Commit Graph

645 Commits

Author SHA1 Message Date
Bobby Wibowo
31a6940ab4
Updates
Added pagination to uploads and users list.
With that, /api/uploads and /api/users API routes will now add "count"
property to their response object.

Enabled Delete user button in users list.
With that also added /api/users/disable API route.
As usual, you can only disable users whose usergroup is lower than
your own.

Click event will no longer trigger on "disabled" elements (basically any
elements with "disabled" attribute).

Changed all arrow functions into regular functions in public JS files
(there were only a few that I somehow missed).

Bumped v1 version string.
2019-01-02 02:39:08 +07:00
Bobby Wibowo
c0d09c395c
Merge branch 'master' into safe.fiery.me
hmm, what a pain
2019-01-01 12:35:51 +07:00
Bobby Wibowo
8a1fa9f8fb
clean up lolisafe.js 2019-01-01 12:34:16 +07:00
Kana
40b2e3b3c1
Update README.md 2019-01-01 02:12:33 -03:00
Kana
3d5d540c0e
Merge pull request #177 from theLMGN/patch-1
bad service
2019-01-01 01:34:21 -03:00
Leo MG Nesfield (LMGN)
06c69559f6
bad service 2018-12-31 23:13:51 +00:00
Bobby Wibowo
bd38b78331
Updated config.sample.js 2018-12-20 21:48:39 +07:00
Bobby Wibowo
adb2ff7e71
Updated lolisafe.js 2018-12-20 21:43:31 +07:00
Bobby Wibowo
00a4e44758
Updates 2018-12-20 19:25:41 +07:00
Bobby Wibowo
f17d375107
Fixed some types in config.sample.js 2018-12-20 19:01:30 +07:00
Bobby Wibowo
d723c0f562
Updates [!! update config.js !!]
Added extended support for URL uploads.
Namely URL proxy support and separate extensions filter (as in separate
from the primary extensions filter).
There's also a new option to set a disclaimer message that will be
printed underneath the URL uploads form.

Trust proxy is now toggleable from the configuration file.
I think they should only be enabled when you're behind proxy such as
Cloudflare or Incapsula.
I'm not sure how it behaves with only a bare nginx reverse proxy though.

Empty files can now be filtered.

Sorted preset extensions filter in config.sample.js.

Rephrased some options in config.sample.js as well.

maxTries now default to 3 in config.sample.js.

Various other small changes.
2018-12-20 18:53:37 +07:00
Bobby Wibowo
bba6836708
Updated _globals.njk 2018-12-19 18:25:58 +07:00
Bobby Wibowo
89ec426e71
Removed lines related to DuckDuckGo's proxy
I think I've let them sit for like a week or so. It should've been
enough of a buffer time for everyone else.
2018-12-19 01:19:04 +07:00
Bobby Wibowo
f3d1aa1c8c
Updates
Some small fixes

Removed GET route of /upload/delete.
I first wanted to implement a ShareX-compatible deletion URL,
but then I figured I'd need to setup delete token system,
and I was like, "screw that, I don't even use ShareX",
so yeah.
2018-12-19 01:14:24 +07:00
Bobby Wibowo
00cbd3e76c
Updates
Updated ESLint rule: curly, again.
Mainly to also enabled "consistent" rule, which enforces curly into
else/elseif blocks, if its if block requires curly.

Added support for GET requests to /api/delete route.
Its usage is /api/delete/identifier, where identifier is the filename.
Though just like its POST route, it needs token in the header.
2018-12-19 00:41:42 +07:00
Bobby Wibowo
52d336cc45
Updated ESLint rule: curly
No more enforced curly for if/else/for/while/do blocks w/ one statement.

With that said, auto-fixed all JS files to follow the rule.

I'd also like to apologize for the inconveniences this commit cause,
after all it was me who intentionally enforced curly rule back then.

Why the change of heart?
After doing some more non-JS codes recently, I realized it was
pretty stupid of me to enforce that.
2018-12-19 00:01:28 +07:00
Bobby Wibowo
bca9169ea4
Updates
Fixed album public page breaking when it does not have description.
2018-12-13 20:49:57 +07:00
Bobby Wibowo
7665836ef4
Updates
Added total size to album public pages.
2018-12-13 20:31:24 +07:00
Bobby Wibowo
7d55b43ef2
Updated album.njk
Use album's description on OG tags.
2018-12-13 16:13:03 +07:00
Bobby Wibowo
da86f605c6
Updates [!! run database/migration.js !!]
Added description column into albums.
So yeah, now albums can have description.
It'll only be shown in the album's edit popup and public link.

HTML chars will now be escaped from album's name and description.

Removed message warning about CDN cache from album's public link.
A shortened version will be shown as the download button's tooltip.

Darkened color of textarea's placeholder.

Bumped v1 version string.
2018-12-13 16:09:46 +07:00
Bobby Wibowo
42b6c74711
Updated dashboard.css
Removed height animation from sidebar albums list.
I liked it back then, but now I simply find it an eyesore, kek.
2018-12-13 15:01:30 +07:00
Kana
bb722776c2
Merge pull request #171 from PascalTemel/master
fix missing sharp import
2018-12-11 18:23:10 -03:00
Pascal Temel
cb320e4354 yikes 2018-12-11 21:34:16 +01:00
Bobby Wibowo
f9f653997e
Updates
Removed type attribute from all LINK and SCRIPT tags to follow the
recommended practice of HTML5.
2018-12-11 19:31:48 +07:00
Bobby Wibowo
4193921b4e
Updated uploadController.js
The GET task of URL uploads will now limit the maximum size of the response body by the size reported in Content-Length header of the HEAD task.
This relies on node-fetch's way of handling it. I don't know the magic behind it.
2018-12-09 01:01:08 +07:00
Bobby Wibowo
742ae43622
Updated config.sample.js 2018-12-09 00:56:08 +07:00
Bobby Wibowo
53789a20c2
Updated uploadController.js
DuckDuckGo's proxy is no longer supported as it stops reporting Content-Length header, which is crucial so that the safe could predict the actual file size before downloading it.

If you have it enabled in your config file, it will now close the safe with error code 1. You can either disable url uploads completely or just disable duckduckgo's proxy (though I believe not many will choose the latter as to begin with it was implemented to hide origin IP).
2018-12-09 00:55:04 +07:00
Bobby Wibowo
9eb9ac288d
Updated uploadController.js
scanFiles() will now remove delete allocated identifiers from cache if the files are dirty.
2018-12-08 10:56:23 +07:00
Bobby Wibowo
f9bdb7b88c
Updates 2018-12-08 10:33:57 +07:00
Bobby Wibowo
857d1f94e9
Merge branch 'master' into safe.fiery.me
Pretty much no change as I manually implemented the changes before
Pascal's PR got merged to WeebDev/master.
2018-12-08 07:42:31 +07:00
Bobby Wibowo
d1a3935edb
Updated uploadController.js 2018-12-08 07:38:42 +07:00
Bobby Wibowo
2fab5becb0
Updates
Disabling cacheFileIdentifiers will now restore the old behavior of having less strict collision checks.
Fulfills https://github.com/BobbyWibowo/lolisafe/issues/12.
2018-12-08 07:38:12 +07:00
Bobby Wibowo
1b687de98d
Merge branch 'snyk-fix-uid5iv' into safe.fiery.me 2018-12-08 05:17:21 +07:00
Bobby Wibowo
f0716c8ffd
Updated yarn.lock 2018-12-08 05:16:43 +07:00
snyk-bot
563c839125 fix: package.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/npm:braces:20180219
- https://snyk.io/vuln/npm:deep-extend:20180409
- https://snyk.io/vuln/npm:extend:20180424
2018-12-07 22:10:56 +00:00
Bobby Wibowo
1eafafe8a7
Updates
* Fixed home page going out of bound due to git commit message.

* Git commit message will no longer have dotted underline. The old solution by using border-bottom wasn't suitable when the text is being split by word-break, but text-decoration-style wouldn't look as good due to its distance from the text being too close.

* Updated bulma to 0.7.2.

* Bumped v1 and v3 version strings.

* Various other small tweaks.
2018-12-08 05:10:35 +07:00
Kana
ea575898f3
Merge pull request #169 from PascalTemel/master
Replace graphicsmagick with sharp
2018-12-04 14:57:57 -03:00
Bobby Wibowo
2ee1c40868
Whoops, bugfix 2018-12-04 20:35:49 +07:00
Bobby Wibowo
446cacea7e
Merge branch 'ids-cache' into safe.fiery.me 2018-12-04 18:59:47 +07:00
Bobby Wibowo
07b4ef8fc2
Updates
Added a new config entry named "cacheFileIdentifiers". More info in config.sample.js file.

Improved some descriptions in config.sample.js file.

Added some CSS animations wherever applicable.

Bumped v1 version string.
2018-12-04 18:58:53 +07:00
Bobby Wibowo
a17cfb83a2
Enable ids caching by default 2018-12-03 16:32:26 +07:00
Bobby Wibowo
6af52341c9
Init ids-cache branch 2018-12-03 16:18:52 +07:00
Bobby Wibowo
6f03726b9d
Updated package.json 2018-12-03 14:24:10 +07:00
Bobby Wibowo
b6bd833110
Replace graphicsmagick with sharp 2018-12-03 14:20:13 +07:00
Pascal Temel
fa8ef06764 remove npm from package.json 2018-11-30 23:01:58 +01:00
Pascal Temel
05c17f2dc9 replace graphicsmagick with sharp 2018-11-30 22:58:42 +01:00
Bobby Wibowo
6543a87b11
Updates
Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist).
This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail.
If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether).

Added a new config option to filter files with no extension.

Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD").
In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension.
Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted.
Examples:
.hiddenfile => .hiddenfile
.hiddenfile.sh => .sh
.hiddenfile.001 => .hiddenfile.001
.hiddenfile.sh.001 => .sh.001

Simplified error messages of /api/upload/finishchunks.

Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok).
I plan to generalize this for the other API routes in the future.

Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok).

Bumped v1 version string (due to home.js).
2018-11-29 00:52:12 +07:00
Bobby Wibowo
6e160fa039
Added PrivateBin to footer links
Also updated fontello to include its icon
2018-11-24 20:58:33 +07:00
Bobby Wibowo
6149f46831
Updated package.json 2018-11-24 16:03:12 +07:00
Bobby Wibowo
4463e8de71
Updated .gitignore
Remove trailing-slash from dir ignores.
This will allow replacing said dirs with symlinks.
2018-11-24 15:33:05 +07:00