* xftp: add web page for server information
* web: rename XFTP.Web to XFTPWeb, remove XFTP subdirectory
* refactor(xftp): remove storage quota from web page
* refactor
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
* xftp: implementation of XFTP client as web page (rfc, low level functions)
* protocol, file descriptions, more cryptogrpahy, handshake encoding, etc.
* xftp server changes to support web slients: SNI-based certificate choice, CORS headers, OPTIONS request
* web handshake
* test for xftp web handshake
* xftp-web client functions, fix transmission encoding
* support description "redirect" in agent.ts and cross-platform compatibility tests (Haskell <> TypeScript)
* rfc: web transport
* client transport abstraction
* browser environment
* persistent client sessions
* move rfcs
* web page plan
* improve plan
* webpage implementation (not tested)
* fix test
* fix test 2
* fix test 3
* fixes and page test plan
* allow sending xftp client hello after handshake - for web clients that dont know if established connection exists
* page tests pass
* concurrent and padded hellos in the server
* update TS client to pad hellos
* fix tests
* preview:local
* local preview over https
* fixed https in the test page
* web test cert fixtures
* debug logging in web page and server
* remove debug logging in server/browser, run preview xftp server via cabal run to ensure the latest code is used
* debug logging for page sessions
* add plan
* improve error handling, handle browser reconnections/re-handshake
* fix
* debugging
* opfs fallback
* delete test screenshot
* xftp CLI to support link
* fix encoding for XFTPServerHandshake
* support redirect file descriptions in xftp CLI receive
* refactor CLI redirect
* xftp-web: fixes and multi-server upload (#1714)
* fix: await sodium.ready in crypto/keys.ts (+ digest.ts StateAddress cast)
* multi-server parallel upload, remove pickRandomServer
* fix worker message race: wait for ready signal before posting messages
* suppress vite build warnings: emptyOutDir, externals, chunkSizeWarningLimit
* fix Haskell web tests: use agent+server API, wrap server in array, suppress debug logs
* remove dead APIs: un-export connectXFTP, delete closeXFTP
* fix TypeScript errors in check:web (#1716)
- client.ts: cast globalThis.process to any for browser tsconfig,
suppress node:http2 import, use any for Buffer/chunks, cast fetch body
- crypto.worker.ts: cast sha512_init() return to StateAddress
* fix: serialize worker message processing to prevent OPFS handle race
async onmessage allows interleaved execution at await points.
When downloadFileRaw fetches chunks from multiple servers in parallel,
concurrent handleDecryptAndStore calls both see downloadWriteHandle
as null and race on createSyncAccessHandle for the same file,
causing intermittent NoModificationAllowedError.
Chain message handlers on a promise queue so each runs to completion
before the next starts.
* xftp-web: prepare for npm publishing (#1715)
* prepare package.json for npm publishing
Remove private flag, add description/license/repository/publishConfig,
rename postinstall to pretest, add prepublishOnly, set files and main.
* stable output filenames in production build
* fix repository url format, expand files array
* embeddable component: scoped CSS, dark mode, i18n, events, share
- worker output to assets/ for single-directory deployment
- scoped all CSS under #app, removed global resets
- dark mode via .dark ancestor class
- progress ring reads colors from CSS custom properties
- i18n via window.__XFTP_I18N__ with t() helper
- configurable mount element via data-xftp-app attribute
- optional hashchange listener (data-no-hashchange)
- completion events: xftp:upload-complete, xftp:download-complete
- enhanced file-too-large error mentioning SimpleX app
- native share button via navigator.share
* deferred init and runtime server configuration
- data-defer-init attribute skips auto-initialization
- window.__XFTP_SERVERS__ overrides baked-in server list
* use relative base path for relocatable build output
* xftp-web: retry resets to default state, use innerHTML for errors
* xftp-web: only enter download mode for valid XFTP URIs in hash
* xftp-web: render UI before WASM is ready
Move sodium.ready await after UI initialization so the upload/download
interface appears instantly. WASM is only needed when user triggers
an actual upload or download. Dispatch xftp:ready event once WASM loads.
* xftp-web: CLS placeholder HTML and embedder CSS selectors
Add placeholder HTML to index.html so the page renders a styled card
before JS executes, preventing layout shift. Use a <template> element
with an inline script to swap to the download placeholder when the URL
hash indicates a file download. Auto-compute CSP SHA-256 hashes for
inline scripts in the vite build plugin.
Change all CSS selectors from #app to :is(#app, [data-xftp-app]) so
styles apply when the widget is embedded with data-xftp-app attribute.
* xftp-web: progress ring overhaul
Rewrite progress ring with smooth lerp animation, green checkmark on
completion, theme reactivity via MutationObserver, and per-phase color
variables (encrypt/upload/download/decrypt).
Show honest per-phase progress: each phase animates 0-100% independently
with a ring color change between phases. Add decrypt progress callback
from the web worker so the decryption phase tracks real chunk processing
instead of showing an indeterminate spinner.
Snap immediately on phase reset (0) and completion (1) to avoid
lingering partial progress. Clean up animation and observers via
destroy() in finally blocks.
* xftp-web: single progress ring for upload, simplify ring color
* xftp-web: single progress ring for download
* feat(xftp-web): granular progress for encrypt/decrypt phases
Add byte-level progress callbacks to encryptFile, decryptChunks,
and sha512Streaming by processing data in 256KB segments. Worker
reports fine-grained progress across all phases (encrypt+hash+write
for upload, read+hash+decrypt for download). Progress ring gains
fillTo method for smooth ease-out animation during minimum display
delays. Encrypt/decrypt phases fill their weighted regions (0-15%
and 85-99%) with real callbacks, with fillTo covering remaining
time when work finishes under the 1s minimum for files >= 100KB.
* rename package
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
---------
Co-authored-by: Evgeny @ SimpleX Chat <259188159+evgeny-simplex@users.noreply.github.com>
Co-authored-by: shum <github.shum@liber.li>
Co-authored-by: sh <37271604+shumvgolove@users.noreply.github.com>
* agent: support client notices
* improve
* fix, test
* rename
* cleanup
* send and process notices in more cases
* dont delete
* dont remove notice on other permanent errors
* dont remove notice if there is no notice ID in queue
* add server to error
* allow deleting
* only use notice if key hash matches
* smp server: fix server pages when source code is not specified
* servers: include git commit in version
* flexible alpn
* fix test
* fix ghc 8.10.7 build
* servers: prohibit changing role during control port session
* quota for blocked queues
* allow disabling blocking and quota
* fix test
* fix INI file
* protocol: refactor types and encoding
* clean
* smp server: batch commands (#1560)
* smp server: batch commands verification into one DB transaction
* ghc 8.10.7
* flatten transmission tuples
* diff
* only use batch logic if there is more than one transmission
* func
* reset NTF service when adding notifier
* version
* Revert "smp server: use separate database pool for reading queues and creating service records (#1561)"
This reverts commit 3df2425162.
* version
* Revert "version"
This reverts commit d80a6b74c5.
* rfc: client certificates for high volume clients (opertors' chat relays, notification servers, service bots)
* client certificates types (WIP)
* parameterize Transport
* protocol/schema/api changes
* agent API
* rename command
* agent subscriptions return local ClientServiceId to chat
* verify transmissions
* fix receiving client certificates, refactor
* ntf server: remove shared queue for all notification subscriptions (#1543)
* ntf server: remove shared queue for all notification subscriptions
* wait for subscriber with timeout
* safer
* refactor
* log
* remove unused
* WIP service subscriptions and associations, refactor
* process service subscriptions
* rename
* simplify switching subscriptions
* SMP service handshake with additional server handshake response
* notification delivery and STM persistence for services
* smp server: database storage, store log, fix encoding for STORE error, replace String with Text in locks and error
* stats
* more stats
* rename SMP commands
* service subscriptions in ntf server agent (tests fail)
* fix
* refactor
* exports
* subscribe ntf server as service for associated queues
* test ntf service connection, fix SOKS response, fix service associations not removed in STM storage
* INI option to support services
* ntf server: downgrade subscriptions when service is no longer supported, track counts of subscribed queues
* smp protocol: include service certificate fingerprint in the string signed over with entity key (TODO two tests fail)
* fix test
* ntf server prometheus stats, use Int64 in SOKS/ENDS responses (to avoid conversions), additional error status for ntf subscription
* update RFC
* refactor useServiceAuth to avoid ad hoc decisions about which commands use service signatures, and to prohibit service signatures on other commands
* remove duplicate service signature syntax check from checkCredentials, it is checked in verifyTransmission
* service errors, todos
* fix checkCredentials in ntf server, service errors
* refactor service auth
* refactor
* service agent: store returned queue count instead of expected
* refactor serverThread
* refactor serviceSig
* rename
* refactor, rename, test repeat NSUB service association
* respond with error to SUBS
* smp server: export/import service records between database and store log
* comment
* comments
* ghc 8.10.7
* xftp server: use recipient ID in control port to delete and block files
* cap smp proxy agent version at 10
* version
* fix prometheus
* fix
* remove old version support
* log connection parameter on error
* tests
* log sent command tag
* log error and client version
* cap proxy version for previous destination server
* comment, test
* remove logging tag
* remove logs
* version
* SMP version 14
* version
* remove comments
* version
* servers: blocking records for content moderation
* update
* encode BLOCKED as AUTH in old versions
* update
* unblock queue command
* test, status command
* smp server: combine queue and message store into one class (WIP)
* keep deleted queue tombstones to prevent race conditions and errors when restoring
* move store log from server to store implementations
* STMQueueStore type class
* fix store closed when messages expired, handle store writing errors
* types
* version
* fix recovery from missing write journal, tests
* version
* ntf server: control port
* version .405
* control
* use own_server_domains from INI file
* fix subs by server in control port
* bigger queues
* ntf server: only print subscriptions per own server when they are > 0
* fix tests
* revert version change
* dont import listThreads in ghc 8.10.7
* servers: refactor TLS credentials
* provide server credentials in SNI hook
* determine TLS server params dynamically, when starting the server
* remove alpn from TransportServerConfig to decide it dynamically where server is started
* put DRG state to IORef, split STM transaction of sending notification (#1288)
* put DRG state to IORef, split STM transaction of sending notification
* remove comment
* remove comment
* add comment
* revert version
* newtype for server entity IDs, fix TRcvQueues
* Revert "put DRG state to IORef, split STM transaction of sending notification (#1288)"
This reverts commit 517933d189.
* logServer
* agent: report correct errors from xftp handshake so they are treated as temporary
* disable slow servers test
* remove comments
* all tests
* remove duplicate functions
* parameterize transport handle with transport peer to include server certificate
* include server certificate into THandle
* load server chain and sign key
* fix key type
* fix for 8.10
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
Co-authored-by: IC Rainbow <aenor.realm@gmail.com>
* log control port commands
* auth
* add auth to xftp, config and commands
* log missing auth
* put smp save under auth
* corrections
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
* smp: command authorization
* fix encoding, most tests
* remove old tests
* authorize via crypto_box
* extract authenticator to Crypto module
* make TransmissionAuth Maybe
* rfc
* support authenticators in NTF protocol, test matrix (no backwards compatibility yet from new clients to old servers)
* fix/add tests, add version config to "small" agent
* separate client and server versions for SMP protocol
* test batching SMP v7
* do not send session ID in each transmission
* refactor auth verification in the server, split tests
* server "warm up" fixes timing test
* uncomment SUB timing test
* comments, disable two timing tests
* rename version
* increase auth timing test failure threshold
* use different algorithms to authorize snd/rcv commands, use random correlation ID
* transport: fetch and store server certificate (#985)
* THandleParams (WIP, does not compile)
* transport: fetch and store server certificate
* smp: add getOnlinePubKey example to smpClientHandshake
* add server certs and sign authPub
* cleanup
* update
* style
* load server certs from test fixtures
* sign ntf authPubKey
* fix onServerCertificate
* increase delay before sending messages
* require certificate with key in SMP server handshake
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
* remove dhSecret from THandle
* remove v8, merge all changes to one version
* parameterize THandle
* rfc: transmission ecnryption
* Revert "parameterize THandle"
This reverts commit 75adfc94fb.
* use batch syntax for ntf server commands
* separate encodeTransmission when there is no key
* typo
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
* rename
* diff
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
