher
7f07b8f66c Push Docker using Linux build 
Instead of doing a separate redundant build. The main problem was that
the files weren't being cached. There is probably a better way of
solving this but this seems to be the simplest for now.
 2019-10-22 18:43:21 -05:00
Asher
faae03da6b Add prerequisites for building 2019-10-22 17:49:43 -05:00