Introduce a new `ignore_keys` setting that allows users to prevent
specific keyboard inputs from being forwarded to the remote VNC host
while still allowing the browser/client to handle them locally.
This addresses common UX issues where browser-level shortcuts (e.g.
Escape to exit fullscreen or F11 for fullscreen toggle) are also sent
to the VM, potentially interrupting workflows or triggering unintended
actions.
Key behavior:
- Keys listed in `ignore_keys` are handled locally & not sent to the VM
- Default value is to not ignore any key events
- Supports comma-separated input with whitespace tolerance
- Accepts aliases (e.g. "esc", "ctrl", "cmd") mapped to canonical codes
- Matching is case-insensitive and normalized
Implementation details:
- Centralized supported keys via `supportedIgnoreKeys`
- Added `normalizeIgnoreKey()` to map aliases to canonical codes
- Introduced `wrapRfbSendKey()` to intercept and filter outgoing key
events
- Simplified `keyEvent()` to delegate to `rfb.sendKey`
- Added validation for user input with visual feedback on invalid
entries
- Added dynamic tooltip and placeholder generation from supported
key list
UI changes:
- Added `ignore_keys` input to settings panel
- Added tooltip with supported key examples
- Added inline validation styling for invalid entries
Tests:
- Added coverage for `shouldIgnoreKey()` including aliases,
normalization, whitespace handling, and edge cases
- Added tests for wrapped `sendKey` behavior to ensure filtering works
- Updated `keyEvent()` tests to reflect pass-through behavior
- Added validation and helper function tests
This change improves usability when interacting with fullscreen mode
and other browser-level shortcuts, while remaining backward compatible.
Mainly to keep eslint happy with its new recommended rules. But it also
makes the code more clear to not have unused stuff in it.
The des code got a bit more refactoring since eslint was upset about the
final "i++" as it was technically an unused assignment.
Add tests to for both the `rfb` side (calling into the new wakelock
code), and the new wakelock class (which tracks the desired state and
how to get there).
Dispatch an event on each state transition inside the WakeLockManager.
This gives the unit tests something to synchronise on, allowing us to
write fast, flake-free tests.
Add an error state to the WakeLockManager state machine. This adds a
transition that can be detected from tests (it otherwise serves no
purpose, and the system immediatly transitions back into the released
state).
Add a new configuration option `keep_device_awake` to allow noVNC to
stop the local display from going to sleep. This is especially useful
with view-only sessions.
This new option has been added to the configuration UI, making it easier
for users to configure. When this option is changed at runtime, we will
request/release the wake lock.
We only hold the view lock while connected to a server. We will also
attempt to reacquire the wakelock if we lost it due to a visibility
change (the tab becoming inactive, or during the transition into/from
fullscreen).
All existing unittests have been run, and the change has been manually
tested in Firefox 145. Additional tests will be added later.
Node 24 comes with npm > 11.5.1 which we need in order to publish with
OIDC auth.
This also reverts the change in commit e03a54e, which broke the
publishing step.
With async clipboard available, the fallback clipboard textarea adds
mostly confusion. If async clipboard is out right denied, users most
likely don't want to see any clipboard activity.
Our snap package requires bash to run novnc_proxy, but it doesn't
explicitly set a requirement for the which command to be installed.
Let's therefore use a bash built-in when looking for the websockify
binary.
Some encodings don't know how much data they need, rather they must
probe the data stream until they find an end marker. Expose how much
data is buffered in order to make this search efficient.
Taylor Jasko