Add webxdc notification handler #4400
Conversation
nicodh
force-pushed
the
add-webxdc-notification-handler
branch
from
69dc59f to
55c574b
Compare
There was a problem hiding this comment.
The idea of the feature itself is great, and this MR seems like a good implementation of it code-wise. But design-wise:
I don't like the idea of opening the app on notification click, at least by default.
At the very least a notification should have a separate "Launch app" button to do it.
The "How private are webxdc apps?" section states:
This also means: it can be a privacy risk to open webxdc apps in chats where you don’t trust the members - as you know it from e-mail attachments, where you only open attachments from senders you trust, and not from spammers.
So this is like opening an attachment right from a notification. Especially with real-time channels now enabled by default (which can leak your real IP). I expressed a similar concern in #4366 (comment).
And, correct me if I'm wrong, such notifications would be displayed even from people who aren't on your contact list? Never mind the contact list: with Chatmail, people share their invite codes, which bypasses the "contact request" thing.
And the other person can even completely control the contents of the notification, the text and the icon, judging by the screenshot, which is powerful for phishing.
Exposing your real IP and system info to anyone on the internet at a click of a button is not great.
What do you think?
Well it's not "anyone" and the information on the notification is clear. The icon comes from a webxdc app in a shared chat, not just from the message. I remember there was a discussion on that and assumed the DC_EVENT_INCOMING_WEBXDC_NOTIFY should work like that. But we also could restrict the direct access to the case where the webxdc app is already opened. |
|
on android/ios we're opening the chat with the webxdc-info-message or the webxdc-app-instance instead of opening the app directly. we thought about opening the app directly, but then did not came to that at the end, idea was, however, to add an explicit "Start" button, but maybe it is also totally fine as it is now. we will know after some experience and real-world use. so, i would suggest to do the same on desktop, sorry for not being clearer in the issue. that would postpone that discussion about privacy (where we should also keep in mind, that every normal looking link send in a normal message leaks the IP-address easier. and this does not even discuss the real-world-attack vector of an IP-Address, VPN, realtime-disabled and so on ;) if a chat is a contact request, so "untrusted", i would not send a notification at all (tbh, not totally sure if that is already the case on android, but otherwise, that'd might be regarded as a bug) |
|
Ok so instead calling openwebxdc we just jump to the message as usual. |
|
yes, that seems to be the easier thing for now |
resolves #4366 - add new param isWebxdcInfo to DcNotification - openWebxdc on click
nicodh
force-pushed
the
add-webxdc-notification-handler
branch
from
5b46284 to
3edca1f
Compare
Anyone can send an email, and they can make an app with whatever name and icon they like.
In my experience, contacts don't get marked as "requests" if they have your invite link, and invite links are supposedly not considered sensitive info: For example, people post their invite links in https://deltachat-bot.github.io/public-bots/#/home
Yes, that's better. |
- don't open webxdc on notification click
- pass event text to notification
There was a problem hiding this comment.
I did some testing. There seems to be a problem with when we call flushNotifications(), which is the only function that calls showNotification(). flushNotifications() is only called from the IncomingMsgBunch event handler.
Reproduction steps:
- Create two accounts, and create a group with those two accounts.
- Send the Calendar app to the group
- Send a regular message to the group. You'll get a notification on another account.
- Create an event in the calendar.
You won't get a notification, but I assume you should. - Create another event in the calendar.
You will get a notification for the previous event! - Send a regular message.
You'll first get a notification for the second calendar event, and then a notification for the regular message!
Update: otherwise this looks better than the previous version, much simpler.
Well when debugging it seems that in the group the IncomingWebxdcNotify event is not triggered at all. If you set a break point on frontend/../notifications in line 28 |
Are you sure? It's not the case for me. 2024-12-13-bYubjUH2As.mp4I got it. It's because the handler is slow now, so pushing to the notifications queue happens after the |
Not for me. I found that the missing IncomingWebxdcNotify was caused by a calendar that was added to the group before the other test user was added. So that was correct. But I can't reproduce your issue...? |
|
But it is easly to imagine that fetching messages takes some time... |
|
Added a solution for the queue. Based on https://stackoverflow.com/questions/53540348/js-async-await-tasks-queue (which is a very profound investigation of the queue topic). Would be much easier with rxjs (just call next() on a Subject() while others can subscribe to it) but not worth to introduce a new library here |
nicodh
force-pushed
the
add-webxdc-notification-handler
branch
from
620571c to
d12a326
Compare
|
Removed the event queue in favor of a more simple solution |
| const summaryText = eventText ?? notificationInfo.summaryText | ||
| const chatName = notificationInfo.chatName | ||
| let icon = getNotificationIcon(notificationInfo) | ||
| if (isWebxdcInfo && chatId === -1) { |
There was a problem hiding this comment.
ah because it isn't there yet.... I'd rather use null or undefined to represent that state.
Or add the chat id to the IncomingWebxdcNotify event in core.
There was a problem hiding this comment.
thinking about it more it makes sense to add it to the event, because It already has contact id.
Co-authored-by: Simon Laux <[email protected]>
| @@ -174,6 +247,14 @@ async function flushNotifications(accountId: number) { | |||
| let notifications = [...queuedNotifications[accountId]] | |||
| queuedNotifications = [] | |||
|
|
|||
| for await (const n of notifications) { | |||
There was a problem hiding this comment.
for await is no better than a regular for of here, right?
related to #4366
Example for calendar notification
click opens webxdc app with href if provided
Internal changes:
new flag isWebxdcInfo for DcNotification