From 51c4238584d2d37a32bc78ce3114b8f9f117aef1 Mon Sep 17 00:00:00 2001
From: 1e99 <1e99@1e99.eu>
Date: Mon, 4 Nov 2024 22:52:00 +0100
Subject: [PATCH] move data storage out of query into url hash

---
 static/index.js | 47 +++++++++++++++++++++++++++++++++--------------
 1 file changed, 33 insertions(+), 14 deletions(-)

diff --git a/static/index.js b/static/index.js
index 910827f..a202f10 100644
--- a/static/index.js
+++ b/static/index.js
@@ -62,11 +62,13 @@ const notFoundDialog = {
   close: document.querySelector("button#not-found-close"),
   init() {
     this.dialog.addEventListener("close", (ev) => {
-      window.location.search = "";
+      window.location.hash = "";
+      window.location.reload();
     });
 
     this.close.addEventListener("click", (ev) => {
-      window.location.search = "";
+      window.location.hash = "";
+      window.location.reload();
     });
   },
   show() {
@@ -80,7 +82,8 @@ const viewDialog = {
   close: document.querySelector("button#view-close"),
   init() {
     this.dialog.addEventListener("close", (ev) => {
-      window.location.search = "";
+      window.location.hash = "";
+      window.location.reload();
     });
 
     this.close.addEventListener("click", (ev) => {
@@ -128,10 +131,22 @@ async function viewPassword() {
   try {
     loadingDialog.show();
 
-    const params = new URLSearchParams(window.location.search);
-    const id = params.get("id");
-    const key = params.get("key");
-    const iv = params.get("iv");
+    let id, key, iv;
+
+    // We need to be backwards compatible with old links that still use the query
+    if (window.location.search.trim() != "") {
+      const params = new URLSearchParams(window.location.search);
+      id = params.get("id");
+      key = params.get("key");
+      iv = params.get("iv");
+    } else {
+      // Need to remove leading "#"
+      const hash = window.location.hash.substring(1);
+      const split = hash.split(":");
+      id = split[0];
+      key = split[1];
+      iv = split[2];
+    }
 
     const exists = await hasPassword(id);
     if (!exists) {
@@ -142,7 +157,10 @@ async function viewPassword() {
     const shouldView = await confirmViewDialog.show();
     if (!shouldView) {
       // This is needed for the redirect, otherwise the user won't get redirected
-      setTimeout(() => (window.location.search = ""), 0);
+      setTimeout(() => {
+        window.location.hash = "";
+        window.location.reload();
+      }, 0);
       return;
     }
 
@@ -171,13 +189,8 @@ enterPassword.addEventListener("submit", async (ev) => {
       parseInt(data.get("expires-in")),
     );
 
-    const params = new URLSearchParams();
-    params.set("id", id);
-    params.set("key", password.key);
-    params.set("iv", password.iv);
-
     const url = new URL(window.location);
-    url.search = params.toString();
+    url.hash = [id, password.key, password.iv].join(":");
     urlDialog.show(url.toString());
   } catch (error) {
     errorDialog.show(error);
@@ -193,6 +206,12 @@ notFoundDialog.init();
 viewDialog.init();
 confirmViewDialog.init();
 
+const hash = window.location.hash;
+if (hash.trim() != "") {
+  viewPassword();
+}
+
+// We need to be backwards compatible with the old links
 const query = window.location.search;
 if (query.trim() != "") {
   viewPassword();