Merge branch 'coder:main' into main

Author: projectoperations

ci/build/npm-postinstall.sh

@@ -51,6 +51,18 @@ symlink_bin_script() {
   cd "$oldpwd"
 }
 
+command_exists() {
+  if [ ! "$1" ]; then return 1; fi
+  command -v "$@" > /dev/null
+}
+
+is_root() {
+  if command_exists id && [ "$(id -u)" = 0 ]; then
+    return 0
+  fi
+  return 1
+}
+
 OS="$(os)"
 
 main() {
@@ -75,17 +87,20 @@ main() {
     exit 1
   fi
 
-  case "${npm_config_user_agent-}" in npm*)
-    # We are running under npm.
-    if [ "${npm_config_unsafe_perm-}" != "true" ]; then
-      echo "Please pass --unsafe-perm to npm to install code-server"
-      echo "Otherwise the postinstall script does not have permissions to run"
-      echo "See https://docs.npmjs.com/misc/config#unsafe-perm"
-      echo "See https://stackoverflow.com/questions/49084929/npm-sudo-global-installation-unsafe-perm"
-      exit 1
-    fi
-    ;;
-  esac
+  # Under npm, if we are running as root, we need --unsafe-perm otherwise
+  # post-install scripts will not have sufficient permissions to do their thing.
+  if is_root; then
+    case "${npm_config_user_agent-}" in npm*)
+      if [ "${npm_config_unsafe_perm-}" != "true" ]; then
+        echo "Please pass --unsafe-perm to npm to install code-server"
+        echo "Otherwise post-install scripts will not have permissions to run"
+        echo "See https://docs.npmjs.com/misc/config#unsafe-perm"
+        echo "See https://stackoverflow.com/questions/49084929/npm-sudo-global-installation-unsafe-perm"
+        exit 1
+      fi
+      ;;
+    esac
+  fi
 
   if ! vscode_install; then
     echo "You may not have the required dependencies to build the native modules."

docs/android.md

@@ -18,7 +18,7 @@ nvm install 18
 nvm use 18
 ```
 
-8. Install code-server globally on device with: `npm install --global code-server --unsafe-perm`
+8. Install code-server globally on device with: `npm install --global code-server`
 9. Run code-server with `code-server`
 10. Access on localhost:8080 in your browser
 

docs/npm.md

@@ -92,7 +92,7 @@ Installing code-server requires all of the [prerequisites for VS Code developmen
 Next, install code-server with:
 
 ```bash
-npm install --global code-server --unsafe-perm
+npm install --global code-server
 code-server
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
 ```
@@ -112,7 +112,7 @@ For help and additional troubleshooting, see [#1397](https://github.com/coder/co
 After adding the dependencies for your OS, install the code-server package globally:
 
 ```bash
-npm install --global code-server --unsafe-perm
+npm install --global code-server
 code-server
 # Now visit http://127.0.0.1:8080. Your password is in ~/.config/code-server/config.yaml
 ```
@@ -144,8 +144,8 @@ To debug installation issues, install with `npm`:
 
 ```shell
 # Uninstall
-npm uninstall --global --unsafe-perm code-server > /dev/null 2>&1
+npm uninstall --global code-server > /dev/null 2>&1
 
 # Install with logging
-npm install --loglevel verbose --global --unsafe-perm code-server
+npm install --loglevel verbose --global code-server
 ```

docs/termux.md

@@ -70,7 +70,7 @@ code-server --auth none
 7. If already installed then use the following command for upgradation.
 
 ```
-npm update --global code-server --unsafe-perm
+npm update --global code-server
 ```
 
 ## Upgrade

src/node/http.ts

@@ -319,8 +319,8 @@ export const getCookieOptions = (req: express.Request): express.CookieOptions =>
   // URL of that page) and the relative path to the root as given to it by the
   // backend.  Using these two we can determine the true absolute root.
   const url = new URL(
-    req.query.base || req.body.base || "/",
-    req.query.href || req.body.href || "http://" + (req.headers.host || "localhost"),
+    req.query.base || req.body?.base || "/",
+    req.query.href || req.body?.href || "http://" + (req.headers.host || "localhost"),
   )
   return {
     domain: getCookieDomain(url.host, req.args["proxy-domain"]),

src/node/routes/domainProxy.ts

@@ -53,7 +53,7 @@ const maybeProxy = (req: Request): string | undefined => {
   return undefined
 }
 
-router.all("*", async (req, res, next) => {
+router.all(/.*/, async (req, res, next) => {
   const port = maybeProxy(req)
   if (!port) {
     return next()
@@ -97,7 +97,7 @@ router.all("*", async (req, res, next) => {
 
 export const wsRouter = WsRouter()
 
-wsRouter.ws("*", async (req, _, next) => {
+wsRouter.ws(/.*/, async (req, _, next) => {
   const port = maybeProxy(req)
   if (!port) {
     return next()

src/node/routes/index.ts

@@ -25,7 +25,7 @@ import * as login from "./login"
 import * as logout from "./logout"
 import * as pathProxy from "./pathProxy"
 import * as update from "./update"
-import { CodeServerRouteWrapper } from "./vscode"
+import * as vscode from "./vscode"
 
 /**
  * Register all routes and middleware.
@@ -109,21 +109,21 @@ export const register = async (app: App, args: DefaultedArgs): Promise<Disposabl
   app.router.use("/", domainProxy.router)
   app.wsRouter.use("/", domainProxy.wsRouter.router)
 
-  app.router.all("/proxy/(:port)(/*)?", async (req, res) => {
+  app.router.all("/proxy/:port/:path(.*)?", async (req, res) => {
     await pathProxy.proxy(req, res)
   })
-  app.wsRouter.get("/proxy/(:port)(/*)?", async (req) => {
+  app.wsRouter.get("/proxy/:port/:path(.*)?", async (req) => {
     await pathProxy.wsProxy(req as pluginapi.WebsocketRequest)
   })
   // These two routes pass through the path directly.
   // So the proxied app must be aware it is running
   // under /absproxy/<someport>/
-  app.router.all("/absproxy/(:port)(/*)?", async (req, res) => {
+  app.router.all("/absproxy/:port/:path(.*)?", async (req, res) => {
     await pathProxy.proxy(req, res, {
       passthroughPath: true,
     })
   })
-  app.wsRouter.get("/absproxy/(:port)(/*)?", async (req) => {
+  app.wsRouter.get("/absproxy/:port/:path(.*)?", async (req) => {
     await pathProxy.wsProxy(req as pluginapi.WebsocketRequest, {
       passthroughPath: true,
     })
@@ -170,12 +170,10 @@ export const register = async (app: App, args: DefaultedArgs): Promise<Disposabl
 
   app.router.use("/update", update.router)
 
-  const vsServerRouteHandler = new CodeServerRouteWrapper()
-
   // Note that the root route is replaced in Coder Enterprise by the plugin API.
   for (const routePrefix of ["/vscode", "/"]) {
-    app.router.use(routePrefix, vsServerRouteHandler.router)
-    app.wsRouter.use(routePrefix, vsServerRouteHandler.wsRouter)
+    app.router.use(routePrefix, vscode.router)
+    app.wsRouter.use(routePrefix, vscode.wsRouter.router)
   }
 
   app.router.use(() => {
@@ -188,6 +186,6 @@ export const register = async (app: App, args: DefaultedArgs): Promise<Disposabl
   return () => {
     heart.dispose()
     pluginApi?.dispose()
-    vsServerRouteHandler.dispose()
+    vscode.dispose()
   }
 }

src/node/routes/login.ts

@@ -68,8 +68,8 @@ router.get("/", async (req, res) => {
   res.send(await getRoot(req))
 })
 
-router.post<{}, string, { password: string; base?: string }, { to?: string }>("/", async (req, res) => {
-  const password = sanitizeString(req.body.password)
+router.post<{}, string, { password?: string; base?: string } | undefined, { to?: string }>("/", async (req, res) => {
+  const password = sanitizeString(req.body?.password)
   const hashedPasswordFromArgs = req.args["hashed-password"]
 
   try {

src/node/routes/pathProxy.ts

@@ -22,7 +22,7 @@ export async function proxy(
 
   if (!(await authenticated(req))) {
     // If visiting the root (/:port only) redirect to the login page.
-    if (!req.params[0] || req.params[0] === "/") {
+    if (!req.params.path || req.params.path === "/") {
       const to = self(req)
       return redirect(req, res, "login", {
         to: to !== "/" ? to : undefined,