Browserified chat web worker

This was done because previously, the worker used importscript
to load deps from a CDN, which was vulnerable to attacks like XSS
because it does not support SRI.
The web worker also cannot access deps from the global head.

chatto/.gitignore

@@ -35,6 +35,7 @@ node_modules
 config
 bundle.js
 bundle.min.js
+worker.js
 src/main/javascript/node/
 dist
 out

chatto/src/main/javascript/Gruntfile.js

@@ -12,8 +12,21 @@ module.exports = function(grunt) {
                 src: '../resources/static/js/bundle.js',
                 dest: '../resources/static/js/bundle.min.js'
             },
+            chat_worker: {
+                src: '../resources/static/js/worker.js',
+                dest: '../resources/static/js/worker.js'
+            },
         },
         browserify: {
+            chat_worker_dev: {
+                src: 'workers/encryption-worker/main.ts',
+                dest: '../resources/static/js/worker.js',
+                options: {
+                    browserifyOptions: {
+                        debug: true
+                    },
+                }
+            },
             dev: {
                 src: 'ts/src/main.ts',
                 dest: '../resources/static/js/bundle.js',
@@ -35,7 +48,7 @@ module.exports = function(grunt) {
             },
             options: {
                 plugin: [
-                    ['tsify', { target: 'ES6', noImplicitAny: true }], // register plugin by name
+                    ['tsify', { target: 'ES6', noImplicitAny: true, esModuleInterop: true, allowSyntheticDefaultImports: true }], // register plugin by name
                 ],
 
 
@@ -51,10 +64,11 @@ module.exports = function(grunt) {
     // grunt.registerTask('default', ['uglify']);
 
     grunt.loadNpmTasks('grunt-browserify')
+    grunt.loadNpmTasks('grunt-banner');
 
 
 
-    grunt.registerTask('default', ['browserify:dev'])
-    grunt.registerTask('prod', ["browserify:prod", "terser"])
+    grunt.registerTask('default', ['browserify:dev','browserify:chat_worker_dev'])
+    grunt.registerTask('prod', ["browserify:prod", 'browserify:chat_worker_dev', "terser"])
 
 };

chatto/src/main/javascript/package.json

@@ -44,7 +44,6 @@
         "handlebars": "global:Handlebars",
         "dompurify": "global:DOMPurify",
         "fuse.js": "global:Fuse",
-        "sjcl": "global:sjcl",
         "sprintf-js": "global:sprintf",
         "alertifyjs": "global:alertify",
         "bootbox": {

chatto/src/main/javascript/workers/encryption-worker/main.ts

@@ -0,0 +1,9 @@
+import registerPromiseWorker from 'promise-worker/register';
+import * as sjcl from 'sjcl'
+
+
+registerPromiseWorker((payload) => {
+    // console.log(payload)
+    // console.log('decrypted = ' + sjcl.decrypt(payload.passphrase, JSON.stringify(payload.cipher)));
+    return sjcl.decrypt(payload.passphrase, JSON.stringify(payload.cipher))
+});

chatto/src/main/javascript/workers/encryption-worker/tsconfig.json

@@ -0,0 +1,66 @@
+{
+  "compilerOptions": {
+    /* Basic Options */
+    // "incremental": true,                   /* Enable incremental compilation */
+    "target": "es6",                          /* Specify ECMAScript target version: 'ES3' (default), 'ES5', 'ES2015', 'ES2016', 'ES2017', 'ES2018', 'ES2019' or 'ESNEXT'. */
+    "module": "commonjs",                     /* Specify module code generation: 'none', 'commonjs', 'amd', 'system', 'umd', 'es2015', or 'ESNext'. */
+    // "lib": [],                             /* Specify library files to be included in the compilation. */
+    // "allowJs": true,                       /* Allow javascript files to be compiled. */
+    // "checkJs": true,                       /* Report errors in .js files. */
+    // "jsx": "preserve",                     /* Specify JSX code generation: 'preserve', 'react-native', or 'react'. */
+    // "declaration": true,                   /* Generates corresponding '.d.ts' file. */
+    // "declarationMap": true,                /* Generates a sourcemap for each corresponding '.d.ts' file. */
+    // "sourceMap": true,                     /* Generates corresponding '.map' file. */
+    // "outFile": "./",                       /* Concatenate and emit output to single file. */
+    // "outDir": "./",                        /* Redirect output structure to the directory. */
+    // "rootDir": "./",                       /* Specify the root directory of input files. Use to control the output directory structure with --outDir. */
+    // "composite": true,                     /* Enable project compilation */
+    // "tsBuildInfoFile": "./",               /* Specify file to store incremental compilation information */
+    // "removeComments": true,                /* Do not emit comments to output. */
+    // "noEmit": true,                        /* Do not emit outputs. */
+    // "importHelpers": true,                 /* Import emit helpers from 'tslib'. */
+    // "downlevelIteration": true,            /* Provide full support for iterables in 'for-of', spread, and destructuring when targeting 'ES5' or 'ES3'. */
+    // "isolatedModules": true,               /* Transpile each file as a separate module (similar to 'ts.transpileModule'). */
+
+    /* Strict Type-Checking Options */
+    "strict": true,                           /* Enable all strict type-checking options. */
+    // "noImplicitAny": true,                 /* Raise error on expressions and declarations with an implied 'any' type. */
+    // "strictNullChecks": true,              /* Enable strict null checks. */
+    // "strictFunctionTypes": true,           /* Enable strict checking of function types. */
+    // "strictBindCallApply": true,           /* Enable strict 'bind', 'call', and 'apply' methods on functions. */
+    // "strictPropertyInitialization": true,  /* Enable strict checking of property initialization in classes. */
+    // "noImplicitThis": true,                /* Raise error on 'this' expressions with an implied 'any' type. */
+    // "alwaysStrict": true,                  /* Parse in strict mode and emit "use strict" for each source file. */
+
+    /* Additional Checks */
+    // "noUnusedLocals": true,                /* Report errors on unused locals. */
+    // "noUnusedParameters": true,            /* Report errors on unused parameters. */
+    // "noImplicitReturns": true,             /* Report error when not all code paths in function return a value. */
+    // "noFallthroughCasesInSwitch": true,    /* Report errors for fallthrough cases in switch statement. */
+
+    /* Module Resolution Options */
+    // "moduleResolution": "node",            /* Specify module resolution strategy: 'node' (Node.js) or 'classic' (TypeScript pre-1.6). */
+    // "baseUrl": "./",                       /* Base directory to resolve non-absolute module names. */
+    // "paths": {},                           /* A series of entries which re-map imports to lookup locations relative to the 'baseUrl'. */
+    // "rootDirs": [],                        /* List of root folders whose combined content represents the structure of the project at runtime. */
+    // "typeRoots": [],                       /* List of folders to include type definitions from. */
+    // "types": [],                           /* Type declaration files to be included in compilation. */
+    "allowSyntheticDefaultImports": true,  /* Allow default imports from modules with no default export. This does not affect code emit, just typechecking. */
+    "esModuleInterop": true,                  /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */
+    // "preserveSymlinks": true,              /* Do not resolve the real path of symlinks. */
+    // "allowUmdGlobalAccess": true,          /* Allow accessing UMD globals from modules. */
+
+    /* Source Map Options */
+    // "sourceRoot": "",                      /* Specify the location where debugger should locate TypeScript files instead of source locations. */
+    // "mapRoot": "",                         /* Specify the location where debugger should locate map files instead of generated locations. */
+    // "inlineSourceMap": true,               /* Emit a single file with source maps instead of having a separate file. */
+    // "inlineSources": true,                 /* Emit the source alongside the sourcemaps within a single file; requires '--inlineSourceMap' or '--sourceMap' to be set. */
+
+    /* Experimental Options */
+    // "experimentalDecorators": true,        /* Enables experimental support for ES7 decorators. */
+    // "emitDecoratorMetadata": true,         /* Enables experimental support for emitting type metadata for decorators. */
+
+    /* Advanced Options */
+    "forceConsistentCasingInFileNames": true  /* Disallow inconsistently-cased references to the same file. */
+  }
+}

chatto/src/main/resources/static/js/worker.js

@@ -1,10 +0,0 @@
-// worker.js
-importScripts('https://unpkg.com/promise-worker/dist/promise-worker.register.js');
-// importScripts('https://unpkg.com/promise-worker@2.0.1/dist/promise-worker.register.js')
-importScripts('https://cdnjs.cloudflare.com/ajax/libs/sjcl/1.0.8/sjcl.min.js');
-
-registerPromiseWorker((payload) => {
-    // console.log(payload)
-    // console.log('decrypted = ' + sjcl.decrypt(payload.passphrase, JSON.stringify(payload.cipher)));
-    return sjcl.decrypt(payload.passphrase, JSON.stringify(payload.cipher))
-});