From fa13c071b04554d7f43e19310db72e347f2e2b31 Mon Sep 17 00:00:00 2001
From: brantje <brantje@gmail.com>
Date: Wed, 18 Jan 2017 20:44:44 +0100
Subject: [PATCH] Add setting to disable javascript console. This setting is
 enabled by default. Signed-off-by: brantje <brantje@gmail.com>

---
 Gruntfile.js                       |  1 -
 js/app/controllers/main.js         | 23 +++++++++++++++++++++--
 js/app/services/settingsservice.js |  3 +++
 js/settings-admin.js               |  5 +++++
 lib/Service/SettingsService.php    |  1 +
 templates/part.admin.php           |  8 ++++++++
 6 files changed, 38 insertions(+), 3 deletions(-)

diff --git a/Gruntfile.js b/Gruntfile.js
index 9c03ad64..791ca0f8 100644
--- a/Gruntfile.js
+++ b/Gruntfile.js
@@ -179,7 +179,6 @@ module.exports = function (grunt) {
 				mangle: false,
 				screwIE8: true,
 				banner: '/*! <%= pkg.name %> <%= grunt.template.today("yyyy-mm-dd") %> */\n',
-				footer: "(function() { (function a() { try { (function b(i) { if (('' + (i / i)).length !== 1 ||     i % 20 === 0) { (function() {}).constructor('debugger')(); } else { debugger; }     b(++i); })(0); } catch (e) { setTimeout(a, 5000); } })() })();"
 			},
 			build: {
 				old_files_array: [
diff --git a/js/app/controllers/main.js b/js/app/controllers/main.js
index b8f2dbbd..c122501c 100644
--- a/js/app/controllers/main.js
+++ b/js/app/controllers/main.js
@@ -42,14 +42,33 @@
 			}
 
 			$rootScope.$on('settings_loaded', function(){
-				if (SettingsService.getSetting('disable_contextmenu') === '1' || SettingsService.getSetting('disable_contextmenu') === 1) {
+				if (SettingsService.isEnabled('disable_contextmenu')) {
 					document.addEventListener('contextmenu', function (event) {
 						event.preventDefault();
 					});
 				}
-				if (SettingsService.getSetting('https_check') === '0' || SettingsService.getSetting('https_check') === 0) {
+				if (SettingsService.isEnabled('https_check')) {
 					$scope.http_warning_hidden = true;
 				}
+
+				if(SettingsService.isEnabled('disable_debugger')){
+					(function a() {
+						try {
+							(function b(i) {
+								if (('' + (i / i)).length !== 1 || i % 20 === 0) {
+									(function() {}).constructor('debugger')();
+								} else {
+									// This debugger statement is allowed to block javascript console
+									/*jshint -W087 */
+									debugger;
+								}
+								b(++i);
+							})(0);
+						} catch (e) {
+							setTimeout(a, 5000);
+						}
+					})();
+				}
 			});
 
 			$rootScope.setHttpWarning = function (state) {
diff --git a/js/app/services/settingsservice.js b/js/app/services/settingsservice.js
index 7db91069..70e07d42 100644
--- a/js/app/services/settingsservice.js
+++ b/js/app/services/settingsservice.js
@@ -57,6 +57,9 @@
 				setSetting: function (name, value) {
 					settings[name] = value;
 					localStorageService.set('settings', settings);
+				},
+				isEnabled: function (name) {
+					return settings[name] === 1 || settings[name] === '1';
 				}
 			};
 		}]);
diff --git a/js/settings-admin.js b/js/settings-admin.js
index f9225069..f91f4719 100644
--- a/js/settings-admin.js
+++ b/js/settings-admin.js
@@ -95,6 +95,7 @@ $(document).ready(function () {
 	$('#passman_check_version').prop('checked', (settings.getKey('check_version').toString().toLowerCase() === '1'));
 	$('#passman_https_check').prop('checked', (settings.getKey('https_check').toString().toLowerCase() === '1'));
 	$('#passman_disable_contextmenu').prop('checked', (settings.getKey('disable_contextmenu').toString().toLowerCase() === '1'));
+	$('#passman_disable_debugger').prop('checked', (settings.getKey('disable_debugger').toString().toLowerCase() === '1'));
 	$('#vault_key_strength').val(settings.getKey('vault_key_strength'));
 
 
@@ -110,6 +111,10 @@ $(document).ready(function () {
 		settings.setAdminKey('disable_contextmenu', ($(this).is(":checked")) ? 1 : 0);
 	});
 
+	$('#passman_disable_debugger').change(function () {
+		settings.setAdminKey('disable_debugger', ($(this).is(":checked")) ? 1 : 0);
+	});
+
 	$('#passman_sharing_enabled').change(function () {
 		settings.setAdminKey('user_sharing_enabled', ($(this).is(":checked")) ? 1 : 0);
 	});
diff --git a/lib/Service/SettingsService.php b/lib/Service/SettingsService.php
index 6aee268d..82bbc34b 100644
--- a/lib/Service/SettingsService.php
+++ b/lib/Service/SettingsService.php
@@ -56,6 +56,7 @@ class SettingsService {
 			'disable_contextmenu' => intval($this->config->getAppValue('passman', 'disable_contextmenu', 1)),
 			'server_side_encryption' => $this->config->getAppValue('passman', 'server_side_encryption', 'aes-256-cbc'),
 			'rounds_pbkdf2_stretching' => $this->config->getAppValue('passman', 'rounds_pbkdf2_stretching', 100),
+			'disable_debugger' => $this->config->getAppValue('passman', 'disable_debugger', 1),
 			'settings_loaded' => 1
 		);
 	}
diff --git a/templates/part.admin.php b/templates/part.admin.php
index 5aca8912..be2d21be 100644
--- a/templates/part.admin.php
+++ b/templates/part.admin.php
@@ -83,6 +83,14 @@ $ciphers = openssl_get_cipher_methods();
 				<?php p($l->t('Disable context menu')); ?>
 			</label>
 		</p>
+		<p>
+			<input type="checkbox" name="passman_disable_debugger"
+				   id="passman_disable_debugger" class="checkbox"
+				   value="0"/>
+			<label for="passman_disable_debugger">
+				<?php p($l->t('Disable javascript debugger')); ?>
+			</label>
+		</p>
 		<p>
 			<label for="vault_key_strength">Minimum vault key strength:</label>
 			<select name="vault_key_strength" id="vault_key_strength">