nodebb-plugin-pdf-secure 1.2.3 → 1.2.5

package/lib/controllers.js

@@ -5,23 +5,21 @@ const pdfHandler = require('./pdf-handler');
 
 const Controllers = module.exports;
 
-// XOR key for partial encryption (rotates through this pattern)
-const XOR_KEY = [0x5A, 0x3C, 0x7E, 0x1F, 0x9D, 0xB2, 0x4A, 0xE8];
-
 // Partial XOR - encrypts first 10KB and every 50th byte after that
-function partialXorEncode(buffer) {
+// Now uses dynamic key from nonce data
+function partialXorEncode(buffer, xorKey) {
 	const data = Buffer.from(buffer);
-	const keyLen = XOR_KEY.length;
+	const keyLen = xorKey.length;
 
 	// Encrypt first 10KB fully
 	const fullEncryptLen = Math.min(10240, data.length);
 	for (let i = 0; i < fullEncryptLen; i++) {
-		data[i] = data[i] ^ XOR_KEY[i % keyLen];
+		data[i] = data[i] ^ xorKey[i % keyLen];
 	}
 
 	// Encrypt every 50th byte after that
 	for (let i = fullEncryptLen; i < data.length; i += 50) {
-		data[i] = data[i] ^ XOR_KEY[i % keyLen];
+		data[i] = data[i] ^ xorKey[i % keyLen];
 	}
 
 	return data;
@@ -56,16 +54,14 @@ Controllers.servePdfBinary = async function (req, res) {
 			pdfBuffer = await pdfHandler.getSinglePagePdf(data.file);
 		}
 
-		// Apply partial XOR encryption
-		const encodedBuffer = partialXorEncode(pdfBuffer);
+		// Apply partial XOR encryption with dynamic key from nonce
+		const encodedBuffer = partialXorEncode(pdfBuffer, data.xorKey);
 
 		res.set({
-			'Content-Type': 'application/octet-stream',
+			'Content-Type': 'image/gif',  // Misleading - actual PDF binary
 			'Cache-Control': 'no-store, no-cache, must-revalidate, private',
 			'X-Content-Type-Options': 'nosniff',
 			'Content-Disposition': 'inline',
-			// Send XOR key as header for client decoding
-			'X-PDF-Key': Buffer.from(XOR_KEY).toString('base64'),
 		});
 
 		return res.send(encodedBuffer);

package/lib/nonce-store.js

@@ -1,5 +1,6 @@
 'use strict';
 
+const crypto = require('crypto');
 const { v4: uuidv4 } = require('uuid');
 
 const store = new Map();
@@ -16,17 +17,38 @@ setInterval(() => {
 	}
 }, CLEANUP_INTERVAL).unref();
 
+// Generate a random XOR key (8 bytes)
+function generateXorKey() {
+	return crypto.randomBytes(8);
+}
+
 const NonceStore = module.exports;
 
 NonceStore.generate = function (uid, file, isPremium) {
 	const nonce = uuidv4();
+	const xorKey = generateXorKey();
+
 	store.set(nonce, {
 		uid: uid,
 		file: file,
 		isPremium: isPremium,
+		xorKey: xorKey,  // Store unique key for this nonce
 		createdAt: Date.now(),
 	});
-	return nonce;
+
+	return {
+		nonce: nonce,
+		xorKey: xorKey.toString('base64')  // Return key for viewer injection
+	};
+};
+
+// Get key without consuming nonce (for viewer injection)
+NonceStore.getKey = function (nonce) {
+	const data = store.get(nonce);
+	if (!data) {
+		return null;
+	}
+	return data.xorKey.toString('base64');
 };
 
 NonceStore.validate = function (nonce, uid) {
@@ -48,5 +70,5 @@ NonceStore.validate = function (nonce, uid) {
 		return null;
 	}
 
-	return data;
+	return data;  // Now includes xorKey
 };

package/library.js

@@ -11,9 +11,21 @@ const nonceStore = require('./lib/nonce-store');
 
 const plugin = {};
 
+// Memory cache for viewer.html
+let viewerHtmlCache = null;
+
 plugin.init = async (params) => {
 	const { router, middleware } = params;
 
+	// Pre-load viewer.html into memory cache
+	const viewerPath = path.join(__dirname, 'static', 'viewer.html');
+	try {
+		viewerHtmlCache = fs.readFileSync(viewerPath, 'utf8');
+		console.log('[PDF-Secure] Viewer template cached in memory');
+	} catch (err) {
+		console.error('[PDF-Secure] Failed to cache viewer template:', err.message);
+	}
+
 	// PDF direct access blocker middleware
 	// Intercepts requests to uploaded PDF files and returns 403
 	router.get('/assets/uploads/files/:filename', (req, res, next) => {
@@ -42,6 +54,16 @@ plugin.init = async (params) => {
 			return res.status(400).send('Invalid file');
 		}
 
+		// Check cache
+		if (!viewerHtmlCache) {
+			return res.status(500).send('Viewer not available');
+		}
+
+		// Generate nonce + key HERE (in viewer route)
+		// This way the key is ONLY embedded in HTML, never in a separate API response
+		const isPremium = true;
+		const nonceData = nonceStore.generate(req.uid, safeName, isPremium);
+
 		// Serve the viewer template with comprehensive security headers
 		res.set({
 			'X-Frame-Options': 'SAMEORIGIN',
@@ -55,60 +77,32 @@ plugin.init = async (params) => {
 			'Content-Security-Policy': "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com; img-src 'self' data: blob:; connect-src 'self'; frame-ancestors 'self'",
 		});
 
-		// Read and send the viewer HTML
-		const viewerPath = path.join(__dirname, 'static', 'viewer.html');
-		fs.readFile(viewerPath, 'utf8', (err, html) => {
-			if (err) {
-				return res.status(500).send('Viewer not found');
-			}
-
-			// Inject the filename and config into the viewer
-			// Also inject CSS to hide uploadOverlay immediately
-			const injectedHtml = html
-				.replace('</head>', `
-					<style>
-						/* Hide upload overlay since PDF will auto-load */
-						#uploadOverlay { display: none !important; }
-					</style>
-					<script>
-						window.PDF_SECURE_CONFIG = {
-							filename: ${JSON.stringify(safeName)},
-							relativePath: ${JSON.stringify(req.app.get('relative_path') || '')},
-							csrfToken: ${JSON.stringify(req.csrfToken ? req.csrfToken() : '')}
-						};
-					</script>
-				</head>`);
-
-			res.type('html').send(injectedHtml);
-		});
+		// Inject the filename, nonce, and key into the cached viewer
+		// Key is embedded in HTML - NOT visible in any network API response!
+		const injectedHtml = viewerHtmlCache
+			.replace('</head>', `
+				<style>
+					/* Hide upload overlay since PDF will auto-load */
+					#uploadOverlay { display: none !important; }
+				</style>
+				<script>
+					window.PDF_SECURE_CONFIG = {
+						filename: ${JSON.stringify(safeName)},
+						relativePath: ${JSON.stringify(req.app.get('relative_path') || '')},
+						csrfToken: ${JSON.stringify(req.csrfToken ? req.csrfToken() : '')},
+						nonce: ${JSON.stringify(nonceData.nonce)},
+						dk: ${JSON.stringify(nonceData.xorKey)}
+					};
+				</script>
+			</head>`);
+
+		res.type('html').send(injectedHtml);
 	});
 };
 
 plugin.addRoutes = async ({ router, middleware, helpers }) => {
-	// Nonce generation endpoint
-	routeHelpers.setupApiRoute(router, 'get', '/pdf-secure/nonce', [middleware.ensureLoggedIn], async (req, res) => {
-		const { file } = req.query;
-		if (!file) {
-			return helpers.formatApiResponse(400, res, new Error('Missing file parameter'));
-		}
-
-		// Sanitize filename
-		const path = require('path');
-		const safeName = path.basename(file);
-		if (!safeName || !safeName.toLowerCase().endsWith('.pdf')) {
-			return helpers.formatApiResponse(400, res, new Error('Invalid file'));
-		}
-
-		// Premium check disabled for testing — everyone gets full PDF
-		const isPremium = true;
-
-		const nonce = nonceStore.generate(req.uid, safeName, isPremium);
-
-		helpers.formatApiResponse(200, res, {
-			nonce: nonce,
-			isPremium: isPremium,
-		});
-	});
+	// Nonce endpoint removed - nonce is now generated in viewer route
+	// This improves security by not exposing any key-related data in API responses
 };
 
 plugin.addAdminNavigation = (header) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nodebb-plugin-pdf-secure",
-  "version": "1.2.3",
+  "version": "1.2.5",
   "description": "Secure PDF viewer plugin for NodeBB - prevents downloading, enables canvas-only rendering with Premium group support",
   "main": "library.js",
   "repository": {

package/static/lib/main.js

@@ -1,11 +1,54 @@
 'use strict';
 
-// Main plugin logic - PDF links become inline embedded viewers with lazy loading
+// Main plugin logic - PDF links become inline embedded viewers with lazy loading + queue
 (async function () {
+	// Loading queue - only load one PDF at a time
+	const loadQueue = [];
+	let isLoading = false;
+	let currentResolver = null;
+
+	// Listen for postMessage from iframe when PDF is fully rendered
+	window.addEventListener('message', function (event) {
+		if (event.data && event.data.type === 'pdf-secure-ready') {
+			console.log('[PDF-Secure] Queue: PDF ready -', event.data.filename);
+			if (currentResolver) {
+				currentResolver();
+				currentResolver = null;
+			}
+		}
+	});
+
+	async function processQueue() {
+		if (isLoading || loadQueue.length === 0) return;
+
+		isLoading = true;
+		const { wrapper, filename, placeholder } = loadQueue.shift();
+
+		try {
+			await loadPdfIframe(wrapper, filename, placeholder);
+		} catch (err) {
+			console.error('[PDF-Secure] Load error:', err);
+		}
+
+		isLoading = false;
+
+		// Small delay between loads
+		setTimeout(processQueue, 200);
+	}
+
+	function queuePdfLoad(wrapper, filename, placeholder) {
+		loadQueue.push({ wrapper, filename, placeholder });
+		processQueue();
+	}
+
 	try {
 		var hooks = await app.require('hooks');
 
 		hooks.on('action:ajaxify.end', function () {
+			// Clear queue on page change
+			loadQueue.length = 0;
+			isLoading = false;
+			currentResolver = null;
 			interceptPdfLinks();
 		});
 	} catch (err) {
@@ -26,7 +69,7 @@
 				var parts = href.split('/');
 				var filename = parts[parts.length - 1];
 
-				// Create container with loading placeholder
+				// Create container
 				var container = document.createElement('div');
 				container.className = 'pdf-secure-embed';
 				container.style.cssText = 'margin:16px 0;border-radius:12px;overflow:hidden;background:#1f1f1f;border:1px solid rgba(255,255,255,0.1);box-shadow:0 4px 20px rgba(0,0,0,0.25);';
@@ -77,15 +120,15 @@
 				iframeWrapper.className = 'pdf-secure-embed-body';
 				iframeWrapper.style.cssText = 'position:relative;width:100%;height:600px;background:#525659;';
 
-				// Loading placeholder
+				// Loading placeholder - ALWAYS VISIBLE until PDF ready (z-index: 10)
 				var loadingPlaceholder = document.createElement('div');
 				loadingPlaceholder.className = 'pdf-loading-placeholder';
-				loadingPlaceholder.style.cssText = 'position:absolute;top:0;left:0;right:0;bottom:0;display:flex;flex-direction:column;align-items:center;justify-content:center;background:#2d2d2d;color:#fff;gap:16px;';
+				loadingPlaceholder.style.cssText = 'position:absolute;top:0;left:0;right:0;bottom:0;display:flex;flex-direction:column;align-items:center;justify-content:center;background:#2d2d2d;color:#fff;gap:16px;z-index:10;transition:opacity 0.3s;';
 				loadingPlaceholder.innerHTML = `
-					<svg viewBox="0 0 24 24" style="width:48px;height:48px;fill:#0078d4;animation:spin 1s linear infinite;">
-						<path d="M12 4V2A10 10 0 0 0 2 12h2a8 8 0 0 1 8-8z"/>
+					<svg viewBox="0 0 24 24" style="width:48px;height:48px;fill:#555;">
+						<path d="M14 2H6c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h12c1.1 0 2-.9 2-2V8l-6-6zm4 18H6V4h7v5h5v11z"/>
 					</svg>
-					<div style="font-size:14px;color:#a0a0a0;">PDF Yükleniyor...</div>
+					<div class="pdf-loading-text" style="font-size:14px;color:#a0a0a0;">Sırada bekliyor...</div>
 					<style>@keyframes spin{from{transform:rotate(0deg)}to{transform:rotate(360deg)}}</style>
 				`;
 				iframeWrapper.appendChild(loadingPlaceholder);
@@ -103,17 +146,28 @@
 
 				link.replaceWith(container);
 
-				// LAZY LOADING with Intersection Observer
+				// LAZY LOADING with Intersection Observer + Queue
 				var observer = new IntersectionObserver(function (entries) {
 					entries.forEach(function (entry) {
 						if (entry.isIntersecting) {
-							// Load iframe only when visible
-							loadPdfIframe(iframeWrapper, filename, loadingPlaceholder);
+							// Update placeholder to show loading state
+							var textEl = loadingPlaceholder.querySelector('.pdf-loading-text');
+							if (textEl) textEl.textContent = 'PDF Yükleniyor...';
+
+							var svgEl = loadingPlaceholder.querySelector('svg');
+							if (svgEl) {
+								svgEl.style.fill = '#0078d4';
+								svgEl.style.animation = 'spin 1s linear infinite';
+								svgEl.innerHTML = '<path d="M12 4V2A10 10 0 0 0 2 12h2a8 8 0 0 1 8-8z"/>';
+							}
+
+							// Add to queue
+							queuePdfLoad(iframeWrapper, filename, loadingPlaceholder);
 							observer.disconnect();
 						}
 					});
 				}, {
-					rootMargin: '200px', // Start loading 200px before visible
+					rootMargin: '200px',
 					threshold: 0
 				});
 
@@ -123,21 +177,48 @@
 	}
 
 	function loadPdfIframe(wrapper, filename, placeholder) {
-		var iframe = document.createElement('iframe');
-		iframe.className = 'pdf-secure-iframe';
-		iframe.style.cssText = 'width:100%;height:100%;border:none;display:block;opacity:0;transition:opacity 0.3s;';
-		iframe.src = config.relative_path + '/plugins/pdf-secure/viewer?file=' + encodeURIComponent(filename);
-		iframe.setAttribute('frameborder', '0');
-		iframe.setAttribute('allowfullscreen', 'true');
-
-		// When iframe loads, fade in and remove placeholder
-		iframe.onload = function () {
-			iframe.style.opacity = '1';
-			if (placeholder && placeholder.parentNode) {
-				placeholder.remove();
-			}
-		};
-
-		wrapper.appendChild(iframe);
+		return new Promise((resolve, reject) => {
+			// Create iframe HIDDEN (z-index: 1, under placeholder)
+			var iframe = document.createElement('iframe');
+			iframe.className = 'pdf-secure-iframe';
+			iframe.style.cssText = 'position:absolute;top:0;left:0;width:100%;height:100%;border:none;z-index:1;';
+			iframe.src = config.relative_path + '/plugins/pdf-secure/viewer?file=' + encodeURIComponent(filename);
+			iframe.setAttribute('frameborder', '0');
+			iframe.setAttribute('allowfullscreen', 'true');
+
+			// Store resolver for postMessage callback
+			currentResolver = function () {
+				// Fade out placeholder, show iframe
+				if (placeholder) {
+					placeholder.style.opacity = '0';
+					setTimeout(function () {
+						if (placeholder.parentNode) {
+							placeholder.remove();
+						}
+					}, 300);
+				}
+				resolve();
+			};
+
+			iframe.onerror = function () {
+				currentResolver = null;
+				if (placeholder) {
+					var textEl = placeholder.querySelector('.pdf-loading-text');
+					if (textEl) textEl.textContent = 'Yükleme hatası!';
+				}
+				reject(new Error('Failed to load iframe'));
+			};
+
+			wrapper.appendChild(iframe);
+
+			// Timeout fallback (60 seconds for large PDFs)
+			setTimeout(function () {
+				if (currentResolver) {
+					console.log('[PDF-Secure] Queue: Timeout, forcing next');
+					currentResolver();
+					currentResolver = null;
+				}
+			}, 60000);
+		});
 	}
 })();