SecureBitChat/securebit-chat
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

release: prepare v4.8.5 security hardening release
CodeQL Analysis / Analyze CodeQL (push) Has been cancelled
Details
Deploy Application / deploy (push) Has been cancelled
Details
Mirror to Codeberg / mirror (push) Has been cancelled
Details
Mirror to PrivacyGuides / mirror (push) Has been cancelled
Details

Browse Source
This commit is contained in:
lockbitchat
2026-05-17 14:48:52 -04:00
parent 4b8c8829f1
commit 0a42aa13c3
35 changed files with 2975 additions and 11976 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/webrtc-privacy-mode.test.mjs
+60
View File
@@ -0,0 +1,60 @@
import assert from 'node:assert/strict';
globalThis.window = {
EnhancedSecureCryptoUtils: {},
DEBUG_MODE: true,
DEVELOPMENT_MODE: true,
location: { hostname: 'localhost', search: '?debug' },
webpackHotUpdate: {}
};
const { EnhancedSecureWebRTCManager } = await import('../src/network/EnhancedSecureWebRTCManager.js');
function fake(config = {}) {
return {
_config: {
webrtc: {
relayOnly: config.relayOnly ?? false,
iceServers: config.iceServers ?? [{ urls: 'stun:stun.example.test:3478' }]
}
},
_ipLeakWarningShown: false,
delivered: [],
deliverMessageToUI(message, type) {
this.delivered.push({ message, type });
},
_hasTurnServer: EnhancedSecureWebRTCManager.prototype._hasTurnServer
};
}
// Default mode preserves current behavior.
{
const manager = fake();
const config = EnhancedSecureWebRTCManager.prototype._buildPeerConnectionConfig.call(manager);
assert.equal(config.iceTransportPolicy, undefined);
assert.equal(config.iceServers[0].urls, 'stun:stun.example.test:3478');
}
// Privacy mode uses relay-only transport.
{
const manager = fake({ relayOnly: true, iceServers: [{ urls: 'turn:turn.example.test:3478' }] });
const config = EnhancedSecureWebRTCManager.prototype._buildPeerConnectionConfig.call(manager);
assert.equal(config.iceTransportPolicy, 'relay');
}
// Missing TURN warns clearly.
{
const manager = fake();
EnhancedSecureWebRTCManager.prototype._warnIfTurnMissing.call(manager);
assert.match(manager.delivered[0].message, /may expose IP addresses/i);
}
// STUN-only config does not claim IP protection, even with privacy mode selected.
{
const manager = fake({ relayOnly: true, iceServers: [{ urls: 'stun:stun.example.test:3478' }] });
assert.equal(EnhancedSecureWebRTCManager.prototype._hasTurnServer.call(manager), false);
EnhancedSecureWebRTCManager.prototype._warnIfTurnMissing.call(manager);
assert.match(manager.delivered[0].message, /STUN alone does not hide IP addresses/i);
}
console.log('WebRTC privacy mode tests passed');