mirror of
https://github.com/24eme/signaturepdf
synced 2024-06-03 14:32:13 +02:00
Pass the symmetric key through anchor in url
This commit is contained in:
parent
80a0104a7c
commit
87000db098
12
app.php
12
app.php
|
@ -82,6 +82,7 @@ $f3->route('GET /signature',
|
||||||
$f3->set('noSharingMode', true);
|
$f3->set('noSharingMode', true);
|
||||||
}
|
}
|
||||||
$f3->set('activeTab', 'sign');
|
$f3->set('activeTab', 'sign');
|
||||||
|
|
||||||
echo View::instance()->render('signature.html.php');
|
echo View::instance()->render('signature.html.php');
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
@ -241,11 +242,12 @@ $f3->route('POST /share',
|
||||||
}
|
}
|
||||||
if (!isset($_COOKIE[$hash])) {
|
if (!isset($_COOKIE[$hash])) {
|
||||||
$symmetric_key = createSymmetricKey();
|
$symmetric_key = createSymmetricKey();
|
||||||
setcookie($hash, $symmetric_key, ['expires' => 0, 'samesite' => 'Strict', 'path' => "/"]);
|
$keyCookieDate = strtotime('+1 year');
|
||||||
|
setcookie($hash, $symmetric_key, ['expires' => $keyCookieDate, 'samesite' => 'Strict', 'path' => "/"]);
|
||||||
}
|
}
|
||||||
$encryptor = new CryptographyClass($symmetric_key);
|
$encryptor = new CryptographyClass($symmetric_key);
|
||||||
$encryptor->encrypt($hash);
|
$encryptor->encrypt($hash);
|
||||||
$f3->reroute($f3->get('REVERSE_PROXY_URL').'/signature/'.$hash."#informations");
|
$f3->reroute($f3->get('REVERSE_PROXY_URL').'/signature/'.$hash."#sk:".$symmetric_key);
|
||||||
}
|
}
|
||||||
|
|
||||||
);
|
);
|
||||||
|
@ -256,7 +258,11 @@ $f3->route('GET /signature/@hash/pdf',
|
||||||
$hash = Web::instance()->slug($f3->get('PARAMS.hash'));
|
$hash = Web::instance()->slug($f3->get('PARAMS.hash'));
|
||||||
$sharingFolder = $f3->get('PDF_STORAGE_PATH').$hash;
|
$sharingFolder = $f3->get('PDF_STORAGE_PATH').$hash;
|
||||||
|
|
||||||
$cryptor = new CryptographyClass($_COOKIE[$hash]);
|
if (substr($_COOKIE[$hash], 0, 4) !== '#sk:') {
|
||||||
|
echo "Error: Invalid prefix.";
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
$cryptor = new CryptographyClass(substr($_COOKIE[$hash], 4, 15));
|
||||||
$cryptor->decrypt($hash);
|
$cryptor->decrypt($hash);
|
||||||
|
|
||||||
$files = scandir($sharingFolder);
|
$files = scandir($sharingFolder);
|
||||||
|
|
|
@ -411,6 +411,7 @@ var displaysSVG = function() {
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
function dataURLtoBlob(dataurl) {
|
function dataURLtoBlob(dataurl) {
|
||||||
let arr = dataurl.split(','), mime = arr[0].match(/:(.*?);/)[1],
|
let arr = dataurl.split(','), mime = arr[0].match(/:(.*?);/)[1],
|
||||||
bstr = atob(arr[1]), n = bstr.length, u8arr = new Uint8Array(n);
|
bstr = atob(arr[1]), n = bstr.length, u8arr = new Uint8Array(n);
|
||||||
|
@ -944,7 +945,7 @@ var createEventsListener = function() {
|
||||||
return true;
|
return true;
|
||||||
});
|
});
|
||||||
|
|
||||||
if(hash) {
|
if(pdfHash) {
|
||||||
updateNbLayers();
|
updateNbLayers();
|
||||||
setInterval(function() {
|
setInterval(function() {
|
||||||
updateNbLayers();
|
updateNbLayers();
|
||||||
|
@ -1063,12 +1064,12 @@ var pageUpload = async function() {
|
||||||
|
|
||||||
var updateNbLayers = function() {
|
var updateNbLayers = function() {
|
||||||
const xhr = new XMLHttpRequest();
|
const xhr = new XMLHttpRequest();
|
||||||
xhr.open('GET', '/signature/'+hash+'/nblayers', true);
|
xhr.open('GET', '/signature/'+pdfHash+'/nblayers', true);
|
||||||
xhr.onload = function() {
|
xhr.onload = function() {
|
||||||
if (xhr.status == 200) {
|
if (xhr.status == 200) {
|
||||||
let newNblayers = xhr.response;
|
let newNblayers = xhr.response;
|
||||||
if(nblayers !== null && nblayers != newNblayers) {
|
if(nblayers !== null && nblayers != newNblayers) {
|
||||||
reloadPDF('/signature/'+hash+'/pdf');
|
reloadPDF('/signature/'+pdfHash+'/pdf');
|
||||||
}
|
}
|
||||||
nblayers = newNblayers;
|
nblayers = newNblayers;
|
||||||
document.querySelectorAll('.nblayers').forEach(function(item) {
|
document.querySelectorAll('.nblayers').forEach(function(item) {
|
||||||
|
@ -1109,7 +1110,8 @@ var pageSignature = async function(url) {
|
||||||
let pdfBlob = null;
|
let pdfBlob = null;
|
||||||
let filename = url.replace('/pdf/', '');
|
let filename = url.replace('/pdf/', '');
|
||||||
|
|
||||||
if(hash) {
|
if(pdfHash) {
|
||||||
|
storeSymmetricKeyCookie();
|
||||||
let response = await fetch(url);
|
let response = await fetch(url);
|
||||||
if(response.status != 200) {
|
if(response.status != 200) {
|
||||||
return;
|
return;
|
||||||
|
@ -1141,8 +1143,8 @@ var pageSignature = async function(url) {
|
||||||
if(sharingMode) {
|
if(sharingMode) {
|
||||||
setTimeout(function() { runCron() }, 2000);
|
setTimeout(function() { runCron() }, 2000);
|
||||||
}
|
}
|
||||||
if(hash) {
|
if(pdfHash) {
|
||||||
pageSignature('/signature/'+hash+'/pdf');
|
pageSignature('/signature/'+pdfHash+'/pdf');
|
||||||
window.addEventListener('hashchange', function() {
|
window.addEventListener('hashchange', function() {
|
||||||
window.location.reload();
|
window.location.reload();
|
||||||
})
|
})
|
||||||
|
@ -1161,4 +1163,8 @@ var pageSignature = async function(url) {
|
||||||
window.addEventListener('hashchange', function() {
|
window.addEventListener('hashchange', function() {
|
||||||
window.location.reload();
|
window.location.reload();
|
||||||
})
|
})
|
||||||
})();
|
})();
|
||||||
|
|
||||||
|
function storeSymmetricKeyCookie() {
|
||||||
|
document.cookie = pdfHash + "=" + window.location.hash + "; SameSite=Strict";
|
||||||
|
}
|
||||||
|
|
|
@ -262,10 +262,10 @@
|
||||||
var maxSize = <?php echo $maxSize ?>;
|
var maxSize = <?php echo $maxSize ?>;
|
||||||
var maxPage = <?php echo $maxPage ?>;
|
var maxPage = <?php echo $maxPage ?>;
|
||||||
var sharingMode = <?php echo intval(!isset($noSharingMode)) ?>;
|
var sharingMode = <?php echo intval(!isset($noSharingMode)) ?>;
|
||||||
var hash = null;
|
var pdfHash = null;
|
||||||
var direction = '<?php echo $DIRECTION_LANGUAGE ?>';
|
var direction = '<?php echo $DIRECTION_LANGUAGE ?>';
|
||||||
<?php if(isset($hash)): ?>
|
<?php if(isset($hash)): ?>
|
||||||
hash = "<?php echo $hash ?>";
|
pdfHash = "<?php echo $hash ?>";
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
|
|
||||||
var trad = <?php echo json_encode([
|
var trad = <?php echo json_encode([
|
||||||
|
|
Loading…
Reference in a new issue