JonKazama-Hellion/HellionChat
1
0
Fork 0
Code Issues 1 Pull Requests Actions Releases 28 Activity

Remove webinterface settings tab and configuration fields

Browse Source 
Webinterface adds a third-party HTTP surface that contradicts the
DSGVO-by-default promise: it broadcasts every chat message including
filtered ChatTypes (privacy filter only covers DB writes), ships a
five-digit numeric auth code seeded from System.Random, binds on all
interfaces by default and sets cookies without security flags.

Hardening it for our threat model would land 500+ lines of code and
permanent maintenance for a feature very few users actually use. The
forks audience wants less surface, not more, so the entire feature is
being removed in a focused commit cluster. This first commit drops
the user-facing surface: settings tab class, tab registration and
the Configuration fields plus their UpdateFrom mirror.
This commit is contained in:
Jon Kazama
2026-05-02 02:18:43 +02:00
parent 23e0f37dfb
commit 7bacd1aaba
3 changed files with 0 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ChatTwo/Configuration.cs
-13
View File
@@ -171,14 +171,6 @@ public class Configuration : IPluginConfiguration
public ConfigKeyBind? ChatTabForward;
public ConfigKeyBind? ChatTabBackward;
// Webinterface
public bool WebinterfaceEnabled;
public bool WebinterfaceAutoStart;
public string WebinterfacePassword = WebinterfaceUtil.GenerateSimpleAuthCode();
public int WebinterfacePort = 9000;
public HashSet<string> AuthStore = [];
public int WebinterfaceMaxLinesToSend = 1000; // 1-10000
public void UpdateFrom(Configuration other, bool backToOriginal)
{
if (backToOriginal)
@@ -243,11 +235,6 @@ public class Configuration : IPluginConfiguration
ChosenStyle = other.ChosenStyle;
ChatTabForward = other.ChatTabForward;
ChatTabBackward = other.ChatTabBackward;
WebinterfaceEnabled = other.WebinterfaceEnabled;
WebinterfaceAutoStart = other.WebinterfaceAutoStart;
WebinterfacePassword = other.WebinterfacePassword;
WebinterfacePort = other.WebinterfacePort;
WebinterfaceMaxLinesToSend = other.WebinterfaceMaxLinesToSend;
PrivacyFilterEnabled = other.PrivacyFilterEnabled;
PrivacyPersistChannels = [..other.PrivacyPersistChannels];