Commit Graph

105 Commits

Author SHA1 Message Date
ridiculousfish
f9f773cc28 Comment on why we run 'false' in web_config.py 2014-08-22 12:04:23 -07:00
Kevin Ballard
d9bf53c6e5 Show a non-zero status in the fish_config prompt
When selecting a prompt with fish_config, render the prompt with a
non-zero status so the user knows what it looks like.
2014-08-22 12:00:16 -07:00
Andy Lutomirski
9079ec459c webconfig: fixes for token security
* Use 16-byte tokens
 * Use os.urandom (random.getrandbits shouldn't be used for security)
 * Convert to hex correctly
2014-08-22 15:44:43 +08:00
Andy Lutomirski
aaddccfdb1 webconfig: Use a constant-time token comparison
This prevents a linear-time attack to recover the auth token.
2014-08-22 15:39:13 +08:00
David Adam
4ae2753025 Authenticate connections to web_config service
- Require all requests to use a session path.
 - Use a redirect file to avoid exposing the '/start' URL on the
   command line, as it contains the cookie value.

Fix for CVE-2014-2914.
Closes #1438.
2014-08-04 13:34:26 +08:00
Konrad Borowski
6c80a3461c
Add support for toor account.
Currently fish doesn't recognize toor as special. However, it's likely
that on BSD systems, fish shell will be used on toor, not on root (toor
is an intentionally existing account to use more advanced shell on, like
shell).
2014-07-30 11:55:47 +02:00
ridiculousfish
b6658c5497 Render sample prompts faster in fish_config by using a thread pool 2014-07-29 12:12:32 -07:00
ridiculousfish
aad5163b49 Make prompt selection more like color selection in fish_config. Remove
the "show prompt source" button.
2014-07-29 11:00:39 -07:00
David Xia
adabc2d7a0 Fix fish_config error with python3
Closes #1253.
2014-07-28 22:02:55 +08:00
Siteshwar Vashisht
317660c2fe Avoid using OptionParser to parse bindings in webconfig.py
OptionParser eats commaandline arguments passed to bind actions, so avoid using it.
2014-07-25 08:39:31 +05:30
ridiculousfish
f6a89d13c2 Merge branch 'master' of github.com:fish-shell/fish-shell 2014-07-23 22:27:37 -07:00
Siteshwar Vashisht
3e01dd955f Updated code to parse bindings in webconfig.py 2014-07-23 01:53:15 +05:30
adisbladis
27fa0ea9d7 "webconfig.py: Don't allow NoneType as buffer, fallback to bytes.
Fixes TypeErrors when using bindings tab"
2014-07-22 12:31:57 +02:00
Siteshwar Vashisht
7b3132d39d Fixed code to parse bindings for webconfig 2014-06-08 16:05:00 +05:30
Konrad Borowski
d97e31b4ab git prompt shouldn't export variables. 2014-06-01 09:39:28 +02:00
Maurizio De Santis
4285baa6e1 Prompt sample: Debian chroot environment
When you chroot in Debian, bash shows the chroot environment in the prompt:

```bash

...

if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
    debian_chroot=$(cat /etc/debian_chroot)
fi

PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '

...
```

This is the effect:

```
(chroot_env) user@host:~#
```

It is useful when chrooting, since usually the hostname remains the same and thus you can't distinguish where you are.
2014-05-03 12:28:38 -07:00
Anders Bergh
44b35f7735 fish_config: Listen on both IPv6 and IPv4.
A subclass of TCPServer was created to deny any non-local connections and to
listen using an IPv6 socket.
2014-03-31 10:06:46 -07:00
Konrad Borowski
6d749789ce Use 127.0.0.1 for fish config.
Before this change, fish config used 0 as its address. However, this
isn't a good idea from security point of view, as web service can be
accessed from everywhere, and do anything on the account it was ran on.

This also deals with firewalls which block the access to 0 even from
the host machine itself. It possibly might fix #673, but I'm not sure.
2014-02-27 14:47:08 +01:00
ridiculousfish
5e7c01c251 Rework color editing in fish_config. Bury customization mode a bit:
initially the user only sees the various themes, and has to activate
customization mode to change colors. Tweak the appearance as well.
2014-02-24 01:56:02 -08:00
ridiculousfish
77dbaf3aef Fix for Python out-of-range exception when accessing Bindings tab 2014-02-09 20:19:04 -08:00
Siteshwar Vashisht
a1b43b7a09 Fix for opening bindings tab as initial tab
'fish_config bindings' command should open bindings tab as initially active tab
2014-01-30 23:53:49 +05:30
Konrad Borowski
2927514e68 Partially fix #1224.
It would be nice if this would work without this hack,
but until then, this has to work. Requires you to reinstall
the prompt using fish configuration system.
2014-01-10 21:33:50 +01:00
Siteshwar Vashisht
646180518a Minor fixes in the colors tab
* Show color scheme title in preview box
* Show information about setting terminal background color on Apply
button mouse hover
* Added text_color_for_color method in colors controller scope
2013-12-07 13:12:43 +05:30
Siteshwar Vashisht
659541f4a5 Merge branch 'master' into fish_config_angular 2013-12-07 09:50:59 +05:30
Konrad Borowski
591abd340b Fix bold in informative git prompt.
Currently this fix is useless, as web config cannot apply variables,
but in future, it could be more useful.
2013-11-27 11:41:13 +01:00
d10n
168d25e780 Do not open CLI browsers when using fish_config.
From the Python webbrowser documentation:
"If text-mode browsers are used, the calling process will block until the user exits the browser."

Running fish_config on an ssh server with no GUI browser will open a CLI browser which blocks and stops the server from handling requests.
Using multiprocess to run the server in the background lets CLI browsers access the page, but the page is unusable.

For now, disable CLI browsers and recommend opening the page in a graphical browser.
In the future, maybe write a CLI utility to change prompts and delete history items.
2013-11-26 00:41:09 -08:00
Siteshwar Vashisht
2271526d2f Do not highlight selected prompt 2013-11-09 23:33:56 +05:30
Siteshwar Vashisht
ea2e1f016f Set current prompt as selected prompt after prompt change 2013-11-09 20:43:19 +05:30
Siteshwar Vashisht
c4aa223698 Changed UI of prompt tab
Show function definition and use button under prompt demo when prompt
demo is selected
2013-11-09 19:30:41 +05:30
Siteshwar Vashisht
63233655f4 Updated fish_config prompt tab 2013-11-09 18:26:44 +05:30
Siteshwar Vashisht
9e424ed921 Show actual binding if user clicks a binding item 2013-10-27 18:51:50 +05:30
Siteshwar Vashisht
be55d2c57f Updated handling escape character in binding parser 2013-10-25 00:05:26 +05:30
Siteshwar Vashisht
119dd06ea8 Add a one second delay between query input and filtering history 2013-10-22 23:45:32 +05:30
Siteshwar Vashisht
aed26f8c1e Added code for parsing end key 2013-10-22 23:08:30 +05:30
Siteshwar Vashisht
6482fd52fb Moved some color related methods from index.html to colorutils.js 2013-10-22 23:00:38 +05:30
Siteshwar Vashisht
44b091a7c6 Enabled filtering by binding keys 2013-10-22 00:24:15 +05:30
Siteshwar Vashisht
8279a0d477 Display bindings, history and variables in multiple lines on click 2013-10-21 23:42:16 +05:30
Siteshwar Vashisht
7709af7a62 Removed extra spaces while showing function definition 2013-10-21 23:40:43 +05:30
Siteshwar Vashisht
80a48be324 Changed scheme for loading key bindings 2013-10-20 15:03:47 +05:30
Siteshwar Vashisht
bc9e2266be Added current scheme in list of color schemes 2013-10-20 14:28:40 +05:30
Siteshwar Vashisht
ff4d0ce1e1 Moved angular.js to js directory 2013-10-19 23:56:23 +05:30
Siteshwar Vashisht
5d8c776250 Moved all functions related to colors to a separate file 2013-10-19 23:54:51 +05:30
Siteshwar Vashisht
3d2315d596 Use single expression instead of a function call to show selected tab 2013-10-19 22:47:18 +05:30
Siteshwar Vashisht
892cc7da31 Added a global error handler 2013-10-19 22:36:18 +05:30
Siteshwar Vashisht
eb9e712f91 Reorganized javascript code across app, filters and controllers
Moved all javascript files under js folder
Removed jquery.js from repository
2013-10-19 12:02:00 +05:30
Siteshwar Vashisht
877a14c0b8 Added a filter for filtering bindings 2013-10-17 19:47:04 +05:30
Siteshwar Vashisht
0ad6e6f459 Updated binding tab to show descriptive key names 2013-10-17 19:47:04 +05:30
Siteshwar Vashisht
885c23b453 Show readable description of bindings 2013-10-17 19:47:04 +05:30
Siteshwar Vashisht
7cb8f6e9fc Added missing bindings partial 2013-10-17 19:47:04 +05:30
Siteshwar Vashisht
04f518082c Initial implementation of bindings tab 2013-10-17 19:47:04 +05:30