diff --git a/README.md b/README.md index 8181ca6e..f8212027 100644 --- a/README.md +++ b/README.md @@ -1215,7 +1215,7 @@ below are some tweaks roughly ordered by usefulness: * `--no-htp --hash-mt=0 --mtag-mt=1 --th-mt=1` minimizes the number of threads; can help in some eccentric environments (like the vscode debugger) * `-j` enables multiprocessing (actual multithreading) and can make copyparty perform better in cpu-intensive workloads, for example: * huge amount of short-lived connections - * really heavy traffic (downloads/uploads) + * simultaneous downloads and uploads saturating a 20gbps connection ...however it adds an overhead to internal communication so it might be a net loss, see if it works 4 u diff --git a/copyparty/__main__.py b/copyparty/__main__.py index 39ce356d..5be2a88c 100755 --- a/copyparty/__main__.py +++ b/copyparty/__main__.py @@ -858,7 +858,7 @@ def add_safety(ap, fk_salt): ap2.add_argument("--ban-404", metavar="N,W,B", type=u, default="no", help="hitting more than \033[33mN\033[0m 404's in \033[33mW\033[0m minutes = ban for \033[33mB\033[0m minutes (disabled by default since turbo-up2k counts as 404s)") ap2.add_argument("--aclose", metavar="MIN", type=int, default=10, help="if a client maxes out the server connection limit, downgrade it from connection:keep-alive to connection:close for MIN minutes (and also kill its active connections) -- disable with 0") ap2.add_argument("--loris", metavar="B", type=int, default=60, help="if a client maxes out the server connection limit without sending headers, ban it for B minutes; disable with [\033[32m0\033[0m]") - ap2.add_argument("--acao", metavar="V[,V]", type=u, default="*", help="Access-Control-Allow-Origin; list of origins (domains) to accept requests from. Default (*) allows requests from any site but will ignore cookies and http-auth (except for ?pw=hunter2)") + ap2.add_argument("--acao", metavar="V[,V]", type=u, default="*", help="Access-Control-Allow-Origin; list of origins (domains/IPs without port) to accept requests from; [\033[32mhttps://1.2.3.4\033[0m]. Default [\033[32m*\033[0m] allows requests from all sites but removes cookies and http-auth; only ?pw=hunter2 survives") ap2.add_argument("--acam", metavar="V[,V]", type=u, default="GET,HEAD", help="Access-Control-Allow-Methods; list of methods to accept from offsite ('*' behaves like described in --acao)") diff --git a/copyparty/httpcli.py b/copyparty/httpcli.py index 616dbf3f..6cd46908 100644 --- a/copyparty/httpcli.py +++ b/copyparty/httpcli.py @@ -346,7 +346,7 @@ class HttpCli(object): if zso: zsll = [x.split("=", 1) for x in zso.split(";") if "=" in x] cookies = {k.strip(): unescape_cookie(zs) for k, zs in zsll} - cookie_pw = cookies.get("cppws") or cookies.get("cppwd") + cookie_pw = cookies.get("cppws") or cookies.get("cppwd") or "" if "b" in cookies and "b" not in uparam: uparam["b"] = cookies["b"] else: @@ -652,15 +652,14 @@ class HttpCli(object): return True oh = self.out_headers - origin = re.sub(r"(:[0-9]{1,5})?/?$", "", origin.lower()) - methods = ", ".join(self.conn.hsrv.mallow) + origin = origin.lower() good_origins = self.args.acao + [ "{}://{}".format( "https" if self.is_https else "http", self.host.lower().split(":")[0], ) ] - if origin in good_origins: + if re.sub(r"(:[0-9]{1,5})?/?$", "", origin) in good_origins: good_origin = True bad_hdrs = ("",) else: @@ -676,7 +675,7 @@ class HttpCli(object): ) if self.args.allow_csrf: acao = origin or acao or "*" # explicitly permit impersonation - acam = ", ".join(methods) # and all methods + headers + acam = ", ".join(self.conn.hsrv.mallow) # and all methods + headers oh["Access-Control-Allow-Credentials"] = "true" good_origin = True else: @@ -2031,7 +2030,13 @@ class HttpCli(object): else: lifetime = 0 - return rnd, want_url, lifetime, vfs.flags.get("xbu"), vfs.flags.get("xau") + return ( + rnd, + want_url, + lifetime, + vfs.flags.get("xbu") or [], + vfs.flags.get("xau") or [], + ) def handle_plain_upload(self) -> bool: assert self.parser diff --git a/copyparty/web/browser.js b/copyparty/web/browser.js index 59447008..7ac62999 100644 --- a/copyparty/web/browser.js +++ b/copyparty/web/browser.js @@ -851,7 +851,7 @@ var Ls = { "u_hashdone": 'befaring ferdig', "u_hashing": 'les', "u_fixed": "OK!  LΓΈste seg πŸ‘", - "u_cuerr": "kunne ikke laste opp del {0} av {1};\nsikkert harmlΓΈst, fortsetter\n\nfil: {2}", + "u_cuerr": "kunne ikke laste opp del {0} av {1};\nsikkert greit, fortsetter\n\nfil: {2}", "u_cuerr2": "server nektet opplastningen (del {0} av {1});\nprΓΈver igjen senere\n\nfil: {2}\n\nerror ", "u_ehstmp": "prΓΈver igjen; se mld nederst", "u_ehsfin": "server nektet forespΓΈrselen om Γ₯ ferdigstille filen; prΓΈver igjen...", diff --git a/docs/changelog.md b/docs/changelog.md index 3c23d689..8bb0b512 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -1,3 +1,25 @@ +β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€ +# 2023-0112-0515 `v1.5.6` many hands + +hello from warsaw airport (goodbye japan ;_;) +* read-only demo server at https://a.ocv.me/pub/demo/ + +## new features +* multiple upload handshakes in parallel + * around **5x faster** when uploading small files + * or **50x faster** if the server is on the other side of the planet + * just crank up the `parallel uploads` like crazy (max is 64) +* upload ui: total time and average speed is shown on completion + +## bugfixes +* browser ui didn't allow specifying number of threads for file search +* dont panic if a digit key is pressed while viewing an image +* workaround [linux kernel bug](https://utcc.utoronto.ca/~cks/space/blog/linux/KernelBindBugIn6016) causing log spam on dualstack + * ~~related issue (also mostly harmless) will be fixed next relese 010770684db95bece206943768621f2c7c27bace~~ + * they fixed it in linux 6.1 so these workarounds will be gone too + + + β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€β–€ # 2022-1230-0754 `v1.5.5` made in japan diff --git a/scripts/make-sfx.sh b/scripts/make-sfx.sh index 3e11e3fe..c1aaf440 100755 --- a/scripts/make-sfx.sh +++ b/scripts/make-sfx.sh @@ -266,6 +266,14 @@ necho() { cp -p "$f2" "$f1" ); done + # resolve symlinks on windows + [ "$OSTYPE" = msys ] && + (cd ..; git ls-files -s | awk '/^120000/{print$4}') | + while IFS= read -r x; do + [ $(wc -l <"$x") -gt 1 ] && continue + (cd "${x%/*}"; cp -p "../$(cat "${x##*/}")" ${x##*/}) + done + # insert asynchat mkdir copyparty/vend for n in asyncore.py asynchat.py; do diff --git a/tests/util.py b/tests/util.py index 2a3f4df8..4519f81d 100644 --- a/tests/util.py +++ b/tests/util.py @@ -98,7 +98,7 @@ class Cfg(Namespace): def __init__(self, a=None, v=None, c=None): ka = {} - ex = "daw dav_inf dav_mac e2d e2ds e2dsa e2t e2ts e2tsr e2v e2vu e2vp ed emp force_js ihead magic nid nih no_acode no_athumb no_dav no_del no_dupe no_logues no_mv no_readme no_robots no_scandir no_thumb no_vthumb no_zip nw xdev xlink xvol" + ex = "daw dav_inf dav_mac e2d e2ds e2dsa e2t e2ts e2tsr e2v e2vu e2vp ed emp force_js getmod hardlink ihead magic never_symlink nid nih no_acode no_athumb no_dav no_dedup no_del no_dupe no_logues no_mv no_readme no_robots no_scandir no_thumb no_vthumb no_zip nw xdev xlink xvol" ka.update(**{k: False for k in ex.split()}) ex = "dotpart no_rescan no_sendfile no_voldump plain_ip" @@ -113,6 +113,9 @@ class Cfg(Namespace): ex = "doctitle favico html_head log_fk mth textfiles R RS SR" ka.update(**{k: "" for k in ex.split()}) + ex = "xad xar xau xbd xbr xbu xm" + ka.update(**{k: [] for k in ex.split()}) + super(Cfg, self).__init__( a=a or [], v=v or [], @@ -193,4 +196,5 @@ class VHttpConn(object): self.nbyte = 0 self.ico = None self.thumbcli = None + self.freshen_pwd = 0.0 self.t0 = time.time()