v0.9.13

- wtv-cookie support
 - further development will be in dev branch (may rebase alot)
 - compression not yet ready, leave it disabled
 - update: do not delete WTVSec on last socket, instead recreate on prereg
 - update: clean up SSID session data only if client is not seen for 3 minutes
 - update: add shouldWeCompress() function
 - update: tweak lzpf (still corrupted)
 - update: rename wtv-setup:/get to wtv-setup:/get-settings
 - update: add additional headers to wtv-setup:/get-settings
 - update: add initial blank wtv-music:/get-playlist
 - update wtv-tricks system
   - Info now shows Guest Mode or Subscriber Info
   - Implemented wtv-tricks:/unregister
   - Implemented wtv-tricks:/register
   - Show correct link in wtv-tricks:/tricks based on Guest Mode status
 - config.json: enable compression by default
 - WTVP does not use \r, so swapping the internal header's usage for now. May remove internal header in future update
 - lzpf: this doesn't fix anything but doesn't break it more either :)
  - renamed some functions
  - fixed some param documentation
  - added ConvertToBuffer function
 - WTVSec Updates
  - optimize WordArray to Buffer functions
  - update documentation in WTVSec
  - update WTVSec barrowed function in WTVLzpf
  - removed NewRC4Session, was a pointless alias to SecureOn

zefie_wtvp_minisrv/ServiceVault/wtv-1800/preregister.js

@@ -1,45 +1,45 @@
-var gourl = "wtv-head-waiter:/login?";
+	var gourl = "wtv-head-waiter:/login?";
 
-if (socket.ssid) {
-	if (ssid_sessions[socket.ssid].loadSessionData() == true) {
-		console.log(" * Loaded session data from disk for", filterSSID(socket.ssid))
-		ssid_sessions[socket.ssid].setSessionData("registered", (ssid_sessions[socket.ssid].getSessionData("registered") == true) ? true : false);
+	if (socket.ssid) {
+		if (ssid_sessions[socket.ssid].loadSessionData() == true) {
+			console.log(" * Loaded session data from disk for", filterSSID(socket.ssid))
+			ssid_sessions[socket.ssid].setSessionData("registered", (ssid_sessions[socket.ssid].getSessionData("registered") == true) ? true : false);
+		} else {
+			ssid_sessions[socket.ssid].session_data = {};
+			ssid_sessions[socket.ssid].setSessionData("registered", false);
+		}
+		if (ssid_sessions[socket.ssid].data_store) {
+			if (ssid_sessions[socket.ssid].data_store.sockets) {
+				var i = 0;
+				ssid_sessions[socket.ssid].data_store.sockets.forEach(function (k) {
+					if (typeof k != "undefined") {
+						if (k != socket) {
+							k.destroy();
+							ssid_sessions[socket.ssid].data_store.sockets.delete(k);
+							i++;
+						}
+					}
+				});
+				if (i > 0 && zdebug) console.log(" # Closed", i, "previous sockets for", filterSSID(socket.ssid));
+			}
+		}
+		if (ssid_sessions[socket.ssid].data_store.wtvsec_login) {
+			if (zdebug) console.log(" # Recreating primary WTVSec login instance for", filterSSID(socket.ssid));
+			delete ssid_sessions[socket.ssid].data_store.wtvsec_login;
+		}
+
+		ssid_sessions[socket.ssid].data_store.wtvsec_login = new WTVSec();
+		ssid_sessions[socket.ssid].data_store.wtvsec_login.IssueChallenge();
+		ssid_sessions[socket.ssid].data_store.wtvsec_login.set_incarnation(request_headers["wtv-incarnation"] || 1);
 	} else {
-		ssid_sessions[socket.ssid].session_data = {};
-		ssid_sessions[socket.ssid].setSessionData("registered", false);
+		console.log(" * Something bad happened (we don't know the client ssid???)");
+		var errpage = doErrorPage(400)
+		headers = errpage[0];
+		data = errpage[1];
 	}
-    if (ssid_sessions[socket.ssid].data_store) {
-        if (ssid_sessions[socket.ssid].data_store.sockets) {
-            var i = 0;
-            ssid_sessions[socket.ssid].data_store.sockets.forEach(function (k) {
-                if (typeof k != "undefined") {
-                    if (k != socket) {
-                        k.destroy();
-                        ssid_sessions[socket.ssid].data_store.sockets.delete(k);
-                        i++;
-                    }
-                }
-            });
-			if (i > 0 && zdebug) console.log(" # Closed", i, "previous sockets for", filterSSID(socket.ssid));
-        }
-    }
-	if (ssid_sessions[socket.ssid].data_store.wtvsec_login) {
-		if (zdebug) console.log(" # Recreating primary WTVSec login instance for", filterSSID(socket.ssid));
-        delete ssid_sessions[socket.ssid].data_store.wtvsec_login;
-    }
 
-	ssid_sessions[socket.ssid].data_store.wtvsec_login = new WTVSec();
-	ssid_sessions[socket.ssid].data_store.wtvsec_login.IssueChallenge();
-	ssid_sessions[socket.ssid].data_store.wtvsec_login.set_incarnation(request_headers["wtv-incarnation"] || 1);
-} else {
-	console.log(" * Something bad happened (we don't know the client ssid???)");
-	var errpage = doErrorPage(400)
-	headers = errpage[0];
-	data = errpage[1];
-}
-
-if (request_headers.query.relogin && ssid_sessions[socket.ssid].getSessionData("registered")) gourl += "relogin=true";
-if (request_headers.query.reconnect && ssid_sessions[socket.ssid].getSessionData("registered")) gourl += "reconnect=true";
+	if (request_headers.query.relogin && ssid_sessions[socket.ssid].getSessionData("registered")) gourl += "relogin=true";
+	if (request_headers.query.reconnect && ssid_sessions[socket.ssid].getSessionData("registered")) gourl += "reconnect=true";
 
 if (ssid_sessions[socket.ssid].data_store.wtvsec_login) {
 	var prereg_contype = "text/html";
@@ -53,11 +53,11 @@ if (ssid_sessions[socket.ssid].data_store.wtvsec_login) {
 	var file_path = null;
 	var bf0app_update = false;
 	var romtype = ssid_sessions[socket.ssid].get("wtv-client-rom-type");
-	var send_tellyscripts = (minisrv_config.services[service_name].send_tellyscripts && !request_headers.query.relogin);
+	var send_tellyscript = (minisrv_config.services[service_name].send_tellyscripts && !request_headers.query.relogin);
 	var wtv_script_id = parseInt(ssid_sessions[socket.ssid].get("wtv-script-id"));
-	var	bootrom = ssid_sessions[socket.ssid].get("wtv-client-bootrom-version");
-	if ((request_headers.query.reconnect || request_headers.query.relogin) && wtv_script_id != 0) send_tellyscripts = false;
-	if (send_tellyscripts) {
+	var bootrom = ssid_sessions[socket.ssid].get("wtv-client-bootrom-version");
+	if ((request_headers.query.reconnect || request_headers.query.relogin) && wtv_script_id != 0) send_tellyscript = false;
+	if (send_tellyscript) {
 		if (minisrv_config.services[service_name].send_tellyscript_ssid_whitelist) {
 			var send_telly_to_ssid = (minisrv_config.services[service_name].send_tellyscript_ssid_whitelist.findIndex(element => element == socket.ssid) != -1)
 			if (send_telly_to_ssid) {
@@ -101,7 +101,7 @@ if (ssid_sessions[socket.ssid].data_store.wtvsec_login) {
 		}
 	}
 
-	
+
 	if (!request_headers['wtv-client-rom-type'] && bootrom == "105") {
 		// assume old classic in flash mode, override user setting and send tellyscript
 		// because it is required to proceed in flash mode
@@ -110,17 +110,23 @@ if (ssid_sessions[socket.ssid].data_store.wtvsec_login) {
 		var bf0app_update = true;
 		ssid_sessions[socket.ssid].set("bf0app_update", bf0app_update);
 	}
-	
+
 	if (request_headers["wtv-ticket"] && !request_headers.query.reconnect) {
 		gourl = "wtv-head-waiter:/login-stage-two?relogin=true";
 	}
 
 	if (request_headers.query.reconnect) {
 		gourl = null;
-    }
+	}
 
 	if (!file_path != null && !zquiet) console.log(" * Sending TellyScript", file_path, "on socket", socket.id);
 
+	if (request_headers.query.guest_login) {
+		send_tellyscript = false;
+		gourl += "&guest_login=true"
+		if (request_headers.query.skip_splash) gourl += "&skip_splash=true";
+	}
+
 	headers = "200 OK\n"
 	if (bf0app_update) headers += "minisrv-use-carriage-return: false\n";
 	headers += "Connection: Keep-Alive\n";
@@ -134,10 +140,14 @@ if (ssid_sessions[socket.ssid].data_store.wtvsec_login) {
 
 	if (bf0app_update) headers += getServiceString('wtv-star', { "no_star_word": true }) + "\n";
 	else headers += getServiceString('wtv-star') + "\n";
-	if (request_headers.query.reconnect && !ssid_sessions[socket.ssid].session_data.registered) headers += getServiceString('wtv-register') + "\n";
+	if (request_headers.query.reconnect && !ssid_sessions[socket.ssid].getSessionData("registered")) headers += getServiceString('wtv-register') + "\n";
 	headers += getServiceString('wtv-flashrom') + "\n";
 	if (bf0app_update) headers += "wtv-boot-url: " + gourl + "\n";
-	else headers += "wtv-boot-url: wtv-1800:/preregister?relogin=true\n";
+	else {
+		headers += "wtv-boot-url: wtv-1800:/preregister?relogin=true";
+		if (request_headers.query.guest_login) headers += "&guest_login=true";
+		headers += "\n";
+	}
 	if (gourl != null) headers += "wtv-visit: " + gourl + "\n";
 	if (!bf0app_update && ssid_sessions[socket.ssid].get("wtv-open-access")) headers += "wtv-open-isp-disabled: false\n";
 	headers += "wtv-client-time-zone: GMT -0000\n";

zefie_wtvp_minisrv/ServiceVault/wtv-cookie/add.js

@@ -1,7 +1,7 @@
 if (socket.ssid) {
     if (request_headers.post_data) {
         if (ssid_sessions[socket.ssid]) {
-            ssid_sessions[socket.ssid].addCookie(cookie_data);
+            ssid_sessions[socket.ssid].addCookie(request_headers.query.domain,request_headers.query.path,request_headers.query.expires,request_headers.query.cookie);
             headers = "200 OK\n";
             headers += "Content-Type: text/html";            
         }

zefie_wtvp_minisrv/ServiceVault/wtv-cookie/get.js

@@ -2,8 +2,7 @@ if (request_headers.post_data) {
     if (request_headers.query.domain && request_headers.query.path) {
         if (socket.ssid) {
             if (ssid_sessions[socket.ssid]) {
-
-                data = ssid_sessions[socket.ssid].getCookieString(unescape(request_headers.query.domain), unescape(request_headers.query.path));
+                data = ssid_sessions[socket.ssid].getCookieString(request_headers.query.domain, request_headers.query.path);
                 headers = "200 OK\n";
                 headers += "Content-Type: text/plain";
             }

zefie_wtvp_minisrv/ServiceVault/wtv-cookie/reset.js

@@ -0,0 +1,25 @@
+if (socket.ssid) {
+    if (ssid_sessions[socket.ssid]) {
+        ssid_sessions[socket.ssid].resetCookies();
+        headers = "200 OK\n";
+        headers += "Content-Type: text/html";
+        data = `<html>
+<head>
+<display fontsize=medium>
+<title>Cookies cleared!</title>
+<meta http-equiv=Refresh content="3; url=client:goback?">
+</head>
+<body bgcolor="#000000" text="gold" link="gold" alink="gold" vlink="gold">
+<br><br>
+Your cookies have successfully been cleared!<br>
+Redirecting shortly... <a href="client:goback">Go Back</a>
+</body>
+</html>`;
+    }
+}
+
+if (!headers) {
+    var errpage = doErrorPage(400)
+    headers = errpage[0];
+    data = errpage[1];
+}

zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/current-noflash.js

@@ -11,7 +11,7 @@ var default_build_to_send = minisrv_config.services[service_name].bf0app_default
 
 var request_path = "";
 var bf0app_update = true;
-if (request_headers.query.path) request_path = unescape(request_headers.query.path);
+if (request_headers.query.path) request_path = request_headers.query.path;
 else request_path = default_build_to_send;
 
 if (ssid_sessions[socket.ssid].get("wtv-client-rom-type") == "bf0app" && ssid_sessions[socket.ssid].get("wtv-client-bootrom-version") == "105") {
@@ -22,7 +22,7 @@ if (ssid_sessions[socket.ssid].get("wtv-client-rom-type") == "bf0app" && ssid_se
 }
 
 if (!ssid_sessions[socket.ssid].data_store.WTVFlashrom) {
-	ssid_sessions[socket.ssid].data_store.WTVFlashrom = new WTVFlashrom(service_vaults, service_name, minisrv_config.services[service_name].use_zefie_server, bf0app_update);
+	ssid_sessions[socket.ssid].data_store.WTVFlashrom = new WTVFlashrom(service_vaults, service_name, minisrv_config.services[service_name].use_zefie_server, bf0app_update, minisrv_config.services[service_name].debug);
 }
 
 ssid_sessions[socket.ssid].data_store.WTVFlashrom.getFlashRom(request_path, function (data, headers) {

zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/get-by-path.js

@@ -2,7 +2,7 @@ const WTVFlashrom = require("./WTVFlashrom.js");
 request_is_async = true;
 
 var bf0app_update = false;
-var request_path = unescape(request_headers.query.path);
+var request_path = request_headers.query.path;
 var romtype = ssid_sessions[socket.ssid].get("wtv-client-rom-type");
 var bootver = ssid_sessions[socket.ssid].get("wtv-client-bootrom-version")
 
@@ -15,7 +15,7 @@ if ((romtype == "bf0app" || !romtype) && (bootver == "105" || !bootver)) {
 
 if (request_headers.query.raw || bf0app_update) {
 	if (!ssid_sessions[socket.ssid].data_store.WTVFlashrom) {
-		ssid_sessions[socket.ssid].data_store.WTVFlashrom = new WTVFlashrom(service_vaults, service_name, minisrv_config.services[service_name].use_zefie_server, bf0app_update);
+		ssid_sessions[socket.ssid].data_store.WTVFlashrom = new WTVFlashrom(service_vaults, service_name, minisrv_config.services[service_name].use_zefie_server, bf0app_update, minisrv_config.services[service_name].debug);
 	}
 
 	ssid_sessions[socket.ssid].data_store.WTVFlashrom.getFlashRom(request_path, function (data, headers) {

zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/get-lc2-page.js

@@ -8,8 +8,8 @@ if (!request_headers.query.path) {
 	headers = errpage[0];
 	data = errpage[1];
 } else {	
-	var wtvflashrom = new WTVFlashrom(service_vaults, service_name, minisrv_config.services[service_name].use_zefie_server);
-	var request_path = unescape(request_headers.query.path);
+	var wtvflashrom = new WTVFlashrom(service_vaults, service_name, minisrv_config.services[service_name].use_zefie_server, minisrv_config.services[service_name].debug);
+	var request_path = request_headers.query.path;
 
 	// read flashrom header info into array using WTVFlashrom class	
 	wtvflashrom.getFlashromMeta(request_path, function (data) {

zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/noflash.js

@@ -11,7 +11,7 @@ var default_build_to_send = minisrv_config.services[service_name].bf0app_default
 
 var request_path = "";
 var bf0app_update = true;
-if (request_headers.query.path) request_path = unescape(request_headers.query.path);
+if (request_headers.query.path) request_path = request_headers.query.path;
 else request_path = default_build_to_send;
 
 if (ssid_sessions[socket.ssid].get("wtv-client-rom-type") == "bf0app" && ssid_sessions[socket.ssid].get("wtv-client-bootrom-version") == "105") {
@@ -22,7 +22,7 @@ if (ssid_sessions[socket.ssid].get("wtv-client-rom-type") == "bf0app" && ssid_se
 }
 
 if (!ssid_sessions[socket.ssid].data_store.WTVFlashrom) {
-	ssid_sessions[socket.ssid].data_store.WTVFlashrom = new WTVFlashrom(service_vaults, service_name, 0, minisrv_config.services[service_name].use_zefie_server, bf0app_update);
+	ssid_sessions[socket.ssid].data_store.WTVFlashrom = new WTVFlashrom(service_vaults, service_name, 0, minisrv_config.services[service_name].use_zefie_server, bf0app_update, minisrv_config.services[service_name].debug);
 }
 
 ssid_sessions[socket.ssid].data_store.WTVFlashrom.getFlashRom(request_path, function (data, headers) {

zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js

@@ -12,39 +12,33 @@ if (socket.ssid != null && !ssid_sessions[socket.ssid].get("wtvsec_login")) {
 
 if (socket.ssid !== null) {
 	if (wtvsec_login.ticket_b64 == null) {
-		if (request_headers["wtv-ticket"]) {
-			if (request_headers["wtv-ticket"].length > 8) {
-				wtvsec_login.DecodeTicket(request_headers["wtv-ticket"]);
-				wtvsec_login.ticket_b64 = request_headers["wtv-ticket"];
+		challenge_response = wtvsec_login.challenge_response;
+		var client_challenge_response = request_headers["wtv-challenge-response"] || null;
+		if (challenge_response && client_challenge_response) {
+			if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
+				console.log(" * wtv-challenge-response success for " + filterSSID(socket.ssid));
+				wtvsec_login.PrepareTicket();
+
+			} else {
+				console.log(" * wtv-challenge-response FAILED for " + filterSSID(socket.ssid));
+				if (zdebug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
+				if (zdebug) console.log("Response Received:", client_challenge_response)
+				gourl = "wtv-head-waiter:/login?reissue_challenge=true";
 			}
 		} else {
-			challenge_response = wtvsec_login.challenge_response;
-			var client_challenge_response = request_headers["wtv-challenge-response"] || null;
-			if (challenge_response && client_challenge_response) {		
-				if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
-					console.log(" * wtv-challenge-response success for " + filterSSID(socket.ssid));
-					wtvsec_login.PrepareTicket();
-					if (!ssid_sessions[socket.ssid].getSessionData("registered")) gourl = "wtv-register:/splash";
-
-				} else {
-					console.log(" * wtv-challenge-response FAILED for " + filterSSID(socket.ssid));
-					if (zdebug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
-					if (zdebug) console.log("Response Received:", client_challenge_response)
-					gourl = "wtv-head-waiter:/login?reissue_challenge=true";
-				}
-			} else {
-				gourl = "wtv-head-waiter:/login?no_response=true";
-			}
+			gourl = "wtv-head-waiter:/login?no_response=true";
 		}
 	}
 }
 
+if (!ssid_sessions[socket.ssid].getSessionData("registered") && (!request_headers.query.guest_login || !minisrv_config.config.allow_guests)) gourl = "wtv-register:/splash";
+
 if (gourl) {
 	headers = `200 OK
 Connection: Close
 wtv-open-isp-disabled: false
 `;
-	if (!ssid_sessions[socket.ssid].session_data.registered && !request_headers.query.guest_mode) {
+	if (!ssid_sessions[socket.ssid].getSessionData("registered") && (!request_headers.query.guest_login || !minisrv_config.config.allow_guests)) {
 		headers += `wtv-encrypted: true
 wtv-ticket: ${wtvsec_login.ticket_b64}
 ${getServiceString('wtv-register')}
@@ -58,14 +52,15 @@ Content-type: text/html`;
 	data = '';
 }
 else {
-	if (request_headers.query.guest_mode) {
+	if (request_headers.query.guest_login && minisrv_config.config.allow_guests) {
 		var namerand = Math.floor(Math.random() * 100000);
 		var nickname = (minisrv_config.config.service_name + '_' + namerand)
 		var human_name = nickname;
 		var userid = '1' + Math.floor(Math.random() * 1000000000000000000);
 		var messenger_enabled = 0;
 		var messenger_authorized = 0;
-		var home_url = "wtv-home:/home?";
+		if (request_headers.query.skip_splash) var home_url = "wtv-home:/home?";
+		else var home_url = "wtv-home:/splash?";
 	} else if (!ssid_sessions[socket.ssid].getSessionData("registered")) {
 		var errpage = doErrorPage(400);
 		headers = errpage[0];
@@ -99,7 +94,7 @@ wtv-messenger-authorized: ${messenger_authorized}
 wtv-messenger-enable: ${messenger_enabled}
 wtv-noback-all: wtv-
 wtv-service: reset
-`+ getServiceString('all', { "exceptions": ["wtv-register"] } ) + `
+`+ getServiceString('all', { "exceptions": ["wtv-register"] }) + `
 user-id: ${userid}
 wtv-human-name: ${human_name}
 ${ssid_sessions[socket.ssid].setIRCNick(nickname)}
@@ -111,15 +106,36 @@ wtv-input-timeout: 14400
 wtv-connection-timeout: 90
 wtv-fader-timeout: 900
 wtv-smartcard-inserted-message: Contacting service
+user-id: ${userid}
+wtv-transition-override: off
+wtv-allow-dsc: true
+wtv-messenger-enable: 0
+wtv-noback-all: wtv-
+wtv-service: reset
+`+ getServiceString('all') + `
+wtv-boot-url: wtv-1800:/preregister?relogin=true
+wtv-human-name: ${nickname}
+${ssid_sessions[socket.ssid].setIRCNick(nickname)}
+wtv-home-url: wtv-home:/home?`
+	if (ssid_sessions[socket.ssid].get('wtv-need-upgrade') != 'true' && !request_headers.query.reconnect) {
+		headers += "\nwtv-settings-url: wtv-setup:/get-settings";
+	}
+headers += `
+wtv-domain: wtv.zefie.com
 wtv-inactive-timeout: 0
 wtv-connection-timeout: 90
 wtv-show-time-enabled: true
 wtv-fader-timeout: 900
-wtv-tourist-enabled: true
-wtv-boot-url: wtv-1800:/preregister?relogin=true
-wtv-allow-dsc: true
-wtv-home-url: wtv-home:/home?
-`
+wtv-tourist-enabled: true`
+	headers += "\nwtv-relogin-url: wtv-1800:/preregister?relogin=true";
+	if (request_headers.query.guest_login) headers += "&guest_login=true";
+	headers += "\nwtv-reconnect-url: wtv-1800:/preregister?reconnect=true";
+	if (request_headers.query.guest_login) headers += "&guest_login=true";
+	headers += "\nwtv-boot-url: wtv-1800:/preregister?relogin=true";
+	if (request_headers.query.guest_login) headers += "&guest_login=true";
+	headers += "\nwtv-allow-dsc: true";
+	headers += "\nwtv-home-url: wtv-home:/home?";
+
 	if (ssid_sessions[socket.ssid].get('wtv-need-upgrade') != 'true' && !request_headers.query.reconnect) {
 		headers += "\nwtv-settings-url: wtv-setup:/get";
 	}

zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js

@@ -2,7 +2,14 @@ var challenge_response, challenge_header = "";
 
 var gourl = "wtv-head-waiter:/login-stage-two?";
 if (request_headers.query.relogin) gourl += "relogin=true";
-if (request_headers.query.reconnect) gourl += "reconnect=true";
+else if (request_headers.query.reconnect) gourl += "reconnect=true";
+
+if (request_headers.query.guest_login) {
+	if (request_headers.query.relogin || request_headers.query.reconnect) gourl += "&";
+	gourl += "guest_login=true";
+	if (request_headers.query.skip_splash) gourl += "&skip_splash=true";
+}
+
 var send_to_relogin = true;
 
 if (socket.ssid) {

zefie_wtvp_minisrv/ServiceVault/wtv-home/home.js

@@ -4,7 +4,7 @@ wtv-expire-all: wtv-home:/splash
 wtv-expire-all: wtv-flashrom:
 Content-type: text/html`
 
-if (request_headers.query.url) headers += "\nwtv-visit: " + unescape(request_headers.query.url);
+if (request_headers.query.url) headers += "\nwtv-visit: " + request_headers.query.url;
 
 if (ssid_sessions[socket.ssid].get('box-does-psuedo-encryption')) {
 	var cryptstatus = "<a href='client:showalert?message=Your%20WebTV%20Unit%20sent%20us%20a%20request%20for%20SECURE%20ON%2C%20but%20did%20not%20encrypt%20any%20data%2C%20nor%20will%20accept%20it.%20However%2C%20we%20send%20the%20wtv-encryption%20flag%20to%20roll%20with%20it%2C%20enabling%20%27psuedo-encryption%27.%20Nothing%20is%20encrypted%2C%20but%20the%20box%20trusts%20us.%20This%20will%20probably%20go%20away%20if%20you%20reload%20or%20change%20pages.&buttonaction1=client:donothing&buttonlabel1=Oh%2C%20okay...'>Psuedo-encrypted</a>";
@@ -24,7 +24,10 @@ function go() {
 	location.href=document.access.url.value;
 }
 </script>
-<h4>Welcome to `+ z_title + `</h4>
+<b>Welcome to `+ z_title + `</b><br>
+`;
+if (minisrv_config.config.git_commit) data += "<small><i>" + "&nbsp; ".repeat(32) + "git revision " + minisrv_config.config.git_commit + "</i></small><br>";
+data += `
 <b>Encryption Status</b>: ${cryptstatus}<br>
 <b>Connection Speed</b>: &rate;
 <p>
@@ -53,7 +56,7 @@ if (ssid_sessions[socket.ssid].hasCap("client-can-do-javascript")) {
 	data += `<li><input name=url `;
 
 	if (request_headers.query.url) {
-		data += "value='" + unescape(request_headers.query.url) + "'";
+		data += "value='" + request_headers.query.url + "'";
 	}
 
 	data += `width=250  height=10 bgcolor=#444444 text=#ffdd33 cursor=#cc9933>

zefie_wtvp_minisrv/ServiceVault/wtv-home/splash.js

@@ -24,9 +24,7 @@ data = `<html>
 Mini service
 <tr><td>
 zefie minisrv v${minisrv_config.version}`;
-if (getGitRevision()) {
-    data += " (git " + getGitRevision().substring(0, 8) + ")";
-}
+if (minisrv_config.config.git_commit) data += " (git " + minisrv_config.config.git_commit + ")";
 data += `
 <tr><td>&rate;
 </table>

zefie_wtvp_minisrv/ServiceVault/wtv-log/log.js

@@ -15,7 +15,7 @@ Content-length: 0`;
 
     var logdata_outstring = '';
     Object.keys(request_headers.query).forEach(function (k) {
-        logdata_outstring += k + "=" + unescape(request_headers.query[k].toString()) + "\r\n";
+        logdata_outstring += k + "=" + request_headers.query[k].toString() + "\r\n";
     });
     logdata_outstring += "\r\n";
     var logdata_outstring_hex = Buffer.from(logdata_outstring, 'utf8').toString('hex');
@@ -36,7 +36,7 @@ Content-length: 0`;
 
     var logdata_outstring = '';
     Object.keys(request_headers.query).forEach(function (k) {
-        logdata_outstring += k + "=" + unescape(request_headers.query[k].toString()) + "\r\n";
+        logdata_outstring += k + "=" + request_headers.query[k].toString() + "\r\n";
     });
     var logdata_outstring_hex = Buffer.from(logdata_outstring, 'utf8').toString('hex');
     if (minisrv_config.services[service_name].write_logs_to_disk) {

zefie_wtvp_minisrv/ServiceVault/wtv-music/get-playlist.js

@@ -31,4 +31,6 @@ wtv-backgroundmusic-add: wtv-music:/MusicCache/headspace/RMF/underground/renegad
 wtv-backgroundmusic-add: wtv-music:/MusicCache/headspace/RMF/moods/affectionate.rmf
 wtv-backgroundmusic-add: wtv-music:/MusicCache/headspace/RMF/moods/sociable.rmf`;
 
-*/
+*/
+
+data = '';

zefie_wtvp_minisrv/ServiceVault/wtv-register/BeMyGuest.js

@@ -0,0 +1,26 @@
+if (minisrv_config.config.allow_guests) {
+    headers = `300 Moved
+Connection: Close
+wtv-noback-all: wtv-register:
+wtv-expire-all: wtv-`;
+    if (socket.ssid) {
+        if (ssid_sessions[socket.ssid]) {
+            if (ssid_sessions[socket.ssid].data_store) {
+                if (ssid_sessions[socket.ssid].data_store.wtvsec_login) {
+                    headers += "\nwtv-ticket: " + ssid_sessions[socket.ssid].data_store.wtvsec_login.ticket_b64;
+                }
+            }
+        }
+    }
+    headers += `
+wtv-service: reset
+${getServiceString('wtv-1800')}
+wtv-relogin-url: wtv-1800:/preregister?guest_login=true&skip_splash=true
+wtv-reconnect-url: wtv-1800:/preregister?guest_login=true&reconnect=true
+wtv-boot-url: wtv-1800:/preregister?guest_login=true
+Location: client:relogin`;
+} else {
+    var errpage = doErrorPage(400, "Guest mode is not enabled on this service.");
+    headers = errpage[0];
+    data = errpage[1];
+}

zefie_wtvp_minisrv/ServiceVault/wtv-register/ValidateAccountInfo.js

@@ -10,9 +10,9 @@ if (!request_headers.query.registering) {
     if (!request_headers.query.registering) errpage = doErrorPage(400);
     else if (!request_headers.query.subscriber_name) errpage = doErrorPage(400, "Please enter your name. This can be your real name, or your well-known online alias.");
     else if (!request_headers.query.subscriber_username) errpage = doErrorPage(400, "Please enter a username.");
-    else if (unescape(request_headers.query.subscriber_username).length < 5) errpage = doErrorPage(400, "Please choose a username with 5 or more characters.");
-    else if (unescape(request_headers.query.subscriber_username).length > 16) errpage = doErrorPage(400, "Please choose a username with 16 or less characters.");
-    else if (!WTVRegister.checkUsernameSanity(unescape(request_headers.query.subscriber_username))) errpage = doErrorPage(400, "The username you have chosen contains invalid characters. Please choose a username with only <b>letters</b>, <b>numbers</b>, <b>_</b> or <b>-</b>. Also, please be sure your username begins with a letter.");
+    else if (request_headers.query.subscriber_username.length < 5) errpage = doErrorPage(400, "Please choose a username with 5 or more characters.");
+    else if (request_headers.query.subscriber_username.length > 16) errpage = doErrorPage(400, "Please choose a username with 16 or less characters.");
+    else if (!WTVRegister.checkUsernameSanity(request_headers.query.subscriber_username)) errpage = doErrorPage(400, "The username you have chosen contains invalid characters. Please choose a username with only <b>letters</b>, <b>numbers</b>, <b>_</b> or <b>-</b>. Also, please be sure your username begins with a letter.");
     else if (!WTVRegister.checkUsernameAvailable(request_headers.query.subscriber_username, ssid_sessions)) errpage = doErrorPage(400, "The username you have selected is already in use. Please select another username.");
     else if (!request_headers.query.subscriber_contact) errpage = doErrorPage(400, "Please enter your contact information.");
     else if (request_headers.query.subscriber_contact_method == "") errpage = doErrorPage(400, "Please select the type of contact information you provided.");
@@ -64,10 +64,10 @@ Review account info
 <td border=0 abswidth=40 bgcolor="#171726" rowspan="6" >
 <form ACTION="ValidateReviewAccountInfo" ENCTYPE="x-www-form-encoded" METHOD="POST">
 <input type=hidden name=registering value="true">
-<input type=hidden name=subscriber_name value="${unescape(request_headers.query.subscriber_name)}">
-<input type=hidden name=subscriber_username value="${unescape(request_headers.query.subscriber_username)}">
-<input type=hidden name=subscriber_contact value="${unescape(request_headers.query.subscriber_contact)}">
-<input type=hidden name=subscriber_contact_method value="${unescape(request_headers.query.subscriber_contact_method)}">
+<input type=hidden name=subscriber_name value="${request_headers.query.subscriber_name}">
+<input type=hidden name=subscriber_username value="${request_headers.query.subscriber_username}">
+<input type=hidden name=subscriber_contact value="${request_headers.query.subscriber_contact}">
+<input type=hidden name=subscriber_contact_method value="${request_headers.query.subscriber_contact_method}">
 <td height=50 width= 300 bgcolor="#171726" colspan=6 valign=top align=left>
 Here is your account information. If you need to<br>
 correct an item, press <b>Back</b>.
@@ -76,24 +76,24 @@ correct an item, press <b>Back</b>.
 <td width=260 valign=top align=left colspan=4>
 <table cellspacing=0 cellpadding=0 border=0 >
 	<img src="images/arrow.gif">&nbsp;&nbsp;<font size=-2><b>NAME</b></font><br>
-<tt><font color=#d1d3d3 size=-2><spacer type=horizontal size=17> ${unescape(request_headers.query.subscriber_name)}</font></tt></a>
+<tt><font color=#d1d3d3 size=-2><spacer type=horizontal size=17> ${request_headers.query.subscriber_name}</font></tt></a>
 </table>
 <p>
 <table cellspacing=0 cellpadding=0 border=0> 
 <img src="images/arrow.gif">&nbsp;&nbsp;<font size=-2><b>CONTACT</b></font><br>
-<tt><font color=#d1d3d3 size=-2><spacer type=horizontal size=17> ${unescape(request_headers.query.subscriber_contact)}</font></tt></a>
+<tt><font color=#d1d3d3 size=-2><spacer type=horizontal size=17> ${request_headers.query.subscriber_contact}</font></tt></a>
 </table>
 </TD>
 <td abswidth=200 bgcolor=#171726 valign=top align=left>
 <table cellspacing=0 cellpadding=0 border=0> <TR><TD>
 <img src="images/arrow.gif"><font size=-2>&nbsp;&nbsp;<b>USERNAME</b></font><br>
 <tr><td maxlines=1 >
-<tt><font color=#d1d3d3><spacer type=horizontal size=17>${unescape(request_headers.query.subscriber_name)}</font></tt></a>
+<tt><font color=#d1d3d3><spacer type=horizontal size=17>${request_headers.query.subscriber_name}</font></tt></a>
 </table>
 <p>
 <table cellspacing=0 cellpadding=0 border=0>
 	<img src="images/arrow.gif">&nbsp;&nbsp;<font size=-2><b>CONTACT TYPE</b></font><br>
-<tt><font color=#d1d3d3 size=-2><spacer type=horizontal size=17>${unescape(request_headers.query.subscriber_contact_method)}</font></tt>
+<tt><font color=#d1d3d3 size=-2><spacer type=horizontal size=17>${request_headers.query.subscriber_contact_method}</font></tt>
 </table> <P>&nbsp;<P>&nbsp;
 <td abswidth=20 bgcolor=#171726 >
 </tr>

zefie_wtvp_minisrv/ServiceVault/wtv-register/ValidateReviewAccountInfo.js

@@ -11,10 +11,10 @@ if (!request_headers.query.registering ||
     headers = errpage[0];
     data = errpage[1];
 } else {
-    ssid_sessions[socket.ssid].setSessionData("subscriber_name", unescape(request_headers.query.subscriber_name));
-    ssid_sessions[socket.ssid].setSessionData("subscriber_username", unescape(request_headers.query.subscriber_username));
-    ssid_sessions[socket.ssid].setSessionData("subscriber_contact", unescape(request_headers.query.subscriber_contact));
-    ssid_sessions[socket.ssid].setSessionData("subscriber_contact_method", unescape(request_headers.query.subscriber_contact_method));
+    ssid_sessions[socket.ssid].setSessionData("subscriber_name", request_headers.query.subscriber_name);
+    ssid_sessions[socket.ssid].setSessionData("subscriber_username", request_headers.query.subscriber_username);
+    ssid_sessions[socket.ssid].setSessionData("subscriber_contact", request_headers.query.subscriber_contact);
+    ssid_sessions[socket.ssid].setSessionData("subscriber_contact_method", request_headers.query.subscriber_contact_method);
     ssid_sessions[socket.ssid].setSessionData("subscriber_userid", '1' + Math.floor(Math.random() * 1000000000000000000));
     ssid_sessions[socket.ssid].setSessionData("registered", true);
     if (!ssid_sessions[socket.ssid].storeSessionData()) {

zefie_wtvp_minisrv/ServiceVault/wtv-register/ValidateWelcome.js

@@ -1,13 +1,4 @@
-if (request_headers.query.noreg) {
-    headers = `302 Moved
-Connection: Close
-wtv-noback-all: wtv-register:
-wtv-expire-all: wtv-
-wtv-open-isp-disabled: false
-wtv-visit: wtv-head-waiter:/login-stage-two?guest_mode=true
-Location: wtv-head-waiter:/login-stage-two?guest_mode=true
-Content-type: text/html`;
-} else if (!request_headers.query.registering) {
+if (!request_headers.query.registering) {
     var errpage = doErrorPage(400);
     headers = errpage[0];
     data = errpage[1];

zefie_wtvp_minisrv/ServiceVault/wtv-register/register.js

@@ -59,11 +59,13 @@ The next screens will lead you through a quick setup process for using this serv
 var namerand = Math.floor(Math.random() * 100000);
 var nickname = (minisrv_config.config.service_name + '_' + namerand)
 var human_name = nickname;
-    data += `
+data += `
 <shadow>
 <input type=button action="ValidateAgreement?registering=true&subscriber_name=${human_name}&subscriber_username=${nickname}" Value="Quick Reg" name="speedyreg" borderimage="file://ROM/Borders/ButtonBorder2.bif" usestyle width=130>
-<input type=button action="ValidateWelcome" Value="Sign in as Guest" name="noreg" borderimage="file://ROM/Borders/ButtonBorder2.bif" usestyle width=170>
-<input type=submit Value=Continue name="Continue" borderimage="file://ROM/Borders/ButtonBorder2.bif" usestyle width=110 selected>
+`;
+if (minisrv_config.config.allow_guests) data += `<input type=button action="BeMyGuest" Value="Sign in as Guest" name="noreg" borderimage="file://ROM/Borders/ButtonBorder2.bif" usestyle width=170 >`;
+
+data += `<input type=submit Value=Continue name="Continue" borderimage="file://ROM/Borders/ButtonBorder2.bif" usestyle width=110 selected>
 </shadow>
 </font>
 </form>	<td abswidth=13 absheight=50 bgcolor=#171726>

zefie_wtvp_minisrv/ServiceVault/wtv-register/splash.js

@@ -24,9 +24,7 @@ data = `<html>
 Mini service
 <tr><td>
 zefie minisrv v${minisrv_config.version}`;
-if (getGitRevision()) {
-    data += " (git " + getGitRevision().substring(0, 8) + ")";
-}
+if (minisrv_config.config.git_commit) data += " (git " + minisrv_config.config.git_commit + ")";
 data += `
 <tr><td>&rate;
 </table>

zefie_wtvp_minisrv/ServiceVault/wtv-tricks/access.js

@@ -1,6 +1,6 @@
 // Allow URL access outside our trusted minisrv
 
-if (request_headers.query.url) var url = unescape(request_headers.query.url);
+if (request_headers.query.url) var url = request_headers.query.url;
 else var url = "client:showalert?message=Please%20provide%20a%20%3Furl%3D%20with%20the%20url%20you%20would%20like%20to%20access.&buttonlabel1=Okay&buttonacction1=client:donothing"
 
 headers = `200 OK

zefie_wtvp_minisrv/ServiceVault/wtv-tricks/blastbacklist.js

@@ -6,7 +6,7 @@ Content-type: text/html`
 var visit_url = null;
 
 if (request_headers.Referer) visit_url = request_headers.Referer;
-else if (request_headers.query.return_to) visit_url = unescape(request_headers.query.return_to);
+else if (request_headers.query.return_to) visit_url = request_headers.query.return_to;
 else visit_url = "client:goback";
 
 data = `<html>

zefie_wtvp_minisrv/ServiceVault/wtv-tricks/info.js

@@ -50,6 +50,10 @@ Content-Type: text/html`
 		<td valign=top align=right><shadow>Connected to:</shadow>
 		<td width=10>
 		<td valign=top>Mini Service
+<tr>
+		<td valign=top align=right><shadow>Host/Port:</shadow>
+		<td width=10>
+		<td valign=top>${service_ip}/${minisrv_config.services[service_name].port}
 <tr>
 		<td valign=top align=right width=150><shadow>Service:</shadow>
 		<td width=10>
@@ -76,11 +80,28 @@ Content-Type: text/html`
 		<td valign=top align=right><shadow>Client IP number:</shadow>
 		<td width=10>
 		<td valign=top>${socket.remoteAddress}
-<tr>
-		<td valign=top align=right><shadow>Service IP number:</shadow>
+`;
+	if (ssid_sessions[socket.ssid].getSessionData("registered")) {
+		data += `<tr>
+		<td valign=top align=right><shadow>Subscriber Name:</shadow>
 		<td width=10>
-		<td valign=top>${service_ip}
+		<td valign=top>${ssid_sessions[socket.ssid].getSessionData("subscriber_name")}
 <tr>
+		<td valign=top align=right><shadow>Subscriber Username:</shadow>
+		<td width=10>
+		<td valign=top>${ssid_sessions[socket.ssid].getSessionData("subscriber_username")}
+<tr>
+		<td valign=top align=right><shadow>Subscriber Contact:</shadow>
+		<td width=10>
+		<td valign=top>${ssid_sessions[socket.ssid].getSessionData("subscriber_contact")} (${ssid_sessions[socket.ssid].getSessionData("subscriber_contact_method")})`;
+	} else {
+		data += `<tr>
+		<td valign=top align=right><shadow>Unregistered Guest:</shadow>
+		<td width=10>
+		<td valign=top>Yes`;
+	}
+
+	data += `<tr>
 		<td height=20>
 <tr>
 		<td valign=top align=right><shadow>ROM type:</shadow>
@@ -106,7 +127,7 @@ Content-Type: text/html`
 <tr>
 		<td valign=top align=right><shadow>SysConfig:</shadow>
 		<td width=10>
-		<td valign=top>0x${wtv_system_sysconfig_hex.toUpperCase()}
+		<td valign=top>0x${wtv_system_sysconfig_hex}
 </table>
 
 <table>

zefie_wtvp_minisrv/ServiceVault/wtv-tricks/register.js

@@ -0,0 +1,39 @@
+headers = `200 OK
+Content-Type: text/html`;
+
+if (ssid_sessions[socket.ssid].getSessionData("registered")) {
+    var redirect = [10, "client:goback?"];
+    var message = "Error: Your box is already registered. If you would like to re-register, you must first unregister.";
+} else if (request_headers.query.confirm_register) {
+    headers += `
+wtv-noback-all: wtv-
+wtv-expire-all: wtv-
+wtv-relogin-url: wtv-1800:/preregister?relogin=true
+wtv-reconnect-url: wtv-1800:/preregister?reconnect=true
+wtv-boot-url: wtv-1800:/preregister?relogin=true`;
+    var redirect = [3, "client:relog?"];
+    var message = "You will now be be redirected to registration.<br><br>";
+    message += `<a href="${redirect[1]}">Click here if you are not automatically redirected.</a>`;
+} else {
+    message = `Are you ready to register your box with ${minisrv_config.config.service_name}?
+<br><br>
+<form action="register" method="POST" ENCTYPE="x-www-form-encoded">
+<input type="button" action="client:goback" value="Nah, I like being a Guest" borderimage="file://ROM/Borders/ButtonBorder2.bif" text="#dadada" >
+<input type="submit" name="confirm_register" value="Yes, I'm ready to register!" borderimage="file://ROM/Borders/ButtonBorder2.bif" text="#dadada" selected>
+</form>`;
+}
+
+data = `<html>
+<head>
+<display fontsize=medium>
+<title>Comfy Zone!</title>
+`;
+if (redirect) data += `<meta http-equiv=Refresh content="${redirect[0]}; url=${redirect[1]}">`;
+
+data += `</head>
+<body bgcolor="#202020" text="#dadada" link="#dadada" alink="#dadada" vlink="#dadada">
+<br><br>
+${message}
+</body>
+</html>
+`;

zefie_wtvp_minisrv/ServiceVault/wtv-tricks/tricks.js

@@ -38,7 +38,11 @@ data = `<html>
 <tr>
 <td><a href="client:showservices">Show Services</a>
 <td width = 25>
-<td><a href="wtv-tricks:/unregister">Unregister This Box</a>
+`;
+if (ssid_sessions[socket.ssid].getSessionData("registered")) data += `<td><a href="wtv-tricks:/unregister">Unregister This Box</a>`;
+else data += `<td><a href="wtv-tricks:/register">Register This Box</a>`
+
+data += `
 <tr>
 <td colspan=3 height=6>
 <tr>

zefie_wtvp_minisrv/ServiceVault/wtv-tricks/unregister.js

@@ -0,0 +1,42 @@
+headers = `200 OK
+Content-Type: text/html`;
+
+if (!ssid_sessions[socket.ssid].getSessionData("registered")) {
+    var redirect = [10, "client:goback?"];
+    var message = "Error: Your box is not registered. You are accessing " + minisrv_config.config.service_name + " in Guest Mode. There is nothing to delete!";
+} else if (request_headers.query.confirm_unregister) {
+    if (ssid_sessions[socket.ssid].unregisterBox()) {
+        headers += "\nwtv-noback-all: wtv-";
+        headers += "\nwtv-expire-all: wtv-";
+        var redirect = [3, "client:relog?"];
+        var message = "Your account data has been successfully removed. You will now be be redirected to registration.<br><br>";
+        message += `<a href="${redirect[1]}">Click here if you are not automatically redirected.</a>`;
+    } else {
+        var redirect = [10, "client:goback?"];
+        var message = "There was an error deleting your account data. Please try again later. If the problem persists, please contact " + minisrv_config.config.service_owner + " to request manual deletion.";
+        message += "SSID verifcation may be required to perform a manual deletion.< br > <br>Returning from whence you came...<br><br>";
+        message += `<a href="${redirect[1]}">Click here if you are not automatically redirected.</a>`;
+        }
+} else {
+    message = `Are you sure you wish to unregister your account? Session Data deleted by this tool is unrecoverable, even by ${minisrv_config.config.service_owner}.
+Please be absolutely sure this is what you want to do!<br><br>
+<form action="unregister" method="POST" ENCTYPE="x-www-form-encoded">
+<input type="button" action="client:goback" value="No, I changed my mind" borderimage="file://ROM/Borders/ButtonBorder2.bif" text="gold" selected>
+<input type="submit" name="confirm_unregister" value="Yes, delete my account" borderimage="file://ROM/Borders/ButtonBorder2.bif" text="gold">
+</form>`;
+}
+
+data = `<html>
+<head>
+<display fontsize=medium>
+<title>Danger Zone!</title>
+`;
+if (redirect) data += `<meta http-equiv=Refresh content="${redirect[0]}; url=${redirect[1]}">`;
+
+data += `</head>
+<body bgcolor="#000000" text="gold" link="gold" alink="gold" vlink="gold">
+<br><br>
+${message}
+</body>
+</html>
+`;