SecureBitChat/securebit-chat
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

release: v4.8.14 secure chat tools (code blocks, view-once, disappearing, unsend, panic)
CodeQL Analysis / Analyze CodeQL (push) Has been cancelled
Details
Deploy Application / deploy (push) Has been cancelled
Details
Mirror to Codeberg / mirror (push) Has been cancelled
Details
Mirror to PrivacyGuides / mirror (push) Has been cancelled
Details

Browse Source 
New privacy-focused messaging controls in the composer:
- Code blocks: button wraps the message in a fenced block; both peers render a
  monospace code window with a copy button (clipboard auto-clears after ~30s).
  Window is built from sanitized text via React nodes — no new XSS surface.
- View-once: recipient sees a blurred bubble, reveals on tap, then it is wiped.
  Honestly cooperative (not screenshot-proof).
- Disappearing messages: optional 30s/5m/1h timer auto-deletes on both sides
  with a live countdown; incoming TTL clamped to [5s, 24h].
- Unsend (delete for everyone) via new MESSAGE_TYPES.message_delete control.
- Panic wipe: clears chat, wipes keys and disconnects (behind a confirm).

Transport:
- Per-message metadata (id / view-once / timer) travels inside the encrypted
  envelope, not in the sanitized text, so content cannot spoof these controls.
- _sanitizeMessageMeta whitelists + bounds metadata on send and receive.
- AAD/replay protection, SAS gate and receive-side DOMPurify are unchanged.

Adds tests/secure-chat-features.test.mjs (full suite: 17 files, all passing).
Bumps version to 4.8.14 across package.json, package-lock.json, manifest.json,
index.html, meta.json, README, SECURITY_DISCLAIMER, header and init banner.
This commit is contained in:
lockbitchat
2026-06-18 20:37:50 -04:00
parent cf36656341
commit 15173a9278
17 changed files with 1124 additions and 183 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/secure-chat-features.test.mjs
+75
View File
@@ -0,0 +1,75 @@
import assert from 'node:assert/strict';
// No DOM needed: we mock the incoming-chat sanitizer so DOMPurify/window are
// not required, and exercise the transport/meta plumbing directly.
globalThis.window = globalThis.window || {};
const { EnhancedSecureWebRTCManager } = await import('../src/network/EnhancedSecureWebRTCManager.js');
const P = EnhancedSecureWebRTCManager.prototype;
const T = EnhancedSecureWebRTCManager.MESSAGE_TYPES;
// ── _sanitizeMessageMeta: whitelist + bounds ────────────────────────────────
{
const ok = P._sanitizeMessageMeta.call({}, { mid: 'm_1-a', once: true, ttl: 300, code: true });
assert.deepEqual(ok, { mid: 'm_1-a', code: true, once: true, ttl: 300 });
// Junk and out-of-range values are stripped; with no valid keys -> null.
assert.equal(P._sanitizeMessageMeta.call({}, { foo: 1 }), null);
assert.equal(P._sanitizeMessageMeta.call({}, null), null);
assert.equal(P._sanitizeMessageMeta.call({}, { ttl: 999999 }), null); // above 24h cap
assert.equal(P._sanitizeMessageMeta.call({}, { ttl: 1 }), null); // below 5s floor
assert.equal(P._sanitizeMessageMeta.call({}, { once: 'yes' }), null); // must be exactly true
assert.deepEqual(P._sanitizeMessageMeta.call({}, { mid: 'bad id!@#' }), { mid: 'badid' }); // sanitized
}
// ── deliverMessageToUI forwards sanitized meta to onMessage ──────────────────
{
const calls = [];
const manager = {
_debugMode: false,
_secureLog() {},
_sanitizeIncomingChatMessage: (m) => m, // bypass DOMPurify in test
_sanitizeMessageMeta: P._sanitizeMessageMeta,
onMessage: (message, type, meta) => calls.push({ message, type, meta })
};
P.deliverMessageToUI.call(manager, 'hello', 'received', { once: true, ttl: 30, mid: 'm1', junk: 9 });
assert.equal(calls.length, 1);
assert.equal(calls[0].message, 'hello');
assert.equal(calls[0].type, 'received');
assert.deepEqual(calls[0].meta, { mid: 'm1', once: true, ttl: 30 });
// No meta -> onMessage gets undefined (backward compatible).
calls.length = 0;
P.deliverMessageToUI.call(manager, 'plain', 'received');
assert.equal(calls[0].meta, undefined);
}
// ── processMessage routes message_delete to onMessageDelete ──────────────────
{
const deleted = [];
const manager = {
_secureLog() {},
onMessageDelete: (id) => deleted.push(id)
};
await P.processMessage.call(
manager,
JSON.stringify({ type: T.MESSAGE_DELETE, data: { messageId: 'm_42' } })
);
assert.deepEqual(deleted, ['m_42']);
}
// ── sendMessageDelete emits a well-formed control message ────────────────────
{
const sent = [];
const manager = { sendSystemMessage: (m) => { sent.push(m); return true; } };
const result = P.sendMessageDelete.call(manager, 'm_99');
assert.equal(result, true);
assert.deepEqual(sent, [{ type: T.MESSAGE_DELETE, messageId: 'm_99' }]);
// Invalid ids are rejected without emitting anything.
sent.length = 0;
assert.equal(P.sendMessageDelete.call(manager, ''), false);
assert.equal(sent.length, 0);
}
console.log('Secure chat features tests passed');