Starts using peer capabilities to restrict the management client
on a per-view basis. This change also includes a bulky cleanup
of the login-toggle.tsx file, which was getting pretty unwieldy
in its previous form.
Updates tailscale/corp#16695
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
This change adds a new apiHandler struct for use from serveAPI
to aid with restricting endpoints to specific peer capabilities.
Updates tailscale/corp#16695
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
Instead of modeling remote WebDAV servers as actual
webdav.FS instances, we now just proxy traffic to them.
This not only simplifies the code, but it also allows
WebDAV locking to work correctly by making sure locks are
handled by the servers that need to (i.e. the ones actually
serving the files).
Updates tailscale/corp#16827
Signed-off-by: Percy Wegmann <percy@tailscale.com>
Update vite to 5.1.4, and vitest to 1.3.1 (their latest versions). Also
remove vite-plugin-rewrite-all as this is no longer necessary with vite
5.x and has a dependency on vite 4.x.
Updates https://github.com/tailscale/corp/issues/17715
Signed-off-by: Mario Minardi <mario@tailscale.com>
Update plugin-react-swc to the latest version (3.6.0) ahead of updating vite to 5.x.
Updates https://github.com/tailscale/corp/issues/17715
Signed-off-by: Mario Minardi <mario@tailscale.com>
Update vite-plugin-svgr to the latest version (4.2.0) ahead of updating
vite to 5.x. This is a major version bump from our previous 3.x, and
requires changing the import paths used for SVGs.
Updates https://github.com/tailscale/corp/issues/17715
Signed-off-by: Mario Minardi <mario@tailscale.com>
For user-owned nodes, only the owner is ever allowed to manage the
node.
Updates tailscale/corp#16695
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
Add a WebDAV-based folder sharing mechanism that is exposed to local clients at
100.100.100.100:8080 and to remote peers via a new peerapi endpoint at
/v0/tailfs.
Add the ability to manage folder sharing via the new 'share' CLI sub-command.
Updates tailscale/corp#16827
Signed-off-by: Percy Wegmann <percy@tailscale.com>
add the curly-quotes eslint plugin (same that we use for the admin
panel), and fix existing straight quotes in the current web UI.
Updates #cleanup
Signed-off-by: Will Norris <will@tailscale.com>
The new read-only mode is only accessible when running `tailscale web`
by passing a new `-readonly` flag. This new mode is identical to the
existing login mode with two exceptions:
- the management client in tailscaled is not started (though if it is
already running, it is left alone)
- the client does not prompt the user to login or switch to the
management client. Instead, a message is shown instructing the user
to use other means to manage the device.
Updates #10979
Signed-off-by: Will Norris <will@tailscale.com>
The manage client always listens on http (non-secure) port 5252. If the
login client is loaded over https, then the connectivity check to `/ok`
will fail with a mixed-content error. Mixed-content enforcement is a
browser setting that we have no control over, so there's no way around
this.
In this case of the login client being loaded over https, we skip the
connectivity check entirely. We will always render the sign-in button,
though we don't know for sure if the user has connectivity, so we
provide some additional help text in case they have trouble signing in.
Updates hassio-addons/addon-tailscale#314
Signed-off-by: Will Norris <will@tailscale.com>
Sets up peer capability types for future use within the web client
views and APIs.
Updates tailscale/corp#16695
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
This is simply an extra check to prevent hypothetical issues if a prefix
such as `--prefix="javascript:alert(1)"` was provided. This isn't
really necessary since the prefix is a configuration flag provided by
the device owner, not user input. But it does enforce that we are
always interpreting the provided value as a path relative to the root.
Fixes: tailscale/corp#16268
Signed-off-by: Will Norris <will@tailscale.com>
For consistency w/ the CLI command. And to be more accurate to what
is actually happening on this action - node key is expired.
Also updates the disconnected view shown after logout.
Updates #10261
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
This type seems to be a migration shim for TCP tailscaled sockets
(instead of unix/windows pipes). The `port` field was never set, so it
was effectively used as a string (`path` field).
Remove the whole type and simplify call sites to pass the socket path
directly to `safesocket.Connect`.
Updates #cleanup
Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
Throughout the web UI, we present the tailscale addresses for the
self node. In the case of the node being shared out with a user
from another tailnet, the peer viewer may actually know the node
by a different IP than the node knows itself as (Tailscale IPs
can be configured as desired on a tailnet level). This change
includes two fixes:
1. Present the self node's addresses in the frontend as the addresses
the viewing node knows it as (i.e. the addresses the viewing node
uses to access the web client).
2. We currently redirect the viewer to the Tailscale IPv4 address if
viewing it by MagicDNS name, or any other name that maps to the
Tailscale node. When doing this redirect, which is primarily added
for DNS rebinding protection, we now check the address the peer
knows this node as, and redirect to specifically that IP.
Fixestailscale/corp#16402
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
Ensure we don't create Location: header URLs that have leading //, which is a
schema-less reference to arbitrary 3rd-party sites. That is, //example.com/foo
redirects off-site, while /example.com/foo is an on-site path URL.
Fixestailscale/corp#16268
Signed-off-by: Chris Palmer <cpalmer@tailscale.com>
Was previously failing to redirect to the manage client when accessing
the login client with the Tailscale IP.
Updates #10261Fixestailscale/corp#16348
Co-authored-by: Will Norris <will@tailscale.com>
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
Add a new "Debug" card at the bottom of the details page. It's maybe
premature to add a separate card for this, since all it currently lists
is whether the device is using TUN mode and (for Synology) the DSM
version. But I think it may be helpful to add client connectivity data
(like shown on admin console machine page) as well as a bug report
button. Those can come soon after the 1.56 launch.
Updates #10261
Signed-off-by: Will Norris <will@tailscale.com>
To be safe, use `prefs.ControlURLOrDefault()` rather than the current
`prefs.ControlURL` directly.
Updates #10261
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
Calculate and set the hash of the one inline script we have in
index.html. That script is unlikely to change, so hardcoding the hash
seems fine for now.
Updates #10261
Updates tailscale/corp#16266
Signed-off-by: Will Norris <will@tailscale.com>
Completed testing of the new UI on the existing platforms that use
it. From testing, QNAP, Unraid, and Home Assistant (in addition to
Synology) all do not play well with using an exit node. For now,
we're disabling this setting from the UI. CLI should be updated to
also disallow selection of an exit node from these platforms.
All platforms still allow for advertising as an exit node.
Co-authored-by: Will Norris <will@tailscale.com>
Updates #10261
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
When displaying the login client, we check for connectivity to the
management client by calling it's /ok handler. If that response is
non-200, then there is something wrong with the management client, so
don't render the login button.
Updates #10261
Signed-off-by: Will Norris <will@tailscale.com>
Add visual indication when running as an exit node prior to receiving
admin approval.
Updates https://github.com/tailscale/tailscale/issues/10261
Signed-off-by: Mario Minardi <mario@tailscale.com>
Co-authored-by: Sonia Appasamy <sonia@tailscale.com>
Previously, we were only breaking out of iframes when accessing the
login client over a local IP address (where viewerIdentity is not set).
We need to also handle the case where the user is accessing the login
client over the Tailscale IP, and similarly break out of the iframe when
logging into the management client.
Updates #10261
Signed-off-by: Will Norris <will@tailscale.com>
I seem to recall I needed this for things to work properly with the vite
dev server, but that doesn't seem to be the case anymore? Everything
seems to work fine without it. If we still have issues, we'll need to
look into using a nonce or integrity attribute.
Updates #10261Fixestailscale/corp#16266
Signed-off-by: Will Norris <will@tailscale.com>
Add an endpoint for logging the device detail click metric to allow for
this metric to be logged without having a valid session which is the
case when in readonly mode.
Updates https://github.com/tailscale/tailscale/issues/10261
Signed-off-by: Mario Minardi <mario@tailscale.com>
When running on Home Assistant, use the X-Ingress-Path header to set the
URLPrefix that is passed to the frontend.
Also fix handling of errNotUsingTailscale in the auth handler
(previously it falling through to a later case and returning a 500).
Instead, it's just a terminal state with no auth needed.
Also disable SSH on Home Assistant, since it causes problems on startup
and doesn't make much sense anyway for that platform.
Updates #10261
Signed-off-by: Will Norris <will@tailscale.com>
Add confirmation dialogs for disconnecting and stopping advertisement
of a subnet route.
Updates #10261
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
Limit cookies to HTTP requests (not accessible from javascript).
Set SameSite to "Lax", which is similar to "Strict" but allows for
cookies to be included in requests that come from offsite links. This
will be necessary when we link to the web client from the admin console.
Updates #10261Fixestailscale/corp#16265
Signed-off-by: Will Norris <will@tailscale.com>
The client has changed a bit since we introduced the path prefix. It is
now used for two things:
- its original purpose, of ensuring that when the client is run in CGI
mode at arbitrary paths, then relative paths for assets continue to
work
- we also now pass the path to the frontend and use wouter to manage
routes for the various subpages of the client.
When the client is run behind a reverse proxy (as it is in Home
Assistant), it is common for the proxy to rewrite the request so that
the backend application doesn't see the path it's being served at. In
this case, we don't need to call enforcePrefix, since it's already
stripped before it reaches us. However, wouter (or react router
library) still sees the original path in the browser, and needs to know
what part of it is the prefix that needs to be stripped off.
We're handling this by now only calling enforcePrefix when run in CGI
mode. For Home Assistant, or any other platform that runs the client
behind a reverse proxy with a custom path, they will still need to pass
the `-prefix` flag to `tailscale web`, but we will only use it for route
handling in the frontend.
Updates #10261
Signed-off-by: Will Norris <will@tailscale.com>
In Login mode, must first run system auth. But once authorized,
should be able to reach rest of auth logic to check whether the
user can manage the node. This results in showing/hiding the
sign in button in the frontend login toggle.
Updates #10261
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
Calling DebugPacketFilterRules fails when the node is not logged
in, which was causing 500 errors on the node data endpoint after
logging the node out.
Updates #10261
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
Add logging of device management type for the web client auth flow. Namely,
this differentiates between viewing a node you do not own, viewing a local
tagged node, viewing a remote tagged node, managing a local node, and
managing a remote node.
Updates https://github.com/tailscale/tailscale/issues/10261
Signed-off-by: Mario Minardi <mario@tailscale.com>
Even if connected to the login client over tailscale, still check
platform auth so the browser can obtain the tokens it needs to make
platform requests complete successfully.
Updates #10261
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
Updates:
* Card component used throughout instead of custom card class
* SSH toggle changed to non-editable text/status icon in readonly
* Red error text on subnet route input when route post failed
Updates #10261
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
Precompress webclient assets with precompress util. This cuts our
css and js build sizes to about 1/3 of non-compressed size. Similar
compression done on tsconnect and adminhttp assets.
Updates #10261
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
This commit makes some restructural changes to how we handle api
posting from the web client frontend.
Now that we're using SWR, we have less of a need for hooks like
useNodeData that return a useSWR response alongside some mutation
callbacks. SWR makes it easy to mutate throughout the UI without
needing access to the original data state in order to reflect
updates. So, we can fetch data without having to tie it to post
callbacks that have to be passed around through components.
In an effort to consolidate our posting endpoints, and make it
easier to add more api handlers cleanly in the future, this change
introduces a new `useAPI` hook that returns a single `api` callback
that can make any changes from any component in the UI. The hook
itself handles using SWR to mutate the relevant data keys, which
get globally reflected throughout the UI.
As a concurrent cleanup, node types are also moved to their own
types.ts file, to consolidate data types across the app.
Updates #10261
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>