SaltyRTC JavaScript Client
This is a SaltyRTC v1 implementation for JavaScript (ES5+) written in TypeScript.
⚠️ Note: The SaltyRTC client libraries are in maintenance mode. They will still receive bugfixes and regular maintenance, but if you want to start using these libraries, be prepared that you will need to take over maintenance at some point in time. (If you are interested in maintaining the libraries, please let us know, our e-mails are in the README, section "Security".)
The library has been tested with Firefox 45+ and Chromium 49+.
Installing
Via npm
You can install this library via npm:
npm install --save @saltyrtc/client msgpack-lite tweetnacl
Manually
Alternatively, copy one of the following files to your project directly:
- ES2015:
dist/saltyrtc-client.es2015.js - ES5:
dist/saltyrtc-client.es5.js - ES5 minified:
dist/saltyrtc-client.es5.min.js
Make sure to manually add the following external dependencies to your project:
Usage
See Docs.
Development
Install dependencies:
$ npm install
To compile the TypeScript sources to a single JavaScript (ES5 / Minified ES5 / ES2015) file:
$ npm run dist
The resulting files will be located in dist/.
Testing
1. Preparing the Server
First, clone the saltyrtc-server-python repository.
git clone https://github.com/saltyrtc/saltyrtc-server-python
cd saltyrtc-server-python
Then create a test certificate for localhost, valid for 5 years.
openssl req \
-newkey rsa:1024 \
-x509 \
-nodes \
-keyout saltyrtc.key \
-new \
-out saltyrtc.crt \
-subj /CN=localhost \
-reqexts SAN \
-extensions SAN \
-config <(cat /etc/ssl/openssl.cnf \
<(printf '[SAN]\nsubjectAltName=DNS:localhost')) \
-sha256 \
-days 1825
You can import this file into your browser certificate store. For Chrome/Chromium, use this command:
certutil -d sql:$HOME/.pki/nssdb -A -t "P,," -n saltyrtc-test-ca -i saltyrtc.crt
Additionally, you need to open chrome://flags/#allow-insecure-localhost and
enable it.
In Firefox the easiest way to add your certificate to the browser is to start
the SaltyRTC server (e.g. on localhost port 8765), then to visit the
corresponding URL via https (e.g. https://localhost:8765). Then, in the
certificate warning dialog that pops up, choose "Advanced" and add a permanent
exception.
Create a Python virtualenv with dependencies:
python3 -m virtualenv venv
venv/bin/pip install .[logging]
Finally, start the server with the following test permanent key:
export SALTYRTC_SERVER_PERMANENT_KEY=0919b266ce1855419e4066fc076b39855e728768e3afa773105edd2e37037c20 # Public: 09a59a5fa6b45cb07638a3a6e347ce563a948b756fd22f9527465f7c79c2a864
venv/bin/saltyrtc-server -v 5 serve -p 8765 \
-sc saltyrtc.crt -sk saltyrtc.key \
-k $SALTYRTC_SERVER_PERMANENT_KEY
2. Running Tests
To compile the test sources, run:
$ npm run rollup_tests
Then simply open tests/testsuite.html in your browser!
Alternatively, run the tests automatically in Firefox and Chrome:
$ npm test
3. Linting
To run linting checks:
npm run lint
You can also install a pre-push hook to do the linting:
echo -e '#!/bin/sh\nnpm run lint' > .git/hooks/pre-push
chmod +x .git/hooks/pre-push
Security
Responsible Disclosure / Reporting Security Issues
Please report security issues directly to one or both of the following contacts:
- Danilo Bargen
- Email: mail@dbrgn.ch
- Threema: EBEP4UCA
- GPG: EA456E8BAF0109429583EED83578F667F2F3A5FA
- Lennart Grahl
- Email: lennart.grahl@gmail.com
- Threema: MSFVEW6C
- GPG: 3FDB14868A2B36D638F3C495F98FBED10482ABA6
Coding Guidelines
- Write clean ES2015
- Favor
constoverlet
License
MIT, see LICENSE.md.