JonKazama-Hellion/HellionChat
1
0
Fork 0
Code Issues Pull Requests Actions Releases 28 Activity

Remove webinterface settings tab and configuration fields

Browse Source 
Webinterface adds a third-party HTTP surface that contradicts the
DSGVO-by-default promise: it broadcasts every chat message including
filtered ChatTypes (privacy filter only covers DB writes), ships a
five-digit numeric auth code seeded from System.Random, binds on all
interfaces by default and sets cookies without security flags.

Hardening it for our threat model would land 500+ lines of code and
permanent maintenance for a feature very few users actually use. The
forks audience wants less surface, not more, so the entire feature is
being removed in a focused commit cluster. This first commit drops
the user-facing surface: settings tab class, tab registration and
the Configuration fields plus their UpdateFrom mirror.
This commit is contained in:
Jon Kazama
2026-05-02 02:18:43 +02:00
parent 23e0f37dfb
commit 7bacd1aaba
3 changed files with 0 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ChatTwo/Configuration.cs
-13
View File
@@ -171,14 +171,6 @@ public class Configuration : IPluginConfiguration
public ConfigKeyBind? ChatTabForward; public ConfigKeyBind? ChatTabForward;
public ConfigKeyBind? ChatTabBackward; public ConfigKeyBind? ChatTabBackward;
// Webinterface
public bool WebinterfaceEnabled;
public bool WebinterfaceAutoStart;
public string WebinterfacePassword = WebinterfaceUtil.GenerateSimpleAuthCode();
public int WebinterfacePort = 9000;
public HashSet<string> AuthStore = [];
public int WebinterfaceMaxLinesToSend = 1000; // 1-10000
public void UpdateFrom(Configuration other, bool backToOriginal) public void UpdateFrom(Configuration other, bool backToOriginal)
{ {
if (backToOriginal) if (backToOriginal)
@@ -243,11 +235,6 @@ public class Configuration : IPluginConfiguration
ChosenStyle = other.ChosenStyle; ChosenStyle = other.ChosenStyle;
ChatTabForward = other.ChatTabForward; ChatTabForward = other.ChatTabForward;
ChatTabBackward = other.ChatTabBackward; ChatTabBackward = other.ChatTabBackward;
WebinterfaceEnabled = other.WebinterfaceEnabled;
WebinterfaceAutoStart = other.WebinterfaceAutoStart;
WebinterfacePassword = other.WebinterfacePassword;
WebinterfacePort = other.WebinterfacePort;
WebinterfaceMaxLinesToSend = other.WebinterfaceMaxLinesToSend;
PrivacyFilterEnabled = other.PrivacyFilterEnabled; PrivacyFilterEnabled = other.PrivacyFilterEnabled;
PrivacyPersistChannels = [..other.PrivacyPersistChannels]; PrivacyPersistChannels = [..other.PrivacyPersistChannels];
ChatTwo/Ui/Settings.cs
-1
View File
@@ -42,7 +42,6 @@ public sealed class SettingsWindow : Window
new Tabs(Plugin, Mutable), new Tabs(Plugin, Mutable),
new SettingsTabs.Privacy(Plugin, Mutable), new SettingsTabs.Privacy(Plugin, Mutable),
new Database(Plugin, Mutable), new Database(Plugin, Mutable),
new Webinterface(Plugin, Mutable),
new Miscellaneous(Mutable), new Miscellaneous(Mutable),
new Changelog(Mutable), new Changelog(Mutable),
new About() new About()
ChatTwo/Ui/SettingsTabs/Webinterface.cs
-154
View File
@@ -1,154 +0,0 @@
using ChatTwo.Resources;
using ChatTwo.Util;
using Dalamud.Interface;
using Dalamud.Interface.Colors;
using Dalamud.Interface.ImGuiNotification;
using Dalamud.Interface.Utility.Raii;
using Dalamud.Bindings.ImGui;
namespace ChatTwo.Ui.SettingsTabs;
internal sealed class Webinterface(Plugin plugin, Configuration mutable) : ISettingsTab
{
private Plugin Plugin { get; } = plugin;
private Configuration Mutable { get; } = mutable;
public string Name => Language.Options_Webinterface_Tab + "###tabs-Webinterface";
public void Draw(bool changed)
{
if (ImGui.CollapsingHeader(Language.Webinterface_UsageNotice, ImGuiTreeNodeFlags.DefaultOpen))
{
ImGuiUtil.WrappedTextWithColor(ImGuiColors.DalamudWhite, Language.Options_Webinterface_Warning_Header);
ImGui.Spacing();
ImGuiUtil.WrappedTextWithColor(ImGuiColors.DalamudOrange, Language.Options_Webinterface_Warning_Reason);
ImGui.Spacing();
ImGui.Spacing();
ImGuiUtil.WrappedTextWithColor(ImGuiColors.DalamudViolet, Language.Options_Webinterface_Warning_DoNot);
using (ImRaii.PushIndent(15.0f))
{
ImGuiUtil.WrappedTextWithColor(ImGuiColors.DalamudViolet, Language.Options_Webinterface_DoNot_Port);
ImGuiUtil.WrappedTextWithColor(ImGuiColors.DalamudViolet, Language.Options_Webinterface_DoNot_Share);
ImGuiUtil.WrappedTextWithColor(ImGuiColors.DalamudViolet, Language.Options_Webinterface_DoNot_Multibox);
}
ImGui.Spacing();
ImGuiUtil.WrappedTextWithColor(ImGuiColors.DalamudOrange, Language.Options_Webinterface_Warning_Support);
ImGui.Spacing();
}
ImGui.Separator();
ImGui.Spacing();
ImGuiUtil.OptionCheckbox(ref Mutable.WebinterfaceEnabled, Language.Options_WebinterfaceEnable_Name, Language.Options_WebinterfaceEnable_Description);
ImGui.Spacing();
if (!Mutable.WebinterfaceEnabled)
return;
ImGui.Spacing();
ImGuiUtil.OptionCheckbox(ref Mutable.WebinterfaceAutoStart, Language.Options_WebinterfaceAutoStart_Name, Language.Options_WebinterfaceAutoStart_Description);
ImGui.Spacing();
if (ImGuiUtil.InputIntVertical(Language.Webinterface_Option_Port_Name, Language.Webinterface_Option_Port_Description, ref Mutable.WebinterfacePort))
Mutable.WebinterfacePort = Math.Clamp(Mutable.WebinterfacePort, 1024, 49151);
ImGui.Spacing();
if (ImGuiUtil.InputIntVertical(Language.Options_WebinterfaceMaxLinesToSend_Name, Language.Options_WebinterfaceMaxLinesToSend_Description, ref Mutable.WebinterfaceMaxLinesToSend))
Mutable.WebinterfaceMaxLinesToSend = Math.Clamp(Mutable.WebinterfaceMaxLinesToSend, 1, 10_000);
ImGui.Spacing();
ImGuiUtil.WrappedTextWithColor(ImGuiColors.DalamudOrange, Language.Webinterface_CurrentPassword);
ImGui.AlignTextToFramePadding();
ImGui.TextUnformatted(Mutable.WebinterfacePassword);
ImGui.SameLine();
if (ImGuiUtil.IconButton(FontAwesomeIcon.Recycle, tooltip: Language.Webinterface_PasswordReset_Tooltip))
{
Mutable.WebinterfacePassword = WebinterfaceUtil.GenerateSimpleAuthCode();
Plugin.ServerCore.InvalidateSessions();
}
ImGui.TextUnformatted(Language.Webinterface_Controls);
using (ImRaii.PushIndent(10.0f))
{
var isActive = Plugin.ServerCore.IsActive();
using (ImRaii.Disabled(isActive || Plugin.ServerCore.IsStopping()))
{
if (ImGui.Button(Language.Webinterface_Button_Start))
{
Task.Run(() =>
{
var ok = Plugin.ServerCore.Start();
if (ok)
{
Plugin.ServerCore.Run();
WrapperUtil.AddNotification(Language.Webinterface_Start_Success, NotificationType.Success);
}
else
{
WrapperUtil.AddNotification(Language.Webinterface_Start_Failed, NotificationType.Error);
}
});
}
}
ImGui.SameLine();
using (ImRaii.Disabled(!isActive || Plugin.ServerCore.IsStopping()))
{
if (ImGui.Button(Language.Webinterface_Button_Stop))
{
Task.Run(async () =>
{
var ok = await Plugin.ServerCore.Stop();
if (ok)
WrapperUtil.AddNotification(Language.Webinterface_Stop_Success, NotificationType.Success);
else
WrapperUtil.AddNotification(Language.Webinterface_Stop_Failed, NotificationType.Error);
});
}
}
ImGui.AlignTextToFramePadding();
ImGui.TextUnformatted(Language.Webinterface_Controls_Active);
ImGui.SameLine();
using (Plugin.FontManager.FontAwesome.Push())
using (ImRaii.PushColor(ImGuiCol.Text, isActive ? ImGuiColors.HealerGreen : ImGuiColors.DalamudRed))
{
ImGui.TextUnformatted(isActive ? FontAwesomeIcon.Check.ToIconString() : FontAwesomeIcon.Times.ToIconString());
}
Uri? uri;
try {
uri = new Uri($"http://{System.Net.Dns.GetHostName()}:{Mutable.WebinterfacePort}/");
}
catch(Exception)
{
uri = null;
}
ImGui.AlignTextToFramePadding();
ImGui.TextUnformatted(Language.Webinterface_Controls_Url);
ImGui.SameLine();
if (uri is not null)
{
var clicked = false;
clicked |= ImGui.Selectable(uri.AbsoluteUri);
ImGui.SameLine();
clicked |= ImGuiUtil.IconButton(FontAwesomeIcon.ExternalLinkAlt, "urlOpen");
if (clicked)
WrapperUtil.TryOpenUri(uri);
}
else
{
ImGui.TextUnformatted(Language.Options_Webinterface_Hostname_Fail);
}
ImGuiUtil.WrappedTextWithColor(ImGuiColors.HealerGreen, Language.Options_Webinterface_Note);
}
ImGui.Spacing();
ImGui.Spacing();
}
}