#1341:

* allow xor digest over ssl
* hide insecure password option when using ssl (irrelevant)
* move insecure password option near password, disable password field if not checked

git-svn-id: https://xpra.org/svn/Xpra/trunk@14437 3bb7dfac-3a0b-4e04-842a-767bc560f471

src/html5/connect.html

@@ -53,6 +53,10 @@ <h2 class="form-signin-heading">Xpra HTML5 Client</h2>
 			<label class="sr-only" for="password">Password</label>
 			<input title="Password" type="password" class="form-control" id="password" placeholder="Password" size="16" maxlength="256">
 			<br>
+			<div class="password-warning-box">
+			  	<input type="checkbox" id="insecure"> <span>Insecure plain-text passwords</span>
+			</div>
+
 			<div class="panel-group">
 			  <ul class="list-style-none action">
 				<li><input type="radio" name="action" class="radiobox" value="connect" id="action_connect" checked="checked"> Connect</li>
@@ -208,9 +212,6 @@ <h4 class="panel-title">Advanced options</h4>
 				  <li class="list-group-item">
 				  	<input type="checkbox" id="debug"> <span>Debugging</span>
 				  </li>
-				  <li class="list-group-item">
-				  	<input type="checkbox" id="insecure"> <span>Insecure passwords - Dangerous!</span>
-				  </li>
 				</ul>
 			  </div>
 			</div>
@@ -319,6 +320,7 @@ <h4 class="panel-title">Advanced options</h4>
 
 $(document).ready(function() {
 
+	var ssl = document.location.protocol=="https:";
 	var disconnect_reason = window.location.getParameter("disconnect") || null;
 
 	if(disconnect_reason) {
@@ -334,6 +336,16 @@ <h4 class="panel-title">Advanced options</h4>
 	document.getElementById("port").value = link.port;
 	var username = window.location.getParameter("username") || "";
 	document.getElementById("username").value = username;
+	if(ssl) {
+	   	$('div.password-warning-box').hide();
+	}
+	else {
+	   	$('input#password').prop("disabled", true);
+		var insecure_input = document.getElementById("insecure");
+		insecure_input.onchange = function() {
+   			$('input#password').prop("disabled", !insecure_input.checked);
+		};
+	}
 
 	var action = getparam("action") || "";
 	if(action=="shadow") {
@@ -364,7 +376,7 @@ <h4 class="panel-title">Advanced options</h4>
 		set_exit_actions(action=="connect");
 	}
 	$(document).on('click', '[name="action"]', on_action_change);
-	$('input:radio[value='+action+']').click();
+	$('input:radio[value="'+action+'"]').click();
 
 	var encoding = getparam("encoding") || "jpeg";
 	document.getElementById('encoding').value = encoding;

src/html5/index.html

@@ -236,7 +236,8 @@
 			    client.init();
 
 			    // and connect
-			    client.connect(server, port, false);
+			    var ssl = document.location.protocol=="https:";
+			    client.connect(server, port, ssl);
 
 			    // attach a callback for paste on the screen
 				$('#pasteboard').on('paste', function (e) {

src/html5/js/Client.js

@@ -1252,7 +1252,7 @@ XpraClient.prototype._process_challenge = function(packet, ctx) {
 		hmac.update(salt);
 		challenge_response = hmac.digest().toHex();
 	} else if (digest == "xor") {
-		if((!ctx.encryption) && (!ctx.insecure) && (ctx.host!="localhost") && (ctx.host!="127.0.0.1")) {
+		if((!ctx.ssl) && (!ctx.encryption) && (!ctx.insecure) && (ctx.host!="localhost") && (ctx.host!="127.0.0.1")) {
 			ctx.callback_close("server requested digest xor, cowardly refusing to use it without encryption with "+ctx.host);
 			return;
 		}