[HN Gopher] Xterm.js
___________________________________________________________________
Xterm.js
Author : humility
Score : 203 points
Date : 2021-10-08 10:11 UTC (12 hours ago)
(HTM) web link (xtermjs.org)
(TXT) w3m dump (xtermjs.org)
| Tyriar wrote:
| Hi all, I'm one of the maintainers of xterm.js, open to answer
| any questions!
|
| Here's a little history on the project, some of which is already
| called out in other comments:
|
| - Fabrice Bellard created jslinux[1].
|
| - Christopher Jeffrey (@chjj) forked the terminal component into
| term.js[2], this eventually became unmaintained.
|
| - Paris Kasidiaris (@parisk) forked it into xterm.js for use in
| SourceLair[3].
|
| - I showed up around 2016 when investigating options for VS
| Code's integrated terminal and eventually joined as a maintainer,
| spending a good deal of my time at work on the project since
| then.
|
| We currently have 5 active maintainers in the xterm.js team as
| well which I'd like to call out because the project has only come
| this far as a result of everyone's efforts.
|
| [1]: https://bellard.org/jslinux/
|
| [2]: https://github.com/chjj/term.js
|
| [3]: https://www.sourcelair.com/
|
| EDITS: Formatting
| spirodonfl wrote:
| I've actually been using xterm in my self baked full RDP suite
| using Node and WebRTC to control my PC(s) and raspberry pis
| remotely.
|
| https://drive.google.com/file/d/1vkXp9Hm-9ID8eOrApjLFGFc-fOe...
|
| Thank you for creating this!!!! I basically work full time in
| my oculus quest 2 thanks to this
| jimmar wrote:
| I'm an educator and I to teach things like symmetric
| cryptography. I just used full virtual machines in class to
| demonstrate ccrypt to encrypt and decrypt files. Would xterm.js
| be a valid way to implement that kind of exercise to avoid
| relying on virtual machines? Do you know of any resources that
| would point me in the right direction for building educational
| exercises?
| williamstein wrote:
| (Shameless but relevant example.) On https://CoCalc.com [1],
| you can create a project and click +New-->Terminal to get an
| *xerm.js based terminal*, then upload the ccrypt source code
| (download and upload the tarball from [2]), extract it, and
| build it in a few seconds via "./configure && make". You can
| then run it via "src/ccrypt". I'm also an educator, and
| created CoCalc mainly for teaching (it has course management
| functionality).
|
| [1] https://cocalc.com/features/linux
|
| [2] http://ccrypt.sourceforge.net/#downloading
| denixxyz wrote:
| Hi, I'm Dennis, and I've been working on my own browser based
| OS for a decade. You can check out the "web native" CLI at
| https://denix.xyz/shell.os. Replace "shell" with "desk" to
| get to a friendly gui. Then we can start talking about
| browser-based encryption techniques. For simple command line
| utilities, porting via WebAssembly is always a thought. The
| way Denix works in the CLI is that you have to import command
| libraries. There is a library called crypto with 2 commands
| that you can import by typing into the prompt: "import
| crypto". Entering that command should give you the commands
| "encrypt" and "decrypt" in your runtime environment. It's
| been maybe a couple of years since I worked on that stuff,
| but I just tested "encrypt" and it seemed to be working. A
| word of caution: Denix is very much a chrome thing.
| Tyriar wrote:
| xterm.js is only a frontend, you still need to plug it into a
| backend or write you own. A VM would probably be the way to
| go.
| jimmar wrote:
| Thanks. I was curious because the demo on the homepage
| doesn't appear to be communicating with a backend. (The
| xterm.js code just seems to interact with
| https://xtermjs.org/js/demo.js.) So I guess this demo
| presented an experience that people should expect with
| xterm.js, but not necessarily the standard implementation.
| ilaksh wrote:
| https://blog.stackblitz.com/posts/introducing-
| webcontainers/
| Tyriar wrote:
| You can check out the source for the demo at https://gith
| ub.com/xtermjs/xtermjs.org/blob/master/js/demo.j..., I've
| actually started hacking up a more general mechanism for
| doing this since I've done it a few times but it's not
| OSS yet.
|
| If you don't need to rely on ccrypt and just want to
| emulate teh experience of using it, you could have an on
| rails experience by forking the demo file and adapting
| the commands part.
| maattdd wrote:
| TIL another project started by Fabrice Bellard (well for him
| it's just a _side_ project for the real project JSLinux).
| MontyCarloHall wrote:
| Whenever people say that the "10x developer" is a myth, I
| point them to Fabrice Bellard, who would easily be 100 times
| more productive than your average developer at pretty much
| any task you give him. The sheer diversity of problems he's
| solved with extremely high quality software is astounding.
| bch wrote:
| True, he's mind-bogglingly amazing. Also still probably not
| a helpful example to developing a sane working group or
| good office dynamics. He's a unicorns unicorn.
| postalrat wrote:
| 10x developers are about as rare as 10x strong people.
|
| They exist but you probably don't ever meet one. And there
| could be a lot more 10x people but most don't commit to it.
| matheusmoreira wrote:
| Thank you and everyone else involved. I tried reading the
| source code of many terminal emulators, found them to be really
| difficult to understand. This project helped me understand
| terminals better.
| sharikous wrote:
| First of all it is a wonderful project. It is included in VS
| Code and works flawlessly for me most of the time. Not to
| mention the countless web implementations around it
|
| Maybe it's a pet peeve of mine but I do not understand how to
| select stuff when the Terminal application steals the select
| function.
|
| Example: you open tmux with option "mouse on" - when you click
| and drag tmux "steals" the selecting function and makes it an
| internal selection/copy/paste feature. But if I happen to be
| connected via ssh or something I want the terminal emulator to
| ignore that stealing and let me select some text instead to my
| own clipboard. In most other terminal emulator there is some
| shortcut to do just that, I never understood if the option is
| present in xterm.js too.
| Tyriar wrote:
| VS Code has the
| terminal.integrated.macOptionClickForcesSelection setting
| which will let you to alt+drag to use xterm.js' selection as
| opposed to tmux's selection. On Linux and Windows I believe
| it's shift+drag.
| benjaminjackman wrote:
| I just want to say thanks, I have been experimenting with using
| xterm.js to connect to terminal API in jupyter notebooks and it
| has worked really well, plug and play (even editors like vim
| were working without any extra effort).
|
| Before that I was experimenting with using it as a custom shell
| for running commands inside a web application. In that use case
| it was a bit more challenging because I had never written to an
| actual tty before (ansi escape codes for coloring log files has
| been about the limit of my experience). For that use case I
| just really needed to send and receive text. I ended up using
| this library [ https://github.com/wavesoft/local-echo ] to
| smooth that process out until I could learn about how to do
| things properly.
|
| Are any suggestions on:
|
| 1. where to learn about how ttys work to do things the right
| way, or
|
| 2. suggested libraries like local-echo that can wrap over some
| of the trickier bits of just getting text on the screen?
|
| Thanks again for maintaining such a great & useful library!
| brundolf wrote:
| +1
|
| Xterm.js is really impressive in what it can do, but it was
| pretty tough to get started with as someone who just wanted
| to pipe shell input/output over HTTP requests to a server. I
| realize streamlining that usecase is probably out of scope
| for the Xterm team, but I think there's a space for either
| some tutorials or a higher-level wrapper library
| Tyriar wrote:
| 1. https://invisible-island.net/xterm/ctlseqs/ctlseqs.html is
| my main reference for anything related to terminals, other
| than that my knowledge has built up mainly as a result of
| contributing to xterm.js.
|
| 2. The library you mention is the one I'm aware of, I have a
| WIP for building a basic shell in JS that I will probably
| open source eventually if I have the time.
| biginkorea wrote:
| We're using xterm.js to teach programming to kids in a block-
| based (like MIT scratch) editor: https://app.code-it-
| studio.de/makerspace/57
| oso2k wrote:
| Another older terminal JS library that might interest people is
| https://www.masswerk.at/termlib/
| apignotti wrote:
| A well made library, we use it as part of the REPL demos for
| CheerpX, our WebAssembly-powered X86 virtual machine.
|
| https://nextrepl.leaningtech.com/?python3
| kevincox wrote:
| I like that the default renderer allow copy-paste.
| humility wrote:
| TIL chrome has an ssh client extension which can be used in a
| browser tab. Anyone care to share their experience with it?
|
| https://chrome.google.com/webstore/detail/secure-shell-app/p...
| adamrezich wrote:
| I made it through my first semester of computer science using
| Secure Shell on a cheap Chromebook and a linux box back in my
| apartment.
| corybrown wrote:
| Used this as my daily driver for dev work for years, works
| great. Only downside is it doesn't do emoji rendering well
| gizdan wrote:
| I used to use it some years back when I was still on Windows
| and using Chrome. It was pretty good for a Windows environment.
| For a Linux/Mac environment, it doesn't come close to a proper
| terminal emulator. It'll do the job, but I recall there were a
| few things that were annoying.
| messe wrote:
| The demo on the homepage seems to be broken in Safari on macOS.
| I'm not seeing any text.
| Mikeb85 wrote:
| Everything fun on the web is broken in Safari... Pretty sure
| it's by design.
| Tyriar wrote:
| This is related to some issue with Safari's new WebGL 2
| implementation they shipped recently[1]. Currently we disable
| the webgl renderer on Safari inside github.dev/codespaces to
| work around this.
|
| [1]: https://github.com/xtermjs/xterm.js/issues/3357
| messe wrote:
| Looks to be the case. Disabling WebGL 2.0 at the browser
| level fixes the issue.
| DonHopkins wrote:
| I wrote a VT100 emulator in PostScript for NeWS in 1987! I worked
| for a company called Wedge Computer (ha ha!), who ported NeWS to
| the Mac II running A/UX, which needed a way to connect to Unix
| servers from NeWS without running a terminal emulator client
| remotely. It could passed vttest!
|
| https://donhopkins.com/home/archive/NeWS/tnterm.ps
|
| https://en.wikipedia.org/wiki/NeWS
|
| Two versions of NeWS on Mac II Make Debut
|
| https://books.google.nl/books?id=Cj8EAAAAMBAJ&pg=PA31&lpg=PA...
|
| Yep, Unix ran on Macs in 1988!
|
| https://en.wikipedia.org/wiki/A/UX
| fimdomeio wrote:
| just throwing a related idea in here in the hopes someone finds
| it interesting enough to develop.
|
| Having a very simple cli app generator that allows one to have
| independent terminal applications that run just like normal app.
| Independent in the sense that you can open them as any other app,
| run on their own window, and and you can reach them through the
| app switcher.
| mbreese wrote:
| If you're on a Mac, you can do this with AppleScript.
|
| If you open the Script Editor, you can use this chunk of code
| to get started: tell application "Terminal"
| do script "~/test.sh" end tell
|
| This will run the script ~/test.sh in a new terminal window.
| Closing the window automatically is a bit more difficult, but
| it can also be done. You can save this as an Application, which
| will let you click to open it, just like any other application.
|
| See here for more information:
|
| https://stackoverflow.com/questions/1870270/sending-commands...
|
| https://stackoverflow.com/questions/27453987/how-to-close-a-...
| c0wb0yc0d3r wrote:
| Is this different than opening the executable from the file
| manager?
| dugmartin wrote:
| This is a great project. I played with it a few years ago to
| create a tiled ssh client in Electron as a proof of concept for
| an idea I had and it was very easy to integrate. It has only
| gotten better since then with all the love from the Microsoft
| sponsored commits (it is used in VSCode).
| rasengan wrote:
| Fun fact - xterm.js was originally created by chjj who also wrote
| the code for Handshake DNS among other things.
|
| My favorite is blessed [1].
|
| He's definitely a super programmer. Thank you for all your
| contributions to this world @chjj!
|
| [1] https://github.com/chjj/blessed
| williamstein wrote:
| term.js was _originally_ created by Fabrice Bellard -- see the
| headers of @chjj 's term.js file [1]. Bellard wrote term.js
| since he needed a way to interact with his amazing port [2] of
| Linux to a web browser. Term.js had a non-open-source license
| and @chjj spent time a decade ago successfully convincing
| Bellard to relicense term.js open source (I watched and greatly
| appreciated this as it happened!). Xterm.js is a very
| significant rewrite and improvement of term.js, mostly done by
| Daniel Imms who is on the VS Code team at Microsoft; xterm.js
| is a great contribution of Microsoft to open source, and is
| used at VS Code's terminal. I watched all this happen over the
| years, visited Daniel at Microsoft, etc.; I think this is all
| very useful tech (e.g., we use it in JupyterLab and CoCalc).
|
| [1] https://github.com/chjj/term.js/blob/master/src/term.js
|
| [2] https://bellard.org/jslinux/
| Tyriar wrote:
| Just to clarify, xterm.js is not a Microsoft project and
| tries to remain neutral, but MS is essentially sponsoring it
| through my work. Also, a good deal of my time spent working
| on it particularly early on was for the love/fun of it in my
| spare time. The WebGL renderer for example was a pure fun
| personal exercise.
| thinkafterbef wrote:
| Love xterm.js! We use it to stream logs and as an in-browser
| terminal for our upcoming CI[1]. It's blazing fast especially
| with the WebGL renderer turned on.
|
| [1]https://buildjet.com
| saimiam wrote:
| That's quite a roster of clients using xtermjs.
| parhamn wrote:
| I've used this to create recorded terminals to Kubernetes for an
| internal app I built. We'd basically proxy the kube exec socket
| endpoint with a write log so we can playback what folks did.
|
| Worked wonderfully. Thanks maintainers!
| rbanffy wrote:
| I wonder how well it fares on the VT100 torture test
|
| curl -q http://cdn.preterhuman.net/texts/art/torturet.vt
| echeese wrote:
| Wonder no more: https://i.imgur.com/DGuoj9p.png
| adamrezich wrote:
| how about termbench? https://github.com/cmuratori/termbench
| echeese wrote:
| That would be considerably more work. Could make a fun
| Thanksgiving weekend project, though.
| Tyriar wrote:
| It should fare fairly well, at least for the most common
| sequences. We have detailed what VT features we support on the
| website[1]. Some things that stand out that I know won't work
| are blinking and double height/width text.
|
| [1]: https://xtermjs.org/docs/api/vtfeatures/
| hulitu wrote:
| "Build terminals in the browser" ... and give your passwords
| there, and type commands. What can go wrong.
| lhnz wrote:
| Are terminals better sandboxed when run outside of a browser?
| rbanffy wrote:
| Usually yes. They are running in a completely different
| process than the browser.
| chungy wrote:
| Don't be ridiculous. The only and obvious answer to the
| question is "no" -- the terminal itself and all commands
| inside it run unimpeded.
| emilfihlman wrote:
| Running in the browser is no more (or less) untrusted than
| running a dedicated terminal client.
| noergl wrote:
| I tend to disagree. The fact, that a browser engine and JS is
| involved raises the bar significantly during security audits.
| It brings additional third-party players into the chain you
| have to trust. Meanwhile I suggest to read
| https://xtermjs.org/docs/guides/security/.
| intc wrote:
| Of course it is. In most cases you do not have any sort of
| guarantees regarding the browser (which it self usually is
| more complex piece of software than all your operating system
| and it's accessories calculated together - difficult to audit
| - known to collect metrics etc etc). In addition one can
| sandbox their local terminal pretty effectively - With Tomoyo
| or some other MAC technology. It's not so bad idea to
| actually isolate your browser too (with Mandatory Access
| Control) - It usually has no business for a global view on
| your filesystem or local network resources.
| rbanffy wrote:
| When was the last case when a malicious website or script
| could capture content or keystrokes directed at another tab?
| Really curious, because it seems an obvious attack vector.
| amalcon wrote:
| 2018 at the earliest:
|
| https://en.wikipedia.org/wiki/Spectre_(security_vulnerabili
| t...
|
| It's not a browser vulnerability per se, but it's still
| mitigated by having a separate address space.
| colejohnson66 wrote:
| At least in the last decade, I don't think that's even
| possible on the "big" browsers. There were vulnerabilities
| involving <iframe>s, but I don't know enough about those.
| tyingq wrote:
| That a terminal in the browser can't make ssh connections
| without a separate http or websocket bridge complicates that.
| Depends on that bridge and who/how/where it's running.
| sime2009 wrote:
| You are aware that millions of people use web browsers each day
| to do their banking, purchase products, and generally run
| businesses?
| tyingq wrote:
| Related is https://hterm.org/ , used with the built in ssh
| terminal in chromebooks.
| gkfasdfasdf wrote:
| Anyone know how they compare, feature wise?
___________________________________________________________________
(page generated 2021-10-08 23:01 UTC)