mirrors/copyparty
1
0
Fork 0
mirror of https://github.com/9001/copyparty.git synced 2025-08-17 17:12:13 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity
3681 commits 4 branches 344 tags 55 MiB
Commit graph

748 commits

Author SHA1 Message Date
ed d0eb014c38 improve applefilters + add missing newline in curl 404 
* webdav: extend applesan regex with more stuff to exclude
* on macos, set applesan as default `--no-idx` to avoid indexing them
   (they didn't show up in search since they're dotfiles, but still)
 2024-01-12 00:13:35 +01:00
ed 024303592a improved logging when a client dies mid-POST; 
igloo irc has an absolute time limit of 2 minutes before it just
disconnects mid-upload and that kinda looked like it had a buggy
multipart generator instead of just being funny

anticipating similar events in the future, also log the
client-selected boundary value to eyeball its yoloness
 2024-01-10 23:59:43 +00:00
ed 86419b8f47 suboptimizations and some future safeguards 2024-01-10 23:20:42 +01:00
ed 9bc09ce949 accept file POSTs without specifying the act field; 
primarily to support uploading from Igloo IRC but also generally useful
(not actually tested with Igloo IRC yet because it's a paid feature
so just gonna wait for spiky to wake up and tell me it didn't work)
 2024-01-08 19:09:53 +00:00
ed 829c8fca96 curl/CLI-friendly 403/404 2023-12-31 17:20:45 +00:00
ed 5b26ab0096 add option to specify default num parallel uploads 2023-12-28 01:41:17 +01:00
ed 59688bc8d7 * rename hdr-au-usr to idp-h-usr 
* ensure lowercase idp-h-*, xff-hdr
* more macos support in tooling
 2023-12-24 13:46:12 +01:00
ed 374c535cfa fix cors-checker so it behaves like the readme says; 
any custom header (`pw` in our case) is sufficient validation
 2023-12-20 20:03:08 +00:00
ed ac7815a0ae ensure file can be opened before replying 200 and... 
* make gen_tree 0.1% faster
* improve filekey warning message
* fix oversight in 0c50ea1757
* support `--xdev` on windows (the python docs mention that os.scandir
   doesn't assign st_ino, st_dev and st_nlink on win but i can't read)
 2023-12-20 01:07:45 +00:00
ed 10bc2d9205 unsuccessful attempt at dirkeys (#64) 2023-12-17 22:30:22 +00:00
ed 0c50ea1757 list dotfiles only for specific volumes or users (#66): 
* permission `.` grants dotfile visibility if user has `r` too
* `-ed` will grant dotfiles to all `r` accounts (same as before)
* volflag `dots` likewise

also drops compatibility for pre-0.12.0 `-v` syntax
(`-v .::red` will no longer translate to `-v .::r,ed`)
 2023-12-16 15:38:48 +00:00
ed 842817d9e3 improve handling of malicious clients; 
* start banning malicious clients according to --ban-422
* reply with a blank 500 to stop firefox from retrying like 20 times
* allow Cc's in a few specific URL params (filenames, dirnames)
 2023-12-01 23:08:16 +00:00
ed c2f92cacc1 mention the new auth feature 2023-11-30 23:01:05 +00:00
ed 00812cb1da new option --ipa; client IP allowlist: 
connections from outside the specified list of IP prefixes are rejected
(docker-friendly alternative to -i 127.0.0.1)

also mkdir any missing folders when logging to file
 2023-11-30 20:45:43 +00:00
ed ccab44daf2 initial support for identity providers (#62): 
add argument --hdr-au-usr which specifies a HTTP header to read
usernames from; entirely bypasses copyparty's password checks
for http/https clients (ftp/smb are unaffected)

users must exist in the copyparty config, passwords can be whatever

just the first step but already a bit useful on its own,
more to come in a few months
 2023-11-30 18:18:47 +00:00
ed 8c52b88767 make linters happier 2023-11-30 17:33:07 +00:00
ed b7723ac245 rely on filekeys for album-art over bluetooth; 
will probably fail when some devices (sup iphone) stream to car stereos
but at least passwords won't end up somewhere unexpected this way
(plus, the js no longer uses the jank url to request waveforms)
 2023-11-29 23:20:59 +00:00
ed ee3333362f v1.9.17 2023-11-11 17:38:43 +00:00
ed dabdaaee33 v1.9.16 2023-11-04 21:58:01 +00:00
ed 4b720f4150 add more prometheus metrics; breaking changes: 
* cpp_uptime is now a gauge
* cpp_bans is now cpp_active_bans (and also a gauge)

and other related fixes:
* stop emitting invalid cpp_disk_size/free for offline volumes
* support overriding the spec-mandatory mimetype with ?mime=foo
 2023-11-04 20:32:34 +00:00
ed 713fffcb8e also mkdir missing intermediates, 
unless requester is a webdav client (those expect a 409)
 2023-11-03 23:23:49 +00:00
ed 8020b11ea0 improve/simplify validation/errorhandling: 
* some malicious requests are now answered with HTTP 422,
   so that they count against --ban-422
* do not include request headers when replying to invalid requests,
   in case there is a reverse-proxy inserting something interesting
 2023-11-03 23:07:16 +00:00
ed 1f75314463 placeholder expansion in readme and logues; closes #56 
also fixes the "scan" volflag which broke in v1.9.14
 2023-10-24 16:37:32 +00:00
ed fc658e5b9e utcfromtimestamp was deprecated and nobody told me, 
not even the deprecationwarning that got silently generated burning
20~30% of all CPU-time without actually displaying it anywhere, nice

python 3.12.0 is now only 5% slower than 3.11.6

also fixes some other, less-performance-fatal deprecations
 2023-10-20 23:41:58 +00:00
ed 801da8079b only 404-ban accounts with permission [gGh]: 
never bonk anyone with read-access (able to see directory-listing)
or write-only (not able to retrieve any files at all) due to
either --ban-404 or --ban-url

fixes accidental ban when webdav-uploading files which
match any of the --ban-url patterns (#55)

also default-enables --ban-404 since it is now generally safe
(even when up2k is in turbo mode), plus make turbo smart enough to
disengage when necessary
 2023-10-18 22:14:09 +00:00
ed 4b5a0787ab option to show upload timestamps in directory listing; 
enable with -mte +.ip_at
or volflag mte=+.ip_at

worst-case performance impact: 18%
 2023-10-17 17:51:27 +00:00
ed 2df76eb6e1 client decides if thumbnails should be cropped or not 
this carries some intentional side-effects; each thumbnail format will
now be stored in its own subfolder under .hist/th/ making cleanup more
effective (jpeg and webm are dropped separately)
 2023-10-15 10:21:25 +00:00
ed dc2b67f155 ui-button to use upload-time instead of local last-modified 2023-10-15 08:46:23 +00:00
ed 9f32e9e11d set default sort order; --sort or volflag "sort" 2023-10-14 22:17:37 +00:00
ed 575615ca2d slight refactor; 7% faster, 1% more maintainable 2023-10-14 09:54:49 +00:00
ed e4001550c1 v1.9.11 2023-10-09 00:36:54 +00:00
ed 8f2d502d4d configurable printing of failed login attempts 2023-10-08 20:41:02 +00:00
ed 2ae93ad715 clear response headers for each request 2023-10-08 20:38:51 +00:00
ed 0dc3c23b42 add alternative filekey generator; closes #52 2023-10-06 13:41:22 +00:00
ed 163e3fce46 improve reverse-proxy support when containerized: 
the x-forwarded-for header would get rejected since the reverse-proxy
is not asking from 127.0.0.1 or ::1, so make this allowlist configurable
 2023-09-22 22:39:20 +00:00
ed c47047c30d configurable real-ip header from reverse proxy 2023-09-20 21:56:39 +00:00
ed 3d9fb753ba stuff 2023-09-08 21:42:05 +00:00
ed 714fd1811a add option to generate pax-format tar archives 
and forgot to commit the nix module
 2023-09-08 21:13:23 +00:00
ed 4364581705 fix accidental 422-ban when uploading lots of dupes 2023-09-08 19:49:29 +00:00
ed 11eefaf968 create / edit non-markdown textfiles (if user has delete-access) 
also enables the ansi escape code parser if the text looks like ansi
 2023-09-08 18:47:31 +00:00
ed 5a968f9e47 add permission 'h': folders redirect to index.html; 
safest way to make copyparty like a general-purpose webserver where
index.html is returned as expected yet directory listing is entirely
disabled / unavailable
 2023-09-07 23:30:01 +00:00
ed 0f9877201b support cache directives in --css-browser, --js-browser; 
for example --css-browser=/the.css?cache=600 (seconds)
or --js-browser=/.res/the.js?cache=i (7 days)
 2023-09-03 19:50:31 +00:00
ed cadaeeeace v1.9.4 2023-09-02 00:18:53 +00:00
ed 767696185b add ?tar=gz, ?tar=bz2, ?tar=xz with optional level; 
defaults are ?tar=gz:3, ?tar=bz2:9, ?tar=xz:1
 2023-09-01 23:44:10 +00:00
ed b8adeb824a misc http correctness; 
some of this looks shady af but appears to have been harmless
(decent amount of testing came out ok)

* some location normalization happened before unquoting; however vfs
   handled this correctly so the outcome was just confusing messages
* some url parameters were double-decoded (unpost filter, move
   destinations), causing some operations to fail unexpectedly
* invalid cache-control headers could be generated,
   but not in a maliciously-beneficial way
   (there are safeguards stripping newlines and control-characters)

also adds an exception-message cleanup step to strip away the
filesystem path that copyparty's python files are located at,
in case that could be interesting knowledge
 2023-08-31 21:51:58 +00:00
ed c1c8dc5e82 ok lets try that again 2023-08-26 19:07:23 +00:00
ed 5a38311481 mark offline volumes in directory tree sidebar 2023-08-26 19:00:46 +00:00
ed c5a6ac8417 persist dotfile preference as cookie for initial listing 2023-08-26 15:50:57 +00:00
ed 50e01d6904 add more autoban triggers: 
* --ban-url: URLs which 404 and also match --sus-urls (bot-scan)
* --ban-403: trying to access volumes that dont exist or require auth
* --ban-422: invalid POST messages, fuzzing and such
* --nonsus-urls: regex of 404s which  shouldn't trigger --ban-404

in may situations it makes sense to handle this logic inside copyparty,
since stuff like cloudflare and running copyparty on another physical
box than the nginx frontend is on becomes fairly clunky
 2023-08-26 13:52:24 +00:00
ed 9fb9ada3aa dont whine about inaccessible root on rootless configs, 
and make it easier for on403 to invoke the homepage-redirect
 2023-08-25 18:33:15 +00:00
ed cafe53c055 v1.9.0 2023-08-20 22:02:40 +00:00
ed fc0405c8f3 add prometheus metrics; closes #49 2023-08-20 17:58:06 +00:00
ed 1b7634932d tar/zip-download: add opus transcoding filter 2023-08-19 19:40:46 +00:00
ed 474d5a155b android's got hella strict filename rules 2023-08-15 06:46:57 +02:00
ed 4f80e44ff7 option to exactly specify browser title prefix 2023-08-15 03:17:01 +02:00
ed bee26e853b show server hostname in html titles: 
* --doctitle defines most titles, prefixed with "--name: " by default
* the file browser is only prefixed with the --name itself
* --nth ("no-title-hostname") removes it
* also removed by --nih ("no-info-hostname")
 2023-08-14 23:50:13 +02:00
ed 999ee2e7bc v1.8.8 2023-07-25 15:50:48 +00:00
ed 3966266207 remember ?edit and trailing-slash during login redirect 2023-07-25 15:14:47 +00:00
ed d03e96a392 html5 strips the first leading LF in textareas; stop it 2023-07-25 14:16:54 +00:00
ed 4c843c6df9 fix md-editor lastmod cmp when browsercache is belligerent 2023-07-25 14:06:53 +00:00
ed 8d376b854c this is the wrong way around 2023-07-23 14:10:23 +00:00
ed 490c16b01d be even stricter with ?hc 2023-07-23 13:23:52 +00:00
ed 2437a4e864 the CVE-2023-37474 fix was overly strict; loosen 2023-07-23 11:31:11 +00:00
ed 007d948cb9 fix GHSA-f54q-j679-p9hh: reflected-XSS in cookie-setters; 
it was possible to set cookie values which contained newlines,
thus terminating the http header and bleeding into the body.

We now disallow control-characters in queries,
but still allow them in paths, as copyparty supports
filenames containing newlines and other mojibake.

The changes in `set_k304` are not necessary in fixing the vulnerability,
but makes the behavior more correct.
 2023-07-23 10:55:08 +00:00
ed 9eaa9904e0 v1.8.6 2023-07-21 00:36:37 +00:00
ed 0778da6c4d fix GHSA-cw7j-v52w-fp5r: reflected-XSS through /?hc 2023-07-21 00:35:43 +00:00
ed 1441ccee4f v1.8.4 2023-07-18 07:46:22 +00:00
ed f2f5e266b4 support listing uploader IPs in d2t volumes 2023-07-15 18:50:35 +00:00
ed e17bf8f325 require the new admin permission for the admin-panel 2023-07-15 18:39:41 +00:00
ed 043e3c7dd6 fix traversal vulnerability GHSA-pxfv-7rr3-2qjg: 
the /.cpr endpoint allowed full access to server filesystem,
unless mitigated by prisonparty
 2023-07-14 15:55:49 +00:00
ed 22fc4bb938 add event-hook for banning users 2023-07-13 22:29:32 +00:00
ed 50c7bba6ea volflag "nohtml" to never return html or rendered markdown from potentially unsafe volumes 2023-07-13 21:57:52 +00:00
ed 551d99b71b add permission "a" to show uploader IPs (#45) 2023-07-12 21:36:55 +00:00
ed 5d8cb34885 404/403 can be handled with plugins 2023-07-07 21:33:40 +00:00
ed e197895c10 support hashed passwords; closes #39 2023-06-25 21:50:33 +00:00
ed cb75efa05d md-editor: index file and trigger upload hooks 2023-06-20 18:11:35 +00:00
ed 8b0cf2c982 volflags to limit volume size / num files; closes #40 2023-06-19 00:42:45 +00:00
ed 9c28ba417e option to regex-exclude files in browser listings 2023-06-02 21:54:25 +00:00
ed 025a537413 add option to show thumbs by default; closes #31 2023-06-02 18:41:21 +00:00
ed d979c47f50 optimize clearTimeout + always shrink upload panes after completion + fix GET alignment 2023-05-12 20:46:45 +00:00
ed 04c86e8a89 webdav: support write-only folders + force auth option 2023-05-06 20:33:29 +00:00
ed bc0cb43ef9 include usernames in request logs 2023-05-06 20:17:56 +00:00
ed 4ee81af8f6 support ';' in passwords 2023-05-06 18:54:55 +00:00
ed 544e0549bc make xvol and xdev apply at runtime (closes #24): 
* when accessing files inside an xdev volume, verify that the file
   exists on the same device/filesystem as the volume root

* when accessing files inside an xvol volume, verify that the file
   exists within any volume where the user has read access
 2023-04-29 21:10:02 +00:00
ed 83178d0836 preserve empty folders (closes #23): 
* when deleting files, do not cascade upwards through empty folders
* when moving folders, also move any empty folders inside

the only remaining action which autoremoves empty folders is
files getting deleted as they expire volume lifetimes

also prevents accidentally moving parent folders into subfolders
(even though that actually worked surprisingly well)
 2023-04-29 11:30:43 +00:00
ed cb6de0387d a bit faster 2023-04-26 19:56:27 +00:00
ed 55c74ad164 30% faster folder listings (wtf...) 2023-04-26 18:55:53 +00:00
ed 673b4f7e23 option to show symlink's lastmod instead of deref; 
mainly motivated by u2cli's folder syncing in turbo mode
which would un-turbo on most dupes due to wrong lastmod

disabled by default for regular http listings
(to avoid confusion in most regular usecases),
enable per-request with urlparam lt

enabled by default for single-level webdav listings
(because rclone hits the same issue as u2cli),
can be disabled with arg --dav-rt or volflag davrt

impossible to enable for recursive webdav listings
 2023-04-26 18:54:21 +00:00
ed 03193de6d0 socket read/write timeout 2023-04-24 20:04:22 +00:00
ed fdd6f3b4a6 tar/zip: use volume name as toplevel fallback 2023-04-23 20:55:34 +00:00
ed 42099baeff v1.6.12 2023-04-20 21:41:47 +00:00
ed 6acf436573 u2idx pool instead of per-socket; 
prevents running out of FDs thanks to thousands of sqlite3 sessions
and neatly sidesteps what could possibly be a race in python's
sqlite3 bindings where it sometimes forgets to close the fd
 2023-04-20 20:36:13 +00:00
ed f217e1ce71 correctly ignore multirange requests 2023-04-20 19:14:38 +00:00
ed c8938fc033 fix ipv4 location header on dualstack 2023-04-14 14:06:44 +02:00
ed e2bc573e61 webdav correctness: 
* generally respond without body
   (rclone likes this)
* don't connection:close on most mkcol errors
 2023-03-23 23:25:00 +00:00
ed 5ac2c20959 basic support for rclone sync 2023-03-20 21:17:53 +00:00
ed bb72e6bf30 support propfind of files (not just dirs) 2023-03-20 20:58:51 +00:00
ed d8142e866a accept last-modified from owncloud webdav extension 2023-03-20 20:28:26 +00:00
ed 8a09601be8 url-param ?v disables index.html 2023-03-16 20:52:43 +00:00
ed bba8a3c6bc fix truncated search results 2023-03-16 20:12:13 +00:00
ed be7bb71bbc add option to show index.html instead of listing 2023-03-16 19:41:33 +00:00
ed b0cc396bca v1.6.8 2023-03-12 16:10:07 +00:00
ed 2be2e9a0d8 index folder thumbs in db 2023-03-11 11:43:29 +00:00
ed 9270c2df19 evict basic-browser from crawlers 2023-03-09 21:35:07 +00:00
ed c98fff1647 fix chunkpost-handshake race (affects --no-dedup only); 
a handshake arriving in the middle of the final chunk could cause
dupes to become empty -- worst case leading to loss of data
 2023-03-05 19:45:50 +00:00
ed 43ff2e531a add deadline for filling data into a reserved filename 2023-02-26 19:13:35 +00:00
ed 7ea183baef let http thread handle upload verification plugins 2023-02-26 19:07:49 +00:00
ed 4de028fc3b let controlpanel rescan button override lack of e2dsa 2023-02-26 18:27:10 +00:00
ed 604e5dfaaf improve error handling / messages 2023-02-26 18:26:13 +00:00
ed 05e0c2ec9e add xiu (batching hook; runs on idle after uploads) + 
bunch of tweaks/fixes for hooks
 2023-02-26 18:23:32 +00:00
ed 6deaf5c268 add jitter simlation 2023-02-20 21:34:30 +00:00
ed 14ad5916fc freebsd: fancy console listing for fetch 2023-02-19 22:14:21 +00:00
ed 292ce75cc2 return to previous url after login 2023-02-19 19:58:15 +00:00
ed 96d6bcf26e if non-TLS, show warning in the login form 2023-02-17 22:49:03 +00:00
ed 6eba9feffe condense uploads listing on view change 2023-02-14 21:58:15 +00:00
ed b0db14d8b0 indicate forced-randomized filenames 2023-02-04 15:18:09 +00:00
ed 190ccee820 add optional version number on controlpanel 2023-02-04 13:41:34 +00:00
ed 1e20eafbe0 volflag to randomize all upload filenames 2023-02-01 21:58:01 +00:00
ed d8dfc4ccb2 support davfs2 LOCK (uploads) + misc windows support + logue filtering 2023-01-31 18:53:38 +00:00
ed e413007eb0 hide dotfiles from search results by default 2023-01-31 18:13:33 +00:00
ed 8b62aa7cc7 unlink files before replacing them 
to avoid hardlink-related surprises
 2023-01-31 17:17:18 +00:00
ed 707a940399 add nofollow to zip links 2023-01-29 22:10:03 +00:00
ed 37a690a4c3 fix cookie + rproxy oversights 2023-01-29 18:34:48 +00:00
ed c2ace91e52 v1.6.0 2023-01-29 02:55:44 +00:00
ed c50cb66aef sandboxed other-origin iframes dont cache css 2023-01-28 23:40:25 +00:00
ed d4c5fca15b sandbox readme.md / prologue / epilogue 2023-01-28 21:24:40 +00:00
ed 75cea4f684 misc 2023-01-28 13:35:49 +00:00
ed 82f98dd54d delete/move is now POST 2023-01-28 01:02:50 +00:00
ed 741d781c18 add cors controls + improve preflight + pw header 2023-01-28 00:59:04 +00:00
ed 31101427d3 support downloading blockdev contents 2023-01-27 21:09:57 +00:00
ed ead31b6823 add eventhook sanchecks 2023-01-25 20:51:02 +00:00
ed 4310580cd4 separate http/https logins (breaks ie4 / win3.11 login) 2023-01-24 21:23:57 +00:00
ed f8e3e87a52 add event hooks 2023-01-22 23:35:31 +00:00
ed 664665b86b fix some location-rproxy bugs 2023-01-19 22:26:24 +00:00
ed b0e755d410 give curl colored (yet sortable) plaintext listings 2023-01-17 23:22:43 +00:00
ed 18942ed066 location-based rproxy fixes 2023-01-16 20:09:45 +00:00
ed 71bd306268 fix unpost filters with slashes 2023-01-13 17:56:32 +00:00
ed 447ed5ab37 windows fixes 2022-12-12 21:59:50 +00:00
ed 7fd1d6a4e8 rename --webroot to --rp-loc and fix related bugs 2022-12-11 21:09:50 +00:00
ed 19cd96e392 cleanup + optimizations 2022-12-11 14:16:51 +00:00
ed db194ab519 support location-based rproxy 2022-12-10 23:43:31 +00:00
ed 56b73dcc8a up2k: add option to replace existing file 2022-12-10 19:22:16 +00:00
ed 01e2681a07 davfs2 requires realm 2022-12-09 17:59:24 +00:00
ed 06fa78f54a windows: set .hist folder hidden 2022-12-07 22:56:30 +00:00
ed 9b0f519e4e switch to wal for ~2x faster uploads 2022-12-07 20:52:17 +00:00
ed 9a28afcb48 custom mediaplayer-toggle cursor 2022-12-05 19:46:48 +00:00
ed 45b701801d fix ssdp xml escaping + target url 2022-12-05 19:13:47 +00:00
ed cd9cafe3a1 v1.5.0 2022-12-03 20:45:49 +00:00
ed 7c76d08958 drop one of the slowloris detectors 2022-12-02 17:53:23 +00:00
ed 2997baa7cb better recovery from i/o errors 2022-11-28 22:06:31 +00:00
ed d3fe19c5aa misc fixes 2022-11-28 20:25:32 +00:00
ed 6a96c62fde ok windows is just gonna have to make do 2022-11-27 22:05:38 +00:00
ed c1315a3b39 webdav: misc fixes 2022-11-26 20:06:48 +00:00
ed f0e78a6826 add landing page with mounting instructions 2022-11-26 19:47:27 +00:00
ed 5cd9d11329 add ssdp responder 2022-11-22 21:40:12 +00:00
ed 5a3e504ec4 uninvent a square wheel 2022-11-22 19:12:41 +00:00
ed ec587423e8 show/hide tagsearch ui based on folder flags 2022-11-20 23:30:01 +00:00
ed b3eb117e87 add mdns zeroconf announcer 2022-11-13 20:05:16 +00:00
ed c72753c5da add native ipv6 support 2022-11-06 16:48:05 +00:00
ed 89d1f52235 cursory slowloris / buggy-webdav-client detector 2022-11-01 22:18:20 +00:00
ed 3312c6f5bd autoclose connection-flooding clients 2022-10-31 22:42:47 +00:00
ed c2f4090318 webdav: mute some macos spam 2022-10-30 17:45:28 +00:00
ed 62499f9b71 webdav: more sensible overwrite logic 2022-10-30 17:13:06 +00:00
ed 89cf7608f9 webdav: help windows deal with read-only volumes 2022-10-30 17:11:43 +00:00
ed dd26b8f183 webdav: bump chunksize from 2048 to 32760 byte 2022-10-30 16:53:15 +00:00
ed 79303dac6d webdav: default-disable recursive listing 2022-10-30 16:47:20 +00:00
ed 4203fc161b misc 2022-10-30 16:31:04 +00:00
ed edad3246e0 make pylance happier 2022-10-29 20:40:25 +00:00
ed f14369e038 webdav: mkdir semantics 2022-10-24 14:09:09 +02:00
ed cce57b700b fix range-request on empty files 2022-10-24 03:26:32 +02:00
ed 5b6194d131 stop win10-webdav from flooding the server 2022-10-24 02:33:23 +02:00
ed 2701238cea reply raw markdown unless ?v 2022-10-24 02:10:07 +02:00
ed 835f8a20e6 default-enable webdav 2022-10-23 23:37:32 +02:00
ed f3a501db30 add SMB/CIFS server 2022-10-23 23:08:00 +02:00
ed 947dbb6f8a webdav mimetypes based on file extensions (for gnome) 2022-10-22 02:08:19 +02:00
ed 1c2fedd2bf let webdav replace empty files when sufficiently safe 2022-10-22 01:31:18 +02:00
ed 32e826efbc catch and discard macos metadata files 2022-10-22 01:15:54 +02:00
ed 138b932c6a add webdav move/delete 2022-10-22 00:04:51 +02:00
ed 20eeacaac3 add webdav write support + fix http 200/201 2022-10-21 18:47:48 +02:00
ed 81d896be9f webdav notes 2022-10-19 15:52:19 +02:00
ed 20c6b82bec replace magic numbers with errno.* 2022-10-19 15:21:48 +02:00
ed fe57321853 correct 401/403 usage for webdav 2022-10-18 20:29:06 +02:00
ed 8510804e57 initial webdav support 2022-10-18 19:36:52 +02:00
ed e788f098e2 dont fallback to icons for waveforms 2022-10-09 00:38:56 +02:00
ed 12219c1bea more fun with symlinks 2022-10-08 21:08:51 +02:00
ed 78fa96f0f4 add unpost sanchk 2022-10-08 18:23:41 +02:00
ed 2a5a4e785f include filekeys in unpost list 2022-10-08 01:18:27 +02:00
ed d8bddede6a new permission G returns filekey on write-only uploads 2022-10-08 01:17:41 +02:00
ed dbb3edec77 print qr-code on startup 2022-10-07 00:47:26 +02:00
ed abb3224cc5 option to save a copy of corrupted uploads 2022-09-26 22:01:49 +02:00
ed e00e80ae39 v1.4.2 2022-09-25 14:36:10 +02:00
ed a286cc9d55 fix printing big unicode messages 2022-09-25 14:04:35 +02:00
ed 1d367a0da0 cleanup 2022-09-23 20:37:37 +02:00
ed 32e71a43b8 reinvent fail2ban 2022-09-21 22:27:20 +02:00
ed 0b87a4a810 allow setting lifetimes from up2k ui 2022-09-19 23:49:07 +02:00
ed 9401b5ae13 add filetype detection for nameless uploads 2022-09-18 17:30:57 +02:00
ed 09cea66aa8 add ability to set lifetime per-file during upload 2022-09-18 13:12:38 +02:00
ed 13cc33e0a5 support random filenames in bup too 2022-09-18 01:03:38 +02:00
ed fad1449259 drop the redundant request for folders on navigation 2022-09-17 21:39:44 +02:00
ed 3108139d51 30% faster tags listing 2022-09-17 19:36:42 +02:00
ed 2ae99ecfa0 new upload modifiers: 
* terse upload responser
* randomize filenames
 2022-09-17 14:48:53 +02:00
ed 0dbeb010cf fix symlinked filekeys 2022-09-16 21:41:17 +02:00
ed 1684d05d49 dont crash chrome with too many unique SVGs 2022-09-11 11:47:26 +02:00
ed 0006f933a2 hmac uploader-ip when avoiding filename collisions 2022-09-11 08:27:45 +02:00
ed 0484f97c9c stop writing upload-summary textfiles, 
can be reenabled with --write-uplog
 2022-09-10 22:07:10 +02:00
ed e430b2567a add pyoxidizer (windows-only) 2022-09-10 17:33:04 +02:00
ed 635ab25013 up2k.js: defer worker startup until needed 2022-09-05 00:55:52 +02:00
ed 799cf27c5d restore .bin-suffix for nameless PUT/POSTs 
disappeared in v1.0.11
 2022-09-03 19:59:59 +02:00
ed f727d5cb5a new cloudflare memes, thx nh 2022-08-09 09:00:22 +02:00
ed 1c3894743a fix filekeys inside symlinked volumes 2022-08-02 20:26:51 +02:00
ed dac2fad48e v1.3.8 2022-07-27 16:07:26 +02:00
ed e24ffebfc8 indicate write-activity on splashpage 2022-07-27 14:53:15 +02:00
ed 4a76663fb2 ensure free disk space 2022-07-17 22:33:08 +02:00
ed 3fa377a580 sqlite diag 2022-07-16 20:43:26 +02:00
ed c2b66bbe73 add potato mode 2022-07-14 02:33:35 +02:00
ed a3431512d8 push queue/status info to server 2022-07-12 21:22:02 +02:00
ed d832b787e7 upload smallest-file-first by default 2022-07-12 20:48:38 +02:00
ed dded4fca76 option to specify favicon + default-enable it 2022-07-05 00:06:22 +02:00
ed d8ebcd0ef7 lol dpi 2022-07-04 22:13:28 +02:00
ed 6e445487b1 satisfy cloudflare DDoS protection 2022-07-03 16:04:28 +02:00
ed 4083533916 vt100 listing: reset color at eof 2022-06-29 22:41:51 +02:00
ed a473e5e19a always include custom css/js 2022-06-27 17:24:30 +02:00
ed 917b6ec03c naming 2022-06-19 22:58:20 +02:00
ed fe67c52ead configurable list of sparse-supporting filesystems + 
close nonsparse files after each write to force flush
 2022-06-19 22:38:52 +02:00
ed 2147c3a646 run markdown plugins in directory listings 2022-06-19 18:17:22 +02:00
ed 190e11f7ea update deps + misc 2022-06-16 21:43:40 +02:00
ed ad7413a5ff add .PARTIAL suffix to bup uploads too + 
aggressive limits checking
 2022-06-16 21:00:41 +02:00
ed 903b9e627a ux snappiness + keepalive on http-1.0 2022-06-16 20:33:09 +02:00
ed 728dc62d0b optimize nonsparse uploads (fat32, exfat, hpfs) 2022-06-16 17:51:42 +02:00
ed 438384425a add types, isort, errorhandling 2022-06-16 01:07:15 +02:00
ed fe73f2d579 cleanup 2022-06-07 23:08:43 +02:00
ed 4c4b3790c7 fix read-spin on d/c during json post + errorhandling 2022-06-07 19:02:52 +02:00
ed e7cd922d8b translate splashpage and search too 2022-05-15 13:20:52 +02:00
ed 187feee0c1 add norwegian translation 2022-05-14 23:25:40 +02:00
ed 23e4b9002f support ?doc=mojibake 2022-05-13 18:10:55 +02:00
ed 67c298e66b don't embed huge docs (defer to ajax), closes #9 2022-05-13 17:08:17 +02:00
ed 0143380306 help the query planner 2022-05-13 01:41:39 +02:00
ed 2f2c65d91e improve up2k error messages 2022-05-07 22:15:09 +02:00
ed 0a1d9b4dfd nevermind, not reliable when rproxied 2022-05-01 22:35:34 +02:00
ed b50d090946 add logout on inactivity + related errorhandling 2022-05-01 22:12:25 +02:00
ed 24cb30e2c5 support login from ie4 / win3.11 2022-05-01 11:42:19 +02:00
ed 4549145ab5 fix filekeys in basic-html browser 2022-05-01 11:29:51 +02:00
ed 7755392f57 redirect to webroot after login 2022-04-30 18:15:09 +02:00
ed 125d0efbd8 good stuff 2022-04-29 02:06:56 +02:00
ed f9c159a051 add option to force up2k turbo + hide warning 2022-04-28 21:57:37 +02:00
ed 2ab1325c90 add option to load more search results 2022-04-28 21:55:01 +02:00
ed 9269bc84f2 skip more stuff windows doesn't like 2022-04-28 10:31:10 +02:00
ed f5d6ba27b2 handle invalid headers better 2022-04-27 22:30:19 +02:00
ed 73fa70b41f fix mostly-harmless xss 2022-04-27 22:29:16 +02:00
ed 2a1cda42e7 avoid deadlocks on windows 2022-04-27 22:27:49 +02:00