mirrors/copyparty
1
0
Fork 0
mirror of https://github.com/9001/copyparty.git synced 2026-01-12 15:52:39 -07:00
Code Issues Actions Packages Projects Releases Wiki Activity
4358 commits 4 branches 365 tags 147 MiB
Commit graph

398 commits

Author SHA1 Message Date
ed 3aebfabd5c mtag: truncate stderr 2026-01-10 22:16:50 +00:00
ed 13055c6451 sftp: improve logging 2026-01-07 20:36:34 +00:00
ed 65391a9d8c more linter fixing 2026-01-02 16:56:03 +00:00
ed 3ee91dffad linter denoise 2026-01-02 15:23:31 +00:00
ed 4714c2fa5a add sftp server (powered by 39c3) 2025-12-30 23:38:54 +00:00
ed 2d1d295a4d windows: fix download-as-zip; 
zipfiles generated on windows were flattened
(slash was substituted with fullwidth)
 2025-12-23 10:52:50 +00:00
ed fecc3fd507 rename metadata-property "date" to "tdate"; 
"date" is reserved for the last-modified-timestamp of each file

if extraction of the audio metadata property "date" was enabled
(not default), this would have collided; rename the audio prop

discovered thanks to #1053
 2025-12-14 00:15:12 +00:00
ed ba017f7b53 only use fs-legal chars in names (closes #1010); 
uploading a folder named COMPLE:X into exfat on linux would fail
because exfat behaves like windows, rejecting <>:|?*"\/

this would also fail on windows, but then due to
sanitize_fn being overly aggressive

fix this by detecting filesystem traits on startup and
also translating vpath early on windows
 2025-12-13 19:44:56 +00:00
ed 7d526eaba3 fix termsz on windows 2025-12-11 16:41:55 +00:00
ed 889bd3242a hooks: retcode 100, zmq json; 
hooks returning exitcode 0 will:
* run the next hook, if any
* allow the original action, unless successive hook opposes

hooks returning exitcode 100 will:
* abort running successive hooks
* allow the original action

hooks returning anything other than 0 or 100 will:
* abort running successive hooks
* REJECT the original action

zmq can now respond with json; a dict with "rc", "rejectmsg",
"reloc" and so on, just like other hooks replying with json
 2025-11-30 19:29:09 +00:00
ed f55d8341f1 new flag nodupem: reject dupes on move; closes #742 2025-10-14 22:51:48 +00:00
ed 677fd8eef1 config for ?stack verbosity / access 2025-10-14 20:23:38 +00:00
ed 6c024dbf80 xm-hooks: list of selected files; closes #921 
previously, `xm` hooks would be called with the `txt` property
containing the url-decoded message

now, a new property `body` contains the original unmodified message,
to avoid any ambiguity caused by url-decoding

if any files are selected, the list of files is appended to
the `txt` field as lines, and as `sel` url-parameters in `body`

Co-authored-by: Carson Coder <carson@carsoncoder.com>
 2025-10-14 19:39:03 +00:00
ed f2caab6119 dedup: explicit reflink/ficlone on python<3.14 2025-10-11 23:43:09 +00:00
ed 4542ad3c01 hook-flag to send input on stdin 2025-10-05 20:35:03 +00:00
ed efd19af7ca new hook: granular ramdisk detection 2025-10-05 00:13:34 +00:00
ed aace711eb9 unvendorable surrogateescape (#887); 
stolen/surrogateescape.py can be deleted;
this file is only necessary for python2 compatibility
 2025-10-04 22:10:34 +00:00
ed 656f0a6c39 unvendorable ifaddr (#887); 
stolen/ifaddr/ can be deleted and replaced with system lib;
this is safe and will not affect any functionality
 2025-10-04 21:33:01 +00:00
ed 41ed559faa hooks: import-flag 2025-10-04 13:32:26 +00:00
ed 470b504843 raster favicons; closes #383, #473 2025-09-29 21:50:13 +00:00
ed 1193f9ba6c stop binary garbage from hitting logs 2025-09-28 19:29:18 +00:00
ed eb5d767b01 MTHash: fully preserve exception info 2025-09-27 19:28:41 +00:00
ed e187df28f2 fix markdown-expand example 2025-09-26 23:50:19 +00:00
ed 6912e86747 loud warning on EIO (HDD/FS trouble) (#851) 2025-09-25 23:18:09 +00:00
ed 5e4ff90b1c config-loader: support utf8-bom 2025-09-23 20:00:45 +00:00
ed 6559152882 add free-threading suffix to version dump 2025-09-19 21:27:13 +00:00
ed 478f1c764e logging: limit/disable fs-indexing progress 2025-09-19 21:05:42 +00:00
ed 3a2381ff2d webdav: fix depth:0 in rootless vfs; 
also safeguards against potential issues with invalid
paths if the api is used incorrectly from a plugin
 2025-09-14 23:27:33 +00:00
ed c03b332ec0 linter fixes 2025-09-14 23:18:34 +00:00
ed e09f3c9e2c shutil: ignore errors from copystat in copy2; 
ntfs on linux can be picky about cloning mtime onto a new file;
generally we don't care if that fails, however, we also want the
speedup that CopyFile2 can offer, so cannot use copyfile directly

this avoids the following issue:

up2k:3537 <_symlink>: shutil.copy2(fsenc(csrc), fsenc(dst))
shutil:437 <copy2>: copystat(src, dst, follow_symlinks=follow_sym[...]
shutil:376 <copystat>: lookup("utime")(dst, ns=(st.st_atime_ns, s[...]
[PermissionError] [Errno 1] Operation not permitted, '/windows/videos'
 2025-09-08 20:21:12 +00:00
ed 74821a38ad speed 2025-09-05 20:38:04 +00:00
ed 48d6224ec8 url-param "dl" downloads file 2025-08-24 20:54:28 +00:00
ed d39c74c126 fix fe80 assumption; 
IPv6 link-local is fe80::/10, not just fe80
 2025-08-22 21:43:31 +00:00
ed 4df033ecc3 [DB-V6]: store usernames; closes #530 2025-08-15 21:33:13 +00:00
ed 62e072a2ed restrict account to ip/subnet; closes #397 2025-08-15 20:12:17 +00:00
Adam R. Nelson 0177a9b402
Add RAW file thumbnailing support via rawpy (#567) 
* add RAW image file types to mimetype list
* add RAW thumbnailer via rawpy

---------

Signed-off-by: Adam R. Nelson <adam@nels.onl>
Signed-off-by: ed <s@ocv.me>
 2025-08-11 17:28:01 +00:00
ed 346515ccf1 add optional username login; closes #511 2025-08-07 20:29:44 +00:00
ed 8b31ed8816 text-editor: optional EOL conversion; closes #513 2025-08-07 19:11:28 +00:00
ed 09910ba807 fix GHSA-5662-2rj7-f2v6 ; 
an unauthenticated user could make the server inaccessible by
accessing the recent-uploads page and using an expensive filter

fixed by making the filter not regex-based,
only supporting bare-minimum anchoring (^foo bar$)
 2025-08-01 20:42:49 +00:00
ed c17ce4892e fix pkgres on older python3 versions 2025-07-31 08:32:52 +00:00
ed 13d5631b48 more escapes in case 2025-07-30 21:26:27 +00:00
ed a8705e611d fix GHSA-8mx2-rjh8-q3jq ; 
this fixes a DOM-Based XSS in the recent-uploads page:

it was possible to execute arbitrary javascript by
tricking someone into visiting `/?ru&filter=</script>`

huge thanks to @Ju0x for finding and reporting this!
 2025-07-30 21:19:39 +00:00
ed b7ca6f4a66 try to fix #300 
the importlib stuff broke early versions of py2.7
 2025-07-30 21:07:47 +00:00
ed 4f1eb89382 just moving some stuff around, not foreshadowing 2025-07-30 21:05:37 +00:00
ed f195998865 per-volume uid/gid; closes #265 2025-07-30 19:35:00 +00:00
ed a9d07c63ed disable libmagic on windows; probably closes #276 2025-07-30 18:02:11 +00:00
Jo c3cc2ddeae
diskfree without root-reserved space (#285) 
Signed-off-by: Jo <141064017+Arklaum@users.noreply.github.com>
 2025-07-29 20:24:17 +00:00
ed 5c6341e99f disk-info: both free+total on windows too (#272) 2025-07-29 20:03:42 +00:00
ed ca6d0b8d5e SameSite=Strict as default; closes #189 2025-07-27 18:18:49 +00:00
ed df6d4df4f8 fix filekeys on windows 2025-07-24 23:07:04 +00:00