Improve error display for messages sent from insecure devices #93
Conversation
Add a labs option which will, when set, switch into the "invisible crypto" mode of refusing to send keys to, or decrypt messages from, devices that have not been signed by their owner.
Improve the error messages shown for messages from insecure devices.
richvdh
force-pushed
the
rav/insecure_devices_error_messages
branch
from
4940648
to
70b592b
Compare
richvdh
changed the base branch from
develop
to
rav/ignore_insecure_devices
| @@ -377,3 +377,14 @@ export async function awaitVerifier( | |||
| return verificationRequest.verifier; | |||
| }); | |||
| } | |||
|
|
|||
| /** Log in a second device for the given bot user */ | |||
| export async function createSecondBotDevice(page: Page, homeserver: HomeserverInstance, bob: Bot) { | |||
There was a problem hiding this comment.
Playwright allow to add fixture which allows to encapsulate and easily share behaviour across the tests.
You can take a look at pinned-messages.spec.ts to see an example.
There was a problem hiding this comment.
Frankly, I don't find our use of fixtures very helpful, and think we should use them less rather than more. They are too "magical", and not flexible enough, whilst a separate function is very explicit, and not much more code.
In this instance: there is a bunch of preparation which has to happen before the second device is created. I don't think I can do that with a fixture?
| /* Formatting for the "Verified identity has changed" error */ | ||
| .mx_DecryptionFailureVerifiedIdentityChanged > span { | ||
| /* Show it in red */ | ||
| color: $e2e-warning-color; |
There was a problem hiding this comment.
Can we use instead directly a compound token: Light/color/border/critical/subtle
There was a problem hiding this comment.
done. Thanks for the tip!
|
|
||
| /* With a red border */ | ||
| border: 1px solid $e2e-warning-color; | ||
| border-radius: $font-16px; |
There was a problem hiding this comment.
I this one needs to scale with the font size, otherwise we get a different shape at large font sizes:
Given this is a stop-gap while we wait for element-hq/element-meta#2523 to land, I'm not inclined to spend too much time finessing this. I can use the compound tokens, where they exist, though. |
Use compound colour tokens, and add a background colour.
Use compound spacing tokens
#92 provides a mode in which we will reject:
This PR improves the display of both kinds of message.
The former is shown like this:
The latter is shown like this:
This is based on the designs at element-hq/element-meta#2523, but we don't yet show the content of the event (that being the point of element-hq/element-meta#2523).
Fixes https://github.com/element-hq/crypto-internal/issues/362.