Use the normal convention of saving errno in a local variable right
after a system call has failed. (To be safe in case some other
irrelevant system call fails before we get to output the message for
errno.)
Use both Util::symbolicErrno() (so that a developer sees the actual
symbolic error name as in manpages and code) and strerror() (for
nominally helpful plaintext explanation of what that errno value
means) in the output.
Use explicit std:: prefix for strerror() (because that is cleaner and
it is our convention).
Use << operators in the LOG_FOO calls instead of concatenating strings
with the + operator.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I75f42051f81661eea62235019ef9a0925239ce00
The parameter to strerror() should be an errno value, not the return
value from a failed system call (which is always -1 in this case).
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I61baf348988f3e6577aab30bf985e0fe646291fd
here full test URL mean, first you take the URL from the console, open it in the browser, then take the URL from the URL bar, close the existing session, and open a new one with that URL
Signed-off-by: Rash419 <rashesh.padia@collabora.com>
Change-Id: I4b4e59721fb1deec709bc778a8e59a52fb466a3a
When enabled, the /lool/getMetrics endpoint will not require authentication.
By default authentication is required and this setting is set to "false".
Signed-off-by: Andras Timar <andras.timar@collabora.com>
Change-Id: I801130cf552eb14c231fcc0a0bdd39d9ebb6db7f
This allows people to perturb the etags for now, and in future the
URL sub-path to make it easier to develop with binaries where the
git hash doens't change.
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Change-Id: I6082a71cde5d3a34cca29fa5858feaf6fdb7f4d6
Do not check for incompatibility of trace level logging and user data anonymization
when cleaning up jails. The --cleanup switch of loolwsd is special and not used
normally in production.
Signed-off-by: Andras Timar <andras.timar@collabora.com>
Change-Id: If95c8c87c5fc2a278ee7d85e7e9089807a06602b
This remove reuse_cookies as a setting and feature
altogether. It was originally a workaround to aid
with authentication, prior to having access_token.
However, it proved to be less useful than originally
anticipated, primarily because cookies nowadays have
security restrictions in browsers. In addition to
the fact that access_token simply deprecated it.
While the documentation has also been updated,
tests still have reuse_cookies in input data.
This is intentional to ensure the code is
backwards compatible with any deployment that might
still pass URLs with reuse_cookies around.
Change-Id: If214b299b34a910face8cabc7c1335621990c85e
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
RequestDetails manages URLs and their components.
The DocKey is based on the URL, so it makes sense
to be provided by RequestDetails.
Change-Id: If99e677a2e5a227f09b5035f388c4da587084db9
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
And cleanup around DocKey and URI handling.
Change-Id: Ieef83197ac9b04e22af92eee217e336bc2b31761
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Problem:
In ClientSession::postProcessCopyPayload() the serialized form of
clipboard's text/html is modified to inject meta origin and sent to the
client. When this data is sent back from client to the server(possibly a
different one) to set the core clipboard via "setclipboard", the parser
gets confused because the 'text/html' part/flavour's data length as
originally set by the core the first time does not agree with the actual
length due to the meta origin injection done previously. As a result the
parsed results of 'text/html' is only partial and possibly the parsing
of subsequent flavours are affected.
Fix:
Add a preprocess step for the payload for setclipboard to
remove the meta origin tag from the payload before parsing is done
(in ChildSession).
The original clipboard payload is created in
ChildSession::getClipboard(). Note that here we encode every flavour
core supports ('text/html' is just one of them) where the type and size
of each flavour data is included. The problem is that later on,
ClientSession::postProcessCopyPayload() injects a meta tag(which is
needed in the client) into this multi favour payload without adjusting
the size of the flavour (which messes up any subsequent parsing of the
'text/html' flavour section and those after it). We could adjust/correct
the size in ClientSession::postProcessCopyPayload(), which is one
solution but the way we do it here (string search on the whole payload!)
without proper parsing seems less futuristic (things can go wrong if we
change the format of packing flavour data in the payload). I feel that a
less hacky solution is to remove the meta tag (current patch) to make it
exactly how it was created in ChildSession::getClipboard() so that we
don't have to do any error-prone size adjustments in
ClientSession::postProcessCopyPayload() or when parsing the payload.
Signed-off-by: Dennis Francis <dennis.francis@collabora.com>
Change-Id: I285f133829ea0f2dd1cd07d17e90f794ba9a6caf
number of versions to maintain per file can be specified in loolwsd.xml
on exceeding specified quarantine size oldest file(s) is deleted
Signed-off-by: Pranam Lashkari <lpranam@collabora.com>
Change-Id: I3ca55b9ab29a82988f19fe0acd43e0fae2c2a423
We need to enable .uno:Signature for readonly mode to do this.
Signed-off-by: Szymon Kłos <szymon.klos@collabora.com>
Change-Id: I87b72bdebc13d093da207b209aced33bbe300922
SteamSocket::eraseFirstInputBytes() removes from the beginning
of std::vector, which is generally slow. If the buffer becomes
too big, which it may under a load, then the function will get
slow, which in turn will likely lead to the buffer getting even
bigger because of accumulated backlog.
The Buffer class is optimized for removal at the beginning,
so use it instead of std::vector, including some API additions
for it to be an in-place replacement where it's used.
Signed-off-by: Luboš Luňák <l.lunak@collabora.com>
Change-Id: I4cf7ec56c908c7d3df391dc3f8e230ad32abb162
This prevents additional strings from being allocated.
Signed-off-by: Hugo Peixoto <hugo.peixoto@gmail.com>
Change-Id: I84b1e5cf4d11bf8512febe068b3097770b63dc5c
There was a pattern of calling Util::startsWith on StringVector
elements:
- Util::startsWith(tokens[0], "boo")
- Util::startsWith(tokens.getParam(token), "boo")
These two expressions would cause a new string to be allocated and
immediately released. To optimize this, a StringVector::startsWith
method is introduced.
This method works by calling compare directly on the underlying
StringVector string, avoiding creating a temporary string.
Signed-off-by: Hugo Peixoto <hugo.peixoto@gmail.com>
Change-Id: I6f27d5bb13783f39c7d4ce0644a11e57b0071244
By adding this img-src to the content-security-policy it
makes possible updating images from a dialog without requiring
updating Collabora Online
Signed-off-by: Pedro Pinto Silva <pedro.silva@collabora.com>
Change-Id: I3ca8934c3e6eb0ee78a36a483f45eaf5649c84d5
bug is described here: #3208
Missing Lock header according to the wopi specs on rename
operation
Signed-off-by: Mert Tumer <mert.tumer@collabora.com>
Change-Id: I6c73f4f1a0a057935a6885cea274ce66c73365d4
This makes up most of the trace, and we have to simulate it anyway.
Change-Id: I3820e1d2281e696c119edb9ce989fda5ca4170e6
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
During startup we wait for extended time until
a child process is up and running. In case this
takes a long time, or indeed if forking permanently
fails, we simply don't respond to shutdown requests.
This patch makes it possible to wait for about 20
seconds at a time for a child. This way on average
we will exit the process within about 10 seconds,
assuming we are blocked waiting for a child that
will never spawn.
Change-Id: I4409cbc60aa3c7bd30970d4638c820bc581b65ba
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
(cherry picked from commit 6ed8b4bb1a6532d947a6bb00f936183767b54a80)
We cleanup all the relevant objects and instances
before exiting the wsd process, however some libraries
may still misbehave and deadlock during this final
cleanup stage. Notably, Poco has been observed to
deadlock during cleaning up the SSL context static
instance (used for the singleton) by waiting on
its internal mutex indefinitely.
Here we exit forcefully after cleaning up.
Change-Id: I76621c1de7f9a4ff918624b3019b9869c08787c2
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
(cherry picked from commit f776d87cf595bab084e53202777251a38e482147)
wsd/LOOLWSD.cpp:1996:28: runtime error: member call on null pointer of type 'SocketPoll'
#0 0xcd8799 in LOOLWSD::doHousekeeping() wsd/LOOLWSD.cpp:1996:28
Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: I3f5f8ad0d8a09a0f4244a32897c59d8a772a8d17
The last-editing-session could still be valid, but
waiting disconnection, in which case the kit might
have already discarded it, and so saving would
fail (silently, and thereby leaving docbroker
waiting for the save response).
To avoid this, we always validate the
last-editing-session before using, and not just
when setting it.
Change-Id: I60cd219d8e5a9945396110c8f8d194e87f81afba
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
(cherry picked from commit e1fc6adbfef7ee0678c7a563fd6142c32f2da4a6)
This log entry can be misleading on its own.
When shutting down, the modified flag is not reset,
and that in itself is not a cause for concern.
So this log entry is seen much more often than we
expect. If we truely fail to save/upload, there
will be other errors that will be the tell-tale
signs of a serious issue. So it's reasonable to
downgrade this error to a warning (and watch for
other errors).
Change-Id: Ic879c3fbac887ed5b64bdd1a31aa38bcfd863850
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
(cherry picked from commit 7db86b3eb2cdc2a44023e7b7491e1ee202146ef5)
When we are uploading before exit we don't
want the upload socket to linger, because
that would keep the SocketPoll alive for
longer than necessary, holding up the DocBroker.
Instead, we flag the socket for closure, right
after that single request, via HTTP headers.
This allows for very fast unloading of the
DocBroker right after uploading.
Change-Id: I926763383093d2d2dfb10ed41293b1f5d54d090b
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
(cherry picked from commit 4e132606d1849f82991c46d641c50794d632233c)
Unloading duration depends on the time to save
and upload the document, during which a new view
might be opened. We now allow aborting the unloading
and resume reusing the document as-is.
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
(cherry picked from commit 8f299eb2cdfe0ef869a8c90fbc602a93ba2fcb73)
Change-Id: I7bc485177929c0d1c9ef12b02672db493ac402c9
This way it will reload the document without getting
additional errors like "this is embaressing.."
and not timed out on large files due to retrying for a limited
time.
Signed-off-by: Mert Tumer <mert.tumer@collabora.com>
Change-Id: Ied341200ca21e1b7243daaf62813bc9ed69fecd3
This adds a new service render-search-result, which renders an
image of the position where, the search fund a hit. The search
result contains the information in which object or paragraph,
which is just the node id and node type from the document model.
The service takes the document and the search result (xml file)
as the input and returns a PNG image as the output.
Signed-off-by: Tomaž Vajngerl <tomaz.vajngerl@collabora.co.uk>
Change-Id: Iffc158c5b0a3c9a63f8d05830314c9bc1616b3b1
Signed-off-by: Tomaž Vajngerl <tomaz.vajngerl@collabora.co.uk>
External apps load loolwsd inside the iframe
and loolwsd makes postmessages to parent window.
We receive the postMessageOrigin from checkfileInfo yet
we still send some messages before we even go to the WOPI Api
in that case, if parent window runs on a different domain, we
end up with CORS blocking by the browser. To prevent that we can
allow safely passing the origin inside the first post like access_token
and sanitize it with Poco::URI::encode.
Signed-off-by: Mert Tumer <mert.tumer@collabora.com>
Change-Id: I5724f2d103603a599d45b7f61da81fb30834ef0e
"default installs currently don't use proof keys"
Change-Id: I43b6c5ed6633b35e58ec3e1b1cc222756a9a47d8
Signed-off-by: Henry Castro <hcastro@collabora.com>
Return proper HTTP code when disconnecting and log
to make the communication more effective.
Change-Id: I4da9d5a7fe4c09d6fcd44b1f31b439180d7012bd
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
When async save was started but we want to stop DocumentBroker
- we shouldn't kill the socket which listens to save result.
Because when we kill socket we will destroy DocumentBroker
before saving is completed, this allows for a minimal time
to connect again to the document and receive old content
from the WOPI storage. When we wait for async save result
we will keep DocumentBroker alive and next session can be
connected and receive correct content.
fixes: https://github.com/CollaboraOnline/online/issues/2747
Signed-off-by: Szymon Kłos <szymon.klos@collabora.com>
Change-Id: I5505a5ccc1f3d6928c723bddfea16bf5c5798d1e
From our API description:
DisableCopy
Disables copying from the document in libreoffice online backend.
Pasting into the document would still be possible.
Change-Id: I1f7e272ad3b04208b534eff990fed895951b4751
Signed-off-by: Szymon Kłos <szymon.klos@collabora.com>
"Async" here refers a specific kind of data in the Trace Event JSON
format, not asynchrony in general.
Actually, we don't have code that would generate such yet in
loleaflet. Just the createAsyncTraceEvent function in Socket.js. Quite
possibly the "Complete" events (a.k.a. ProfileZones) are all we need.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I611ccd4b964bcacdd1050893f70dbdb813ee3c34
Since a99edb5d29 this gets a different lifecycle, and is often
joined and gone by the time we get to cleanup.
Change-Id: Ic21ca837d484a9a853c7f8f683e876406b00a943
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Also clear its input buffer explicitly.
Change-Id: I8badbb96d98eaf10433a65fcfd13b0d6d5893594
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Ignore input in a somewhat gentler way.
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Change-Id: I758302dc3bb1aa87f9fbfa726f73f4b9339e08c2
When running tests in parallel, closing the server listening
port before all DocBrokers are terminated runs the risk of
the listening port getting recycled by another test. This
means that the new test might get unexpected connections
from the old test that is shutting down.
This improves test stability.
Change-Id: I2c6ac9e7ed9953813e0da6ab19b960b1edc1d1a8
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
The original behavior must be preserved, which is not to
initialize SSL when termination is enabled but SSL is disabled.
This reverts commit 1c9541a6a636647086397e1310084cc990b6ed70.
Change-Id: Iba3ed3eea45b6b78e696334ca4d1a4a2c014d95b
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
If the last upload had failed and we are closing,
make sure to save a new copy (i.e. save even if
unmodified) so we would have the latest version to upload.
Change-Id: I25efb76eaf9c0e05a2d18071b273447803b17cc5
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This prevents auto-saving while a
save is in progress.
Change-Id: I2606df704482ad54a954414d48ed3ca35d4764a9
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
There is an important distinction between
internally saving a document and uploading
the latest saved version to storage.
Core reports the modified state, which was
at some point used to flag the modified state
in the admin console. This state is misleading
if uploading failed.
This patch makes this distinction even more
explicit than it was. We now always update
the modified flag given by Core, and flag
the document as modified in the admin console
too. But we only update the admin console to
unmodfied when we successfully upload and the
document is not modified at that point (which
it might very well be modified again by the
time we finish uploading).
Without this patch, we stop updating the
modified flag when uploading fails. This
is problematic when said failure occures
right before closing the document, because
the document will have no modification
but we will be stuck thinking it is modified.
This combines two commits:
8c602e179e
and
9db39ce741
Change-Id: I31c72aa2491b8e98597075cd35b6a809fab560a1
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
During the save during shutdown we can get big invalidation
emissions, there is no point in re-rendering the view at that
stage; so skip it.
Change-Id: Ie85ef57648815a1872ca35dcb1bdfc9fa54e64c0
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
remember correct URI so all the following communication
(eg. downloading the file, upload) will be performed on new location.
Signed-off-by: Szymon Kłos <szymon.klos@collabora.com>
Change-Id: Id14c5209eb1d9ffc7c24d7e02f0c7c32a60568b7
With some loadbalancers it may happen that HTTP 302 Found
response with redirect location will appear.
Change-Id: I7bac807761423adcd827cf775bd1d3d2ba87a6cc
Signed-off-by: Szymon Kłos <szymon.klos@collabora.com>
Makes unit-rendering-options fail reliably.
This reverts commit 175c9c5b2a.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: Id05c911991baaae0dbc52678a192fc01639352e0
By passing a traceevent=yes query parameter in the URL. Note that if
Trace Event generation is not enabled in loolwsd.xml this will have no
effect.
It is a bit silly to notice this query parameter only in loleaflet and
then send the information back to the server. Would be better if the
server noticed it itself before sending the URL to loleaflet.
While at it, let's not bother ever enabling Trace Event generation in
the WSD process. That is not what we are interested in.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I985bfd1e2dbd14aa5a55b386b4762fb64bcb4008
We ask for save as for the plain/text type documents
such as csv or txt. Notify other views about it so
they can follow one to the new document
Signed-off-by: merttumer <mert.tumer@collabora.com>
Change-Id: I4cdcec6148d1064ad4e90ad9be2ce483c19a8eda
I have seen cases where the time stamps in the Trace Event JSON end up
very wrong, which makes them useless. What mechanism causes this is
unclear. But at least let's not believe such data.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: Ic5528e73e502e3691b69d91f57d2fa06de47f5d0
And not that of the corresponding Kit process, which confuses the
Chrome Trace Event Viewer, as the same pid and tid will appear for
Trace Events actually from that Kit process.
(Yes, we should use a separate, synthetic, pid for the loleaflet Trace
Events. In an upcoming commit.)
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I34298abf5c5f5ef099338d8d3a94b0026131615b
Write to the Trace Event JSON file in just one place, protected by a
mutex.
Handle metadata events separately. We want them to propagate to the
output if Event Trace generation is just enabled, regardless whether
it has been turned on or not.
We can send the metadata for the Kit process only after we have opened
the docuemnt as sending a Trace Event to WSD uses the (singleton)
Document object in Kit.
Introduce some new functions for the above and adapt callers
appropriately.
Generate a Complete event for the handling of one image tile, from
setting the src attribute of the Image object to finishing the onload
function.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I5978e0fb2495e0d2dc479bf861eb4ac7da03fa50
We automatically emit metadata events that identify threads.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: Icb25b5cfc29b28ba7112ca72de56dbb697c8dd5a
In MobileApp builds, the 'else if' was evidentally
getting chained to the unrelated if/else clauses
before the '#if !MOBILEAPP' at line 434 of
DocumentBroker.cpp.
Now this 'else if' is a standalone conditional
in MobileApp builds and it's part of the
'remove idle documents' conditional chail otherwise.
While fixing that, the missing indentation
of a for-loop under a conditaional is also
fixed, to avoid confusing maintainers.
Change-Id: If3de18f385d84cb22d757cf73743fd8541c36df9
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Templates are special because the file that gets
loaded is not in the same format as the final one.
An implicit save-as is issued in Kit for template
loads right after loading to create the final
document format. It is this file (as opposed to the
template) that needs to be uploaded, which we do
right after we get the 'status:' message in
DocBroker to actually create the first version
in storage.
Change-Id: I23cbf527f1059b0b4059f15069737ab35ac860e7
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
To avoid writing (saving) while reading (uploading) or
any other undesirable racse on the document file,
we atomically rename the file after saving on disk
to pass ownership.
After saving in Core, we rename the document in the
jail to .upload (by appending it). DocumentBroker
looks for the file with that extension and atomically
renames it to .uploading (by appening the 'ing' suffix).
This way, the Kit only renames from the original to
.upload and DocBroker renames only .upload to .uploading.
This guarantees that we never rename the same file
concurrently.
Uploading decision is strictly based on the modified
timestamp of the .uploading file, compared to the
timestamp of the last file we uploaded successfully.
Change-Id: I03520cd8c87605f6dad417e7a978204f76fc0c38
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This makes sure that if the document isn't modified, we
will detect no change from the storage as well and
avoid making an unnecessary upload.
Change-Id: I8ba2850921d75c96b2aa4f6deb86891b4fad0ea0
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
The client always issued a save before renameFile.
This worked fine until we make uploading asynchronous.
Now that uploading is done asychronously, the renameFile
command arrives while uploading is still in progress
and fails because renaming is done via the same
storage API used for uploading.
It is best to do both the saving (including uploading)
and renaming directly in WSD, instead of relying on
the client to save explicitly before renaming.
Change-Id: I99f6294f4c83130bc13ec8e3b013ba0192f0f84c
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Some user-initiated activities, such as renaming
the document filename, is either a multi-stage
activity or involves async operations.
Using a new Activity enum in DocumentState, we
now track each of the different activities that
needs special attention or handling.
Change-Id: I9cd2d04b10a97387ce02f5c3cc98b41a1732af6a
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
With async uploading we have to process the
stop-condition only after we get the response from
the async operation. For now, we don't stop
if we fail to upload, giving a chance to retrying.
Timeout should be used in the poll loop to
limit how long we retry.
Change-Id: I8e8f8618f92f34ef2f1853e499f4f8d6ce932b40
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This is to also include the 'force' case that is
needed when unloading a document.
Now that the force flag is reliably set, we don't
need to override it in needToUploadToStorage.
Change-Id: Ic0672e6c7bcb53a17ec6a0cbd2d2f8b434fbc300
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Now we can handle the response of the storage
after the async upload is complete (or timed out).
Change-Id: I29d450646bddb07f02bb17d257e7e0fa372ce357
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Add the necessary support for handling async
document upload to storage in DocumentBroker.
Change-Id: Id7a58c245d729cef58669bafb60db450f7ebbba2
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
loleaflet does not look for a &enabletraceeventlogging=yes query
parameter. That was removed many weeks ago.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I33b36191f1d21c2c0177061ff704aa9bcd5f9ef3
The path to the local file is relative to the jail.
Change-Id: Ie008aee4afc264339706b5b4715af35cd71ac55d
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Modelled on how it is done in core. ProfileZone is derived from
NamedEvent which is derived from TraceEvent. Here we don't keep any
separate ProfileZone.hpp, though.
This was needed to introduce generation of "instant" events here, too.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I6583134e96001641c50339deb4197fca6ab7d5d5
(Also in variable names.)
Better to just use terms that say what we mean, i.e. most verbose and
least verbose.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I80d74fda8b80bd34d194c3df97d246a41368189b
This was already worked on iOS since commit
75a3ab02ca (Add an iOS setting for the
user's name or nickname, 2021-04-07), start using the same API on
Android as well.
Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: I37825d143b0ed92bd84f9a1512313e51ff5e761c
Add a way to set it from the client.
For now, in the Help > About dialog, the L key toggges the logging
level between the default (whatever is set in loolwsd.xml or on the
loolwsd command line) and the maximum a client is allowed to set
(which also can be set in loolwsd.xml or on the loolwsd command line).
Also while at it, uncouple the toggling of the Trace Event generation
from the triple-click tha toggles tile debugging. It is now on the T
key.
Also swap the meaning of "min" and "max" for the logging levels. Even
if the Poco::Message::Priority values are such that the less urgent
priorities have a numerbcally higher value, conceptually it is more
clear to say the more urgent priorities (levels) are "higher".
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I5383b16ead7d2d378901525eb0d16513d88f045e
We don't want a client to be able to turn logging off completely
either.
Note, just to avoid potential confusion: This is about the LOG_INF(),
LOG_WRN(), LOG_TRC() etc logging here in Online. Not related to my
recent work on Trace Event format logging.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I3de527cb9f69d9a5269b1db2e1d4602e7117f22e
(Not used yet.)
The intent is that the JS code will be able send the server a message
that adjusts the logging level for the WSD thread(s) and Kit processes
handling that client.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I88ac301f002b1f3a55a5d8c9e3650babdedc1e0d
I had accidentally used core naming conventions for ProfileZone.
Change-Id: If10eceb7a5a29d26662d5b21a9289681d814a12e
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Don't bother collecting them into a vector, like in core. Instead,
just call a static member function ProfileZone::addOneRecording() for
each Event Trace object (string) to be emitted. That function then
needs to be implemented separately in each executable. In WSD it logs
the object to the Event Trace file. In Kit it sends it to WSD for
logging. In Unit tests we use a dummy implementation.
(If Event Trace logging is not enabled at all in loolwsd.xml (the
default), nothing is done, of course.)
When receiving the "traceeventrecording start" or "traceeventrecording
stop" message from the client, turn ProfileZone recoring on or off in
the WSD and Kit process. (Probably in WSD the flag should be
per-client.)
Change-Id: Ie1127d65dd44ed77e7eeab4b0f0a90cce95dc4a2
Signed-off-by: Tor Lillqvist <tml@collabora.com>
That is our convention, and this also avoids a global variable in the
kit process.
Change-Id: I37d2d53aa7eb24f9848fa8ef98bc57d75db90d13
Signed-off-by: Tor Lillqvist <tml@collabora.com>
For now, an argument object should have all keys and values as strings
not containing any spaces because of the trivial way in which it is
parsed.
This is a bit sad, yes, but necessary until we move to some more
structured syntax for the messages.
Also fix an incorrect comment.
Change-Id: I8a1408a4a1787b66a3cf7b26b3d92c07df244c47
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Instead of requiring that information in the query string of the loleaflet.html URL.
Change-Id: I8c41e87c7f561561adeb03ec34ce0c19fe9d7fa5
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Make it contain a proper empty JSON array if no trace objects have
been written to it.
Change-Id: Ided1992a822659561a909ac545536261b91adbac
Signed-off-by: Tor Lillqvist <tml@collabora.com>
It enables turning Trace Event recording on (and off again). The
option is passed down to the client through loleaflet.html, and to the
KIT processes. If the option is not used, the new JS functions that
send trace events to the server turn into no-ops to avoid wasting
bandwidth.
It is always on in a "make run".
Change-Id: Iafe1919ccba7c376137d3e0568b857e20780bbc8
Signed-off-by: Tor Lillqvist <tml@collabora.com>
wsd/ClientSession.cpp:411:31: error: object backing the pointer will be destroyed at the end of the full-expression [-Werror,-Wdangling-gsl]
const char* str = tokens[2].data();
^~~~~~~~~
Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: I67e4aa5f61e049ad13663dc1e11ae2bd67399bea
Add a function emitInstantTraceEvent() to leaflet that sends an
"Instant" Trace Event to the server for logging.
Add a function createAsyncTraceEvent() that creates an object that
records the timestamp of its creation and sends the 'b' event to the
server for logging, and when you call finish() on the object, sends
the corresponding 'e' event.
Finally, add a function createCompleteTraceEvent() that creates an
object for a "Complete" Trace Event that includes the end timestamp
*and* the duration. The event is sent to the server when you call
finish() on the object.
Loleaflet sends timestamps in the above messages from
performance.now(). To enable the server to turn those into absolute
timestamps, the loolclient message is amended to include the current
Date.now() and performance.now() values.
Note that the intent is that when generating Trace Event logs, the
server and the web browser run on the same machine, so there is no
wall-clock synchronisation issues between server and client.
Change-Id: Ie9e68b093b769cc942e1e1d17083febeb07ccf5e
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Also avoid generating abbreviations in various message handling loops
unless debugging is enabled.
Change-Id: I22f4929b0bfd4da36917db6882bb2f5f5be02780
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Avoiding default values for parameters makes the code easier to read.
Especially true for bool parameters. But sure, just a question of
taste.
Change-Id: I473f70bdfafe3a9ccfb325def8760d78fee7e9a6
Signed-off-by: Tor Lillqvist <tml@collabora.com>
When toggling tile debugging in the Help>About, toggle Trace Event
recordning, too. Add a comment with an example of how to turn on
SAL_LOG overriding at the same place.
The following new messages from client to server are introduced:
traceeventrecording <start/stop>
Starts or stops comphelper::TraceEvent recording.
sallogoverride <string>
Overrides the SAL_LOG value, or stops overriding if no parameter
or parameter is "default".
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I8b56c28cd99d39115cd796c44e5051d934d21a1f
Signed-off-by: Tor Lillqvist <tml@collabora.com>
It is (for now) produced (by the ProfileZone things in core) whenever
logging level is "trace". The Event Trace file pathname can be given
in the loolesd.xml file or on the loolwsd command line.
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Change-Id: I6d5829121e71460a4600ee94d2ebf51043c8893f
This enables writing multiple WS frames
at a time, up to the capacity (rounded
to the next full-frame's size).
Change-Id: I30d25f9ba1e405156d1e44886b2f3ac8017f0f3c
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
When writing to the socket, it's always more efficient
to fill the buffer up to the hardware limit for each
write. This is doubly important for efficiency with
SSL, due to the overhead of encrypting multiple
small buffers instead of one large one.
Currently we don't write more than one message
at a time, primarily due to limitations in
the Poco sockets in the unit-tests, which
have a hard time consuming multiple WS frames
with a single poll (subsequent calls to poll
doesn't enter signalled state until new data
arrives, possibly because the data is read and
buffered internally, making the whole scheme
of using poll unreliable and meaningless).
Change-Id: Ic2e2cf1babfb5ab4116efd93f392977ba234d92b
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
... without copying the token.
And use it in TileDesc::parse(), which is known to be a hot path.
Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: I0dcf2eb26c93254cdc6a1c11f9708daf213a825d
And use it in TileDesc::parse(), which is known to be a hot path.
Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: I20375d7a1c31f61662446979e4d6799fd45b49d3
In some rare cases Poco throws "Exists" exception.
It's not clear what causes it, so this should
log more of the original exception, hoping that
it would shed some light.
Change-Id: I51723f35c9e062c56608e8f7b80c9a65d3f0488f
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Even if we use http:// locally via a tunnel the new outgoing socket
code needs SSL initialized to connect securely to remote servers.
Change-Id: If64a3838267182757591a8026097bf08d9ba732f
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
Used for comments added to documents by the user.
The setting, like templateListURL, can be set through a mobile device
management system.
There is no trivial way on iOS for an app to programmatically find out
the name of the user, and that is good from a privacy point of view.
Fixes https://github.com/CollaboraOnline/online/issues/1843
Change-Id: Ie68fcbacf886ec8f1c74021a71879b38d4180c15
Signed-off-by: Tor Lillqvist <tml@collabora.com>
Per the RFC, the server must set the 'Connection'
header to 'close' to signify that the current
request is the last.
With this patch, we now properly notify all the
clients when we do not intend on resuming communication.
Although, technically, there is no reason why we
shouldn't allow the client to reuse the connection,
we may consider that in the future.
See https://tools.ietf.org/html/rfc7230#section-6.3
Change-Id: Ic6250c0afe8124314a9122452040f6a75728a525
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Since the return value of syncRequest and syncDownload
was derived from Response anyway, there is no reason
to have multiple values for callers to look at.
This simplifies the API.
Change-Id: I0f136e515dd0ef6eda84f6a7cd662b260809d2f1
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Rendering PDF documents to images can consume
large amount of memory. Here we limit the
maximum allowed resolution to 384. This is
about 400% zoom resolution, given that the
100% resolution is 96 dpi.
If this proves limiting, it can be increased
to 480 dpi, which is about 500% zoom scale.
Change-Id: I719118d517bbaf8b204411223f1e26a31b97ca99
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
The defined envar is used by Core to override its
default resolution (of 96 dpi), when specified.
Change-Id: Ie7164e78f98990ac88b02dbfe2becbae8c134e9c
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
User-Agent is designed for client-side use only,
in http requests. For servers, the Server header
is designed to announce the server name and version.
This tries to normalize the use and documents
the proper intent and usage.
Change-Id: I42d68d65611cab64c45adf03fe74f9466798b093
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This makes things more consistent in naming
and in namespace.
Change-Id: I2149c9e0b96eddf9fe2ad1dbc80c932fa7582f84
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
This moves WebServerPoll and PrisonerPoll
from the global namespace into LOOLWSD
while converting them to unique_ptr. This
is to manage their lifetimes better and
avoid having out-of-order destruction,
especially with regards to Poco and other
statics that are out of our control.
The PrisonerPoll class had to be renamed
to PrisonPoll because the following is
otherwise invalid:
PrisonerPoll = Util::make_unique<PrisonerPoll>();
Change-Id: Id6c50ebf12ad0f313fea130ffba364beff54f686
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
LOOLWSDServer needs to shutdown its
accept_poll SocketPoll in its destructor,
which may be called after Poco's Logging
subsystem has been destroyed.
Instead of managing the lifetime of
accept_poll member of LOOLWSDServer,
it is safer to manage the lifetime
of LOOLWSDServer itself, and destroy
it in the cleanup stage. This makes
sure that its other members, or indeed
LOOLWSDServer itself, can't have any
late-destoryed objects that can cause
trouble.
The stacktrace for this crash:
terminate called after throwing an instance of 'std::bad_alloc'
what(): std::bad_alloc
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x00007ffff613f801 in __GI_abort () at abort.c:79
#2 0x00007ffff6d51957 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#3 0x00007ffff6d57ae6 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#4 0x00007ffff6d56b49 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#5 0x00007ffff6d574b8 in __gxx_personality_v0 () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#6 0x00007ffff671f573 in ?? () from /lib/x86_64-linux-gnu/libgcc_s.so.1
#7 0x00007ffff671fad1 in _Unwind_RaiseException () from /lib/x86_64-linux-gnu/libgcc_s.so.1
#8 0x00007ffff6d57d47 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#9 0x00007ffff6d582dc in operator new(unsigned long) () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#10 0x00005555556b6127 in void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char*>(char*, char*, std::forward_iterator_tag) [clone .isra.41] ()
#11 0x0000555555986b94 in Poco::Message::Message(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, Poco::Message::Priority) ()
#12 0x000055555585ea49 in SocketPoll::~SocketPoll (this=0x555555d13490 <srv+16>, __in_chrg=<optimized out>) at net/Socket.cpp:145
#13 0x000055555575d794 in TerminatingPoll::~TerminatingPoll (this=0x555555d13490 <srv+16>, __in_chrg=<optimized out>) at ./net/Socket.hpp:832
#14 LOOLWSDServer::AcceptPoll::~AcceptPoll (this=0x555555d13490 <srv+16>, __in_chrg=<optimized out>) at wsd/LOOLWSD.cpp:3766
#15 LOOLWSDServer::~LOOLWSDServer (this=0x555555d13480 <srv>, __in_chrg=<optimized out>) at wsd/LOOLWSD.cpp:3640
#16 0x00007ffff6142041 in __run_exit_handlers (status=0, listp=0x7ffff64ea718 <__exit_funcs>, run_list_atexit=run_list_atexit@entry=true, run_dtors=run_dtors@entry=true) at exit.c:108
#17 0x00007ffff614213a in __GI_exit (status=<optimized out>) at exit.c:139
#18 0x0000555555753658 in LOOLWSD::innerInitialize (this=<optimized out>, self=...) at wsd/LOOLWSD.cpp:1213
#19 0x0000555555789527 in LOOLWSD::initialize (this=<optimized out>, self=...) at wsd/LOOLWSD.hpp:439
#20 0x00005555558e1964 in Poco::Util::Application::run() ()
#21 0x00005555556b6d74 in main (argc=3, argv=0x7fffffffe4f8) at wsd/LOOLWSD.cpp:4286
Change-Id: I28ea6215ce49c752cbb90bc33269ab3b662accf1
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
The lifetime management of static objects
is extremely unpredictable and depends on
many variables outside of our control or
even reliable reproducibility.
Complex static objects that own threads
and other objects are doubly problematic
because of their dependency and/or
interaction with other objects.
Here we replace the static DelayPoll
instance with one we control its lifetime
in the LOOLWSD main body, such that it
is destroyed properly.
Specifically, DelayPoll's dtor was
accessing Poco's Logging subsystem out of
order. That is, after Poco had been
destroyed.
Another advantage to this approach is that
we don't even create the DelayPoll at all
if we don't need it. The onus now is on
the user of DelayPoll to make sure they
create a Delay object with a long-enough
lifetime to encompase it use.
For completeness, here is the stacktrace:
terminate called after throwing an instance of 'std::bad_alloc'
what(): std::bad_alloc
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x00007ffff613f801 in __GI_abort () at abort.c:79
#2 0x00007ffff6d51957 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#3 0x00007ffff6d57ae6 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#4 0x00007ffff6d56b49 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#5 0x00007ffff6d574b8 in __gxx_personality_v0 () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#6 0x00007ffff671f573 in ?? () from /lib/x86_64-linux-gnu/libgcc_s.so.1
#7 0x00007ffff671fad1 in _Unwind_RaiseException () from /lib/x86_64-linux-gnu/libgcc_s.so.1
#8 0x00007ffff6d57d47 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#9 0x00007ffff6d582dc in operator new(unsigned long) () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#10 0x00005555556b5927 in void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char*>(char*, char*, std::forward_iterator_tag) [clone .isra.41] ()
#11 0x0000555555982a14 in Poco::Message::Message(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, Poco::Message::Priority) ()
#12 0x000055555585a909 in SocketPoll::~SocketPoll (this=0x555555d10f60 <DelayPoll>, __in_chrg=<optimized out>) at net/Socket.cpp:145
#13 0x00007ffff6142041 in __run_exit_handlers (status=0, listp=0x7ffff64ea718 <__exit_funcs>, run_list_atexit=run_list_atexit@entry=true, run_dtors=run_dtors@entry=true) at exit.c:108
#14 0x00007ffff614213a in __GI_exit (status=<optimized out>) at exit.c:139
#15 0x0000555555752d78 in LOOLWSD::innerInitialize (this=<optimized out>, self=...) at wsd/LOOLWSD.cpp:1213
#16 0x0000555555788b07 in LOOLWSD::initialize (this=<optimized out>, self=...) at wsd/LOOLWSD.hpp:432
#17 0x00005555558dd7e4 in Poco::Util::Application::run() ()
#18 0x00005555556b6574 in main (argc=2, argv=0x7fffffffe528) at wsd/LOOLWSD.cpp:4276
Change-Id: Ifda55fe869fa6734b9c2490da4497d2551ac21c1
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Makes it accessible to more code.
Change-Id: I73dd1895defe47ae40873b6155203768055206ec
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
"Specifies whether the macro execution is enabled in
general. This will disable Basic, Beanshell, Javascript
and Python scripts. If it is set to false, the
macro_security_level is ignored. If it is set to true,
the mentioned entry specified the level of macro security".
Change-Id: I4bc5b690268a93994d17e2b02b7b60b6398646b7
Signed-off-by: Henry Castro <hcastro@collabora.com>
The clipboard content is handled by the DocBroker,
if it it's available, otherwise, we fallback to the
cached clipboard entries.
When DocBroker has already terminated polling and
is no longer valid, we may end up using it for
the clipboard. In this case, we don't send anything
back, since there is no SocketPoll thread to
process the request or the socket data plumbing.
We avoid this by simply using the fallback (cache)
when we don't have a valid DocBroker.
Change-Id: Idf7f27b453605d173dd8e40d4a5d101f50355468
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Especially error reporting is now better.
Change-Id: I032f6e8403660c2ac24be2d80b53b63831ec1066
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
When loading hasn't completed yet, DocBroker can't
simply send a message to Kit that the session is
disconnected, because there would be no UI or
handlers for events if that were the only session.
Of course letting the document load, only to close
it, is also less than helpful to resource consumption.
Here, we recognize this case and simply terminate the
loading by killing the Kit process altogether to
avoid any potential hangs or resource wastage.
Change-Id: Ia72de715cc6238831c244444bb47b417b9b1e1a4
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Add a new state before load the document,
when Macro Security dialog popup, and avoid
to send the event load timeout.
Change-Id: I5973c5205e90e5447e5478cbab895709a68606f6
Signed-off-by: Henry Castro <hcastro@collabora.com>
This converts Poco to http::Request in sync mode,
thereby not changing functionality. In a follow-up,
this will be converted to async.
Change-Id: Ifbecd44ff599394799c1131470d77f803ed8cc45
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Normally the client session waits for a message
"status:" when the document has loaded to forward
to client side. However, when the document has macros
embedded, and a Macro Warning Security dialog popup
it will never receive the "status:" message.
So it is added "statusindicatorfinish:" to formally set that
the document has loaded.
Change-Id: Id40b853c002403577d7664c4f8206cb5a01403b6
Signed-off-by: Henry Castro <hcastro@collabora.com>
```
wsd/DocumentBroker.cpp:772:57: error: constexpr variable cannot have non-literal type 'const std::chrono::system_clock::time_point' (aka 'const time_point<std::__1::chrono::system_clock>')
constexpr std::chrono::system_clock::time_point Zero;
^
/usr/include/c++/v1/chrono:1355:28: note: 'time_point<std::__1::chrono::system_clock, std::__1::chrono::duration<long long, std::__1::ratio<1, 1000000>>>' is not literal because it is not an aggregate and has no constexpr constructors other than copy or move con
class _LIBCPP_TEMPLATE_VIS time_point
^
```
Signed-off-by: Gleb Popov <6yearold@gmail.com>
Change-Id: I88c5466b8ad104178cf7fa4101f5f5265ccf5e86
Consistent with names elsewhere and less confusing.
Change-Id: Ia72cdef0f6d6cd9589ce54028472e10008cf882c
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
The download operation itself is done
after reading the response from the Poco
object. Therefore, the time duration that
was captured for the GetFile operation
was inaccurate. Luckily, we only need
to time the download API of the Storage
object, which actually is simpler, and
more accurate.
Change-Id: I05c94a29fa59d5efae215f2daea17672abc6efc7
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
For some reason, the duration of the CheckFileInfo
request was not set/updated, and therefore it was
always 0. This fixes this oversight and also
moves the duration variable locally, since
the request is synchronous anyway and there is
hardly any reason to store it elsewhere.
Change-Id: I613b24311bc5c8ee9ab98d675057f354990226e8
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>