Commit graph

95 commits

Author SHA1 Message Date
Alexey Kostin
1eecc22fb3
Normalize upload file name (#606)
* Generate secure token using crypto rand

* Normalize names of uploaded files

* revert token.go accidentally added to commit

* better input filename normalization using transfrom chain

* remove unused line

---------

Co-authored-by: Alexey Kostin <a.kostin@corp.mail.ru>
Co-authored-by: Andrea Spacca <andrea.spacca@gmail.com>
2024-03-20 09:02:57 +09:00
Andrea Spacca
45e2654036
fix basic auth (#564)
* fix basic auth

* better logic
2023-06-06 19:59:21 +09:00
Natalí Paura
bafbf0c1a0
Improve purgeTime display in web page (#558)
- changing the line `purgeTime = s.purgeDays.String()` to use a function that formats the days like this: "N days" or "1 day"
- adding the function `formatDurationDays` in utils.go file

Fixes #557

Co-authored-by: Andrea Spacca <andrea.spacca@gmail.com>
2023-05-19 19:01:54 +09:00
Junoh Moon
e837849d44
Add charset to content type in getHandler (#545)
Add charset to content type in the getHandler function to fix CJK-letter related issues.
If the content type is empty after trimming, set it to "text/plain; charset=utf-8".
2023-04-29 20:07:52 +09:00
Andrea Spacca
a5dacb36a9
call WriteHeader after last change to header map (#542)
* call WriteHeader after last change to header map

* fix reader/decryptionReader
2023-04-05 23:30:58 +09:00
Kot
3dcbfe2e4d
Add Vary headers in responses (#536)
* Add `Vary` headers in responses

* Add `Referer` to file handler `Vary`

* Fix Vary value for routes
2023-03-16 10:25:46 +09:00
Andrea Spacca
1fb67f49ff
add IP_FILTERLIST_BYPASS_HTTP_AUTH (#538)
* add IP_FILTERLIST_BYPASS_HTTP_AUTH

* refactor to separated ip whitelist
2023-03-12 13:34:41 +09:00
Andrea Spacca
54cacb5487
add http-auth-htpasswd (#537)
* add http-auth-htpasswd

* go mod tidy
2023-03-12 11:52:45 +09:00
Andrea Spacca
3b777e1c19
gpg encryption support (#162)
* gpg encryption support

* gpg encryption support

* refinement

* refactor using protonmail opengpg

* warning

* remove exception in linting

* reduce I/O on decrypt

* fix typo

* streaming in encrypt

* Update README.md

do not reference server public hosting version in encrypt/decrypt headers example

* linting

* linting fix

* increase default random-token-length to 10
2023-03-11 10:08:55 +09:00
Andrea Spacca
28fc9c73f5
Lint accept range (#535)
* Support Range header for GET

* Adds 'Accept-Ranges: bytes' header to handlers

* proper param name in error

* bump gdrive dependecies

* refactor CloseCheck to avoid panic on nil, remove range/audio/video special handling on get handler

* refactor CloseCheck to avoid panic on nil, handle range with no limit

* refactor CloseCheck to avoid panic on nil, handle range in gdrive storage

* refactor CloseCheck to avoid panic on nil

* handle range with no limit

* lint

* bump deps

* go mod tidy

* gofmt

* cr fixes, replace deprecated ioutil.NopCloser

* linting

* do not write to file by default

* fix storj

---------

Co-authored-by: Vladislav Grubov <vladgrubov@gmail.com>
2023-03-11 01:41:43 +09:00
Farhan Khursheed
31ad4e01e1
Fixed improper implementation of content type (#501)
* Fixed improper implementation of content type

Add text/plain content type if metadata.ContentType is unable to determine the content type of the file

* Update server/handlers.go

Co-authored-by: Farhan Khursheed <41877347+blind-intruder@users.noreply.github.com>

* Update handlers.go

let's trim space

* Update handlers.go

Co-authored-by: Andrea Spacca <andrea.spacca@gmail.com>
2022-08-20 15:29:52 +02:00
Stefan Benten
64c7759126
all: update gdrive client and various linting cleanups (#497) 2022-07-14 18:02:18 +02:00
Stefan Benten
21812d3efc
server: reorganize storage layer into more clear subfolder (#496)
* server: reorganize storage layer into more clear subfolder

* cmd: fix version command
2022-07-13 06:26:42 +02:00
Andrea Spacca
35e794220b
Issue 485: fix IDN unicode/punycode handling (#486) 2022-05-15 16:48:13 +02:00
Stefan Benten
92324798d5
server: adding no-store header (#476)
In order to prevent viewing content, which max-download rate has been reached,
we need to ensure the data is not stored locally in a browser cache.
To achieve this, we set the Cache-Control Setting to "no-store" according to:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control

fixes #470
2022-04-10 12:13:06 +02:00
Anirudh Haritas Murali
597554a59e
Add X-Url-Delete-* headers to POST handler (#435)
* Add X-Url-Delete-* headers to POST handler

* Remove token from header

* Fix writing of headers

* Handle error returned by Write

* Update handlers.go

Co-authored-by: Andrea Spacca <andrea.spacca@gmail.com>
2022-03-02 13:26:00 +01:00
Andrea Spacca
cff0a88bf3
Clamav prescan (#389) 2022-01-09 22:14:10 +01:00
Stefan Benten
492731e31f
server: propagate context to storage layer (#455)
This change propagates the context of the actual user request through.
Additionally it configures the Storj Backend to do in memory buffering instead of relying on temporary files in /tmp/ folders.
Fixes #448
2021-12-26 17:17:28 +01:00
Stefan Benten
f062af9fc5
server/handlers.go,storage.go: smaller fixes (#452)
This change moves a couple of defers in order to prevent them from not being executed since we have returned in error cases early.
It also fixes a couple of smaller linting issues, like error messages not starting with a capital letter and variable name collisions with imported packages.
2021-12-26 14:37:22 +01:00
Stefan Benten
2fbd19365c
.github/workflows: adding golangci-lint as new job (#453)
In order to follow golang's best practices, we should lint the code base properly beyond usual syntax mistakes.
2021-12-26 14:03:27 +01:00
Andrea Spacca
acd6fb084f
remove tor, remove bitcoing, fix contact us (#447) 2021-12-15 21:06:54 +01:00
Andrea Spacca
d2a0e77814
fix in force-https redirect (#441) 2021-12-07 19:41:42 +01:00
kugiyasan
c7164856d2
issue #420 added MaxDate.IsZero() check (#427)
* issue #420 return 400 response when Max-Days is too big

* issue #420 moved the Max-Days check before saving the metadata

* issue #420 added a logging message when Max-Days is invalid

* issue #420 added MaxDate.IsZero() check

Co-authored-by: kugiyasan <kugiyasan@users.noreply.github.com>
2021-10-30 10:04:43 +02:00
Andrea Spacca
fa74be02d2
Revert "issue #420 return 400 response when Max-Days is too big (#422)" (#426)
This reverts commit 2959fc2992.
2021-10-26 19:03:51 +02:00
kugiyasan
2959fc2992
issue #420 return 400 response when Max-Days is too big (#422)
* issue #420 return 400 response when Max-Days is too big

Co-authored-by: kugiyasan <kugiyasan@users.noreply.github.com>
2021-10-25 18:33:18 +02:00
Masaya Watanabe
92948fab23
fix missed errors (#417)
Co-authored-by: Andrea Spacca <andrea.spacca@gmail.com>
2021-10-16 09:57:59 +02:00
mattn
e5455d9713
Fix path (#416)
* chan is leaked

* Remove path.Clean

Co-authored-by: Andrea Spacca <andrea.spacca@gmail.com>
2021-10-16 09:51:09 +02:00
Andrea Spacca
9fe5f9a5c9
Golint (#404)
* golint
* remove gitter badge
2021-08-19 22:45:30 +02:00
Andrea Spacca
3990c3c5b7 gofmt 2021-07-23 11:21:05 +02:00
Andrea Spacca
3ea4ffd0e3 cr fixes and dynamic upload size in UI 2021-07-23 11:20:49 +02:00
Andrea Spacca
9baefbc4bf purge time in ui, fix range regeression from videojs 2021-07-19 21:03:41 +02:00
Andrea Spacca
1ff9ccd01e copyright update 2021-07-19 21:03:41 +02:00
Andrea Spacca
a7a3e685fe gofmt 2021-07-19 21:03:41 +02:00
Andrea Spacca
69d979ca48 issue 380 and simplier token generation 2021-07-19 21:03:41 +02:00
Andrea Spacca
d9198e78db always use logger 2021-07-19 21:03:41 +02:00
Andrea Spacca
9df18fdc69
fixes-20210521 (#373) 2021-05-21 15:49:48 +02:00
Andrea Spacca
fdfd453222 Added random-token-length, Encode() refactored 2021-05-20 08:26:07 +02:00
Andrea Spacca
0512452111 Added UrlRandomToken in template data 2021-05-09 09:21:54 +02:00
JustAnotherArchivist
6bd3e97186 Only increment download counter on files that have a download limit
For files that have no limit, there is no reason to track the download counter as its value will never be used anyway. This reduces costs on storage backends that have an operation fee (e.g. AWS S3) or a minimum retention (e.g. Wasabi S3).
2021-04-25 17:47:23 +00:00
JustAnotherArchivist
4daca97f89 Only rewrite metadata file when the download counter changed
Previously, the metadata file would be rewritten even if the download counter stayed the same (i.e. `increaseDownload = false`, previews and HEAD requests). Because the metadata doesn't change in that case, this would simply rewrite the exact same contents needlessly, which may also incur extra costs depending on the storage backend.
2021-04-19 18:37:47 +00:00
Andrea Spacca
69519d8fa4 Unwrap unnecessary bytes.NewReader 2021-03-19 08:25:40 +01:00
Andrea Spacca
b36711c1ea sanitize only on inline content-disposition 2021-03-02 16:50:53 +01:00
Andrea Spacca
27f84e719a Content-Type metadata to lower 2021-03-02 16:48:04 +01:00
Andrea Spacca
7ea65c5a24 go get -u, go build ldflags, docker tag, inline handler 2021-02-19 14:50:40 +01:00
Andrea Spacca
d554eb8e2d clone url 2021-01-06 13:33:46 +01:00
Andrea Spacca
6ac6c8fa99 PURGE FEATURE 2021-01-05 17:23:47 +01:00
Andrea Spacca
e53d599e09 ISSUE-332 2020-12-31 20:08:42 +01:00
Andrea Spacca
9430e53689
Merge pull request #307 from cheeseandcereal/add_proxy_port
add proxy-port for port override when running behind a proxy
2020-05-17 19:28:21 +02:00
Adam Crowder
f909ad3ce2
fix missing metadata security vuln 2020-05-08 16:23:32 -07:00
Adam Crowder
d830bf1afc
revert println
Signed-off-by: Adam Crowder <adam@adamcrowder.net>
2020-05-08 11:49:21 -07:00