Commit Graph

162 Commits

Author SHA1 Message Date
Bobby
3050de43c4
fix(deps): @bobbywibowo/serve-static
the fork is now named under @bobbywibowo tag to allow it co-existing
with upstream version within the same scope if required

it and @bobbywibowo/send have also been aligned with their respective
latest master commits as of this commit date
2022-03-04 02:57:21 +07:00
Bobby
f6d85b05ac
feat: verify config files exist on startup 2022-03-04 02:04:46 +07:00
Bobby
2ddd97541e
refactor: config.hsts -> config.helmet
this allows full config to the helmet library

it will fallback to old behavior if helmet entry is not found in
config file, but hsts entry is
2022-03-04 02:04:16 +07:00
Bobby Wibowo
dd55d69612
fix: headers already sent errors 2021-01-09 03:50:03 +07:00
Bobby Wibowo
5781c45a3d
refactor: no throw literal in lolisafe.js 2021-01-08 09:20:00 +07:00
Bobby Wibowo
a8cc0b9534
updated lolisafe.js
break loop early
2020-12-27 16:49:22 +07:00
Bobby Wibowo
b63836c89d
Added Content-Type override when serving with node
Closes #274
2020-11-03 23:53:56 +07:00
Bobby Wibowo
f5e70b2d96
Added experimental embedded video.js player thingy 2020-11-03 20:56:32 +07:00
Bobby Wibowo
88f852584c
!! REPLACED ClamAV BACKEND: clamdjs -> clamscan !!
Update your config file!
2020-11-01 06:35:56 +07:00
Bobby Wibowo
47dd512910
Removed custom ESLint curly rule
Sigh, why did you do this, past me..?

Also fixed "Delete uploads by names".
2020-10-31 01:12:09 +07:00
Bobby Wibowo
ff063a5373
Simplified cache-control 2020-10-12 22:02:29 +07:00
Bobby Wibowo
22e6c2c3c6
Updated
Replaced all Array.concat() with spread operator and/or push().
Fixed some faulty search logics when using exclusion filters.
Fixed capitalization of mac font in _variables.scss. Stylelint somehow
fricked up again in my previous commit.
2020-10-11 17:32:22 +07:00
Bobby Wibowo
57207493a2
Fixed setContentDisposition throwing errors 2020-10-02 04:58:35 +07:00
Bobby Wibowo
c8a5f7be16
Added setContentDisposition option
Resolves #192

This added 2 new dependencies:
content-disposition
BobbyWibowo/serve-static

content-disposition:
This has fallback generation for file names that are outside ISO-8859-1.
Plus it was already a sub-dependency due to express to begin with.

BobbyWibowo/serve-static:
A fork of express/serve-static to allow specifying an async setHeaders
function by the name preSetHeaders, that will be awaited before
creating send stream to clients.
2020-09-27 04:33:42 +07:00
Bobby Wibowo
41fb14e865
Added system & node uptime to Statistics menu
src/js/misc/utils.js: Added page.getPrettyUptime().

Updated dependency:
helmet: 3.23.3 -> 4.1.0

lolisafe.js: Disabled CSP by default.
Since helmet 4, CSP would instead be enabled by default.
2020-08-22 01:35:30 +07:00
Bobby Wibowo
cc122f63b8
Updated lolisafe.js
https://blog.fiery.me/recent-disturbance-with-temporary-uploads
Fix for temporary uploads failing forever just due to errors not being
caugh.
2020-05-27 01:18:25 +07:00
Bobby Wibowo
86b51fe5f5
Added Cookie Consent, among other things
This adds Cookie Consent library at public/libs/cookieconsent.

Added views/cookiepolicy.njk.

Added a new config option cookiePolicy. Disabled by default.

Updated views/faq.njk to use variables wherever applicable.
The variables are initiated at views/_globals.njk.
The said file also contains variables used at views/cookiepolicy.njk.

Restored messages about Cloudflare to FAQ.
They will be shown only if config.cloudflare.purgeCache is enabled.

Statistics will now capitalize first letters of the keys instead.

Updated background color of SweetAlert modals.

Moved table styling from dashboard.css to style.css (global),
since table will also be used in Cookie Policy page.

Bumped v1 version string and rebuilt client assets.
2020-05-17 03:35:54 +07:00
Bobby Wibowo
968fd74676
Updated
No longer initiate expired uploads check if
config.uploads.temporaryUploadsInterval is not set.

"yarn delete-expired" will now list names of the expired uploads too.
2020-05-16 21:45:14 +07:00
Bobby Wibowo
38b8109210
Added starting message to lolisafe.js
Most of the times, connecting to ClamAV takes a bit too long and causes
misunderstanding due to a long period of silence
Generally with PM2 logs, due to the lack of indicator
of a successful restart
2020-05-09 14:54:09 +07:00
Bobby Wibowo
ff54f088bd
Added client assets update detection
/api/check and /api/token/verify will now pass along v1 version string
if used (when config.cacheControl is used) for both home.js and
dashboard.js to use to compare version strings.
This should help notify users using browsers with a bit more overbearing
caching (generally mobile browsers).

Rebuilt client assets and bumped v1 version string

Slight update to yarn.lock (a small syntax change for node-gyp, idk why)
2020-04-30 05:56:28 +07:00
Bobby Wibowo
2d1db2bd01
Updated log message for expired uploads deletion 2020-04-07 02:46:04 +07:00
Bobby Wibowo
f534ac2e4d
Updated all dependencies
Updated lolisafe.js
2020-04-04 22:08:37 +07:00
Bobby Wibowo
609753f1e9
Make Helmet's HSTS configurable from config file
Closed #115
2020-02-13 15:03:31 +07:00
Bobby Wibowo
783ac81bf7
Updated
lolisafe.js: fixed a logic

faq.njk: fixed typo
2020-02-13 14:37:19 +07:00
Bobby Wibowo
edce59243b
Better cache control when not using CDN 2020-02-11 17:18:04 +07:00
Bobby Wibowo
a884ef8d01
Bug fix
Fixed #67

Changed default admin account to username root & password changeme,
for new installations.
Also updated README.md to mention it.
2019-10-21 17:49:52 +07:00
Bobby Wibowo
4e20f28b78
Updated lolisafe.js
If config.cacheControl is enabled, remove Cache-Control header from
error pages.
Fallbacks to Express' default behavior of using "public, max-age=0".
2019-09-20 02:42:08 +07:00
Bobby Wibowo
8ab77a6464
Updated
Removed version strings from _globals.njk,
in favor of src/versions.json.
That versions in that file can be bumped with "yarn bump-versions".
v1 is automatically bumped when doing "yarn build" as well.

Added README file in src directory, explaining versions.json file.

Added README file in scripts directory, detailing usage of each scripts.

Version strings will no longer be appended when cacheControl is disabled
in config file.
After all, version strings are only needed when the static assets are
cached indefinitely in users' browsers.

Initial Cloudflare's cache purging will no longer be executed when
cloudflare -> purgeCache is disabled, even if cacheControl is enabled.
Just in case someone wants to use version strings for other use cases.

Actually use custom metaDesc variable on meta description tag.
2019-09-19 19:10:37 +07:00
Bobby Wibowo
9e9b0d4439
Updated
Updated some dev dependencies.

---

Gulp will now build CSS/JS files during development into dist-dev
directory, to prevent IDE's Git from unnecessarily building diff's.

Added dist-dev to ignore files.

---

The entire config fille will now be passed to Nunjuck templates for ease
of access of config values.

Root domain for use in Nunjuck templates will now be parsed from config.

Better page titles.

Updated help message for "Uploads history order" option in
homepage's config tab.

Added "Load images for preview" option to homepage's config tab.
Setting this to false will now prevent image uploads from loading
themselves for previews.

Uploads' original names in homepage's uploads history are now
selectable.

Min/max length for user/pass are now enforced in auth's front-end.

Improved performance of album public pages.
Their generated HTML pages will now be cached into memory.
Unfortunately, No-JS version of their pages will be cached separately,
so each album may take up to double the memory space.

File names in thumbnails no longer have their full URLs as tooltips.
I saw no point in that behavior.

Added video icons.
Homepage's uploads history will now display video icons for videos.

"View thumbnail" button in Dashboard is now renamed to "Show preview".
Their icons will also be changed depending on their file types.

Added max length for albums' title & description.
These will be enforced both in front-end and back-end.
Existing albums that have surpassed the limits will not be enforced.

A few other small improvements.
2019-09-17 11:13:41 +07:00
Bobby Wibowo
0e5a64d81d
Updated lolisafe.js
Fixed cache-control.
I only noticed that I had "immutable" on pages that were supposed to be
cached by proxy only.
For some reason that did nothing on my Firefox desktop,
but I noticed it worked in my phone's browsers, including Firefox.
Odd.
2019-09-15 14:43:56 +07:00
Bobby Wibowo
c9ba16e1d6
Updates (very important to read)
Client-side CSS & JS files will now be processed with Gulp.
Gulp tasks are configured in gulpfile.js file.

CSS files will be optimized with postcss-preset-env, which will
auto-add vendor prefixes and convert any parts necessary for browsers
compatibility.
Afterwards they will be minified with cssnano.

JS files will be optimized with bublé,
likewise for browsers compatibility.
Afterwards they will be minified with terser.

Unprocessed CSS & JS files will now be located at src directory, while
the processed results will be located at dist directory.

Due to bublé, the JS files should now be compatible up to IE 11
at the minimum.
Previously the safe would not work in IE 11 due to extensive usage of
template literals.
Due to that as well, JS files in src directory will now extensively use
arrow functions for my personal comfort (as they will be converted too).

The server will use the processed files at dist directory by default.
If you want to rebuild the files by your own, you can run "yarn build".
Gulp is a development dependency, so make sure you have installed all
development dependencies (e.i. NOT using "yarn install --production").

---

yarn lint -> gulp lint

yarn build -> gulp default

yarn watch -> gulp watch

yarn develop -> env NODE_ENV=development yarn watch

---

Fixed not being able to demote staff into normal users.

/api/token/verify will no longer respond with 401 HTTP error code,
unless an error occurred (which will be 500 HTTP error code).

Fixed /nojs route not displaying file's original name when a duplicate
is found on the server.

Removed is-breeze CSS class name, in favor of Bulma's is-info.

Removed custom styling from auth page, in favor of global styling.

Removed all usage of style HTML attribute in favor of CSS classes.

Renamed js/s/ to js/misc/.

Use loading spinners on dashboard's sidebar menus.

Disable all other sidebar menus when something is loading.

Changed title HTML attribute of disabled control buttons in
uploads & users list.

Hid checkboxes and WIP controls from users list.

Better error messages handling.
Especially homepage will now support CF's HTTP error codes.

Updated various icons.
Also, added fontello config file at public/libs/fontello/config.json.
This should let you edit them more easily with fontello.

Use Gatsby icon for my blog's link in homepage's footer.

A bunch of other improvements here & there.
2019-09-15 13:20:11 +07:00
Bobby Wibowo
02e2e402c3
!!! MASSIVE OVERHAUL !!!
As the title says, this commit is a massive overhaul.
I've rewritten/restrucuted almost everything in the controller scripts.
Because of that, there's a considerable possibility that I've broken
something somewhere.

Notable changes:

Added temporary uploads.

Removed file name length changer from dashboard,
in favor of an equivalent in homepage config tab.
This allows non-registered users to also set file name length.

A bunch of other undocmented stuff.
I don't know, I'm too tired to remember them all.
2019-09-08 08:56:29 +07:00
Bobby Wibowo
7e3d177d00
Updated
Added logger.js to format console logs (adding timestamps).

Re-ordered modules loading in lolisafe.js, and a few other minor edits.

Updated dev dependencies.

A few other minor edits.
2019-08-27 00:02:06 +07:00
Bobby Wibowo
3a398721b5
Updated
* Replaced all instances of getElementById and getElementsByClassName
with querySelector or querySelectorAll.

* Updated utilsController.js to stop disabling
no-async-promise-executor eslint rule.

* Removed unused lines in dashboard.njk.

* Refactored maxFileSize to maxSize in home.{css,js,njk}.

* Updated ClamAV codes in lolisafe.js. No more pinging.
Since querying version will also check connection anyway.

* Option "Upload to album" in homepage is now selectable.
Selecting this option will restore the uploader to not associate files
with an album.

* Fixed uploader to properly respect server's max file size.
Also updated error message of file size to use MB instead of MiB.

* Creating an album from homepage will automatically select the album.

* Updated Dropzone.js to v5.5.0.

* Bumped v1 & v3 version strings.

* Various other small fixes.
2019-08-20 09:16:34 +07:00
Bobby Wibowo
5c41fc9249
Updates
utilsController.js:
+ /api/stats: Cache invalidation requests will now only store timestamp
of the request instead of purging the cache entirely.
Subsequent requests to the API will no longer attempt to generate stats
if a previous request before it is still generating, since it can
take a while in big sites.
So instead, the cached stats will be returned to them, regardless of
whether it's still valid.
This should avoid "race condition" in sites with multiple admins.

* dashboard.js:
+ Added an appendix into "Delete by names" feature in dashboard to
inform staffs that they can use the feature to delete files by other
users as well.
+ Added comments explaning the need of page.domClick() function.
+ Addition to the change regarding /api/stats route: If there is no
cached stats, but a previous request is still generating, inform
the user about it.

config.sample.js + lolisafe.js:
+ We now support configuring rate limits through config file.
No more hard-coded rate limits.
Don't forget to update your config.js accordingly.

package.json + yarn.lock:
+ Updated dependencies.
2019-06-04 02:40:24 +07:00
Bobby Wibowo
e74fb3811f
Updated lolisafe.js
Goddamn, I screwed up so bad.
2019-01-31 16:38:43 +07:00
Bobby Wibowo
e479ac53ff
Updated lolisafe.js
Forgot to update this to take into account the changes in Cloudflare's
cache purge utility.
2019-01-31 16:36:16 +07:00
Bobby Wibowo
8780d6429b
Updates
NoJS uploader will now display the original file names in the results.

lolisafe.js will now automaticaly purge Cloudflare's cache of frontend
pages everytime it launches.
Of course this only applies when cacheControl is on in config file.
This sorta makes scripts/cfpurge.js script obsolete.
2019-01-09 17:11:45 +07:00
Bobby Wibowo
b431d11eba
Updates
I think proper Cache-Control for frontend now.

Fixed the way it handles "home" when purging frontend cache.
2019-01-06 15:26:43 +07:00
Bobby Wibowo
f166a70d71
Updated lolisafe.js
Updated cache control
2019-01-06 04:16:19 +07:00
Bobby Wibowo
874ddba665
Updated lolisafe.js
Cache control album ZIPs
2019-01-06 04:14:33 +07:00
Bobby Wibowo
2f51954024
Updates
Experimental cache control
2019-01-06 04:09:47 +07:00
Bobby Wibowo
8a1fa9f8fb
clean up lolisafe.js 2019-01-01 12:34:16 +07:00
Bobby Wibowo
adb2ff7e71
Updated lolisafe.js 2018-12-20 21:43:31 +07:00
Bobby Wibowo
00a4e44758
Updates 2018-12-20 19:25:41 +07:00
Bobby Wibowo
d723c0f562
Updates [!! update config.js !!]
Added extended support for URL uploads.
Namely URL proxy support and separate extensions filter (as in separate
from the primary extensions filter).
There's also a new option to set a disclaimer message that will be
printed underneath the URL uploads form.

Trust proxy is now toggleable from the configuration file.
I think they should only be enabled when you're behind proxy such as
Cloudflare or Incapsula.
I'm not sure how it behaves with only a bare nginx reverse proxy though.

Empty files can now be filtered.

Sorted preset extensions filter in config.sample.js.

Rephrased some options in config.sample.js as well.

maxTries now default to 3 in config.sample.js.

Various other small changes.
2018-12-20 18:53:37 +07:00
Bobby Wibowo
89ec426e71
Removed lines related to DuckDuckGo's proxy
I think I've let them sit for like a week or so. It should've been
enough of a buffer time for everyone else.
2018-12-19 01:19:04 +07:00
Bobby Wibowo
00cbd3e76c
Updates
Updated ESLint rule: curly, again.
Mainly to also enabled "consistent" rule, which enforces curly into
else/elseif blocks, if its if block requires curly.

Added support for GET requests to /api/delete route.
Its usage is /api/delete/identifier, where identifier is the filename.
Though just like its POST route, it needs token in the header.
2018-12-19 00:41:42 +07:00
Bobby Wibowo
53789a20c2
Updated uploadController.js
DuckDuckGo's proxy is no longer supported as it stops reporting Content-Length header, which is crucial so that the safe could predict the actual file size before downloading it.

If you have it enabled in your config file, it will now close the safe with error code 1. You can either disable url uploads completely or just disable duckduckgo's proxy (though I believe not many will choose the latter as to begin with it was implemented to hide origin IP).
2018-12-09 00:55:04 +07:00
Bobby Wibowo
2ee1c40868
Whoops, bugfix 2018-12-04 20:35:49 +07:00
Bobby Wibowo
07b4ef8fc2
Updates
Added a new config entry named "cacheFileIdentifiers". More info in config.sample.js file.

Improved some descriptions in config.sample.js file.

Added some CSS animations wherever applicable.

Bumped v1 version string.
2018-12-04 18:58:53 +07:00
Bobby Wibowo
a17cfb83a2
Enable ids caching by default 2018-12-03 16:32:26 +07:00
Bobby Wibowo
6af52341c9
Init ids-cache branch 2018-12-03 16:18:52 +07:00
Bobby Wibowo
c3d4c237cb
Init account-manager branch 2018-10-10 02:52:41 +07:00
Bobby Wibowo
d4b6933891
Improved help message for URL upload
* Hide notice about max size if it's equal to max size of regular uploads.

* Show notice about DuckDuckGo's proxy if it's turned on.

* Also updated description in config.sample.js to further emphasize about the limitation of using DuckDuckGo's proxy.
2018-09-30 05:38:13 +07:00
Bobby Wibowo
0d38995b2b
Updates
* When gitHash in config.js is set to true, latest commit hash of the currently enabled git repo/branch will be displayed in home and nojs uploader pages.

* Error pages can now be configured with errorPages option (their root directory and their file names).
2018-09-20 18:41:17 +07:00
Bobby Wibowo
a207c4a806
Init 'clamdjs' branch (#8)
Use clamdjs module instead of clam-engine. This module connects to clam daemon server.
2018-09-04 22:48:24 +07:00
Bobby Wibowo
36da76357e
Updates
* Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine.

* File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed.

Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-02 03:37:26 +07:00
Bobby Wibowo
4d7b23bb39
Initial commit at browser-ecma6 branch
This commit is intended to downgrade codes in JS files used for browser to increase browsers compatibility.

This branch is still experimental and may require much more testing.
2018-07-14 10:42:18 +07:00
Bobby Wibowo
c4eed6e478
Updates
* Added globals.v3 to _globals.njk, which will be used for CSS/JS files of libs (bulma, lazyload, etc.). globals.v1 will now only be used for lolisafe's JS and CSS files.
Since CSS/JS files of libs receive much less updates than lolisafe's (mainly since I push updates a lot), this will decrease the amount of files that users need to re-fetch on every updates.

* Added public/js/album.js which will be used by album.njk (albums public link). I'm going to disable inline scripts in safe.fiery.me.

* Better FAQ. Some points will now dynamically changes depending on the settings you have in your config.js. It's not perfect but certainly much better than before.
2018-05-12 23:34:19 +07:00
Bobby Wibowo
bd722129de
Updates, now supports uploading by URLs!
* Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js.
Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4.

* /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload.

* Added file extension filter to /api/upload/finishchunks.

* Added proper total chunks size check to /api/upload/finishchunks.

* Various code improvements.
2018-05-11 21:34:13 +07:00
Bobby Wibowo
479db54cd3
Updates (experimental)
* Possible performance improvement. Some bulk db queries will now be executed in a single query instead of spawning multiple async task for each query. This is sorta experimental though, use it at your own risk (though I'll use it right away at safe.fiery.me).

* It's now possible for root user to add files to other users' albums through the API route. I don't plan on allowing root user to list other users' album list from the dashboard, I just thought that there'd be no harm in extending the API a little bit.

* Kinda better error logging for uncaught exception and unhandled rejection. Their stack trace should be logged now.
2018-05-11 00:25:52 +07:00
Bobby Wibowo
7991a63315
Updates (please update your config.js)
NOTICE: Please update your config.js. Use config.sample.js as the template.
There were a couple of renames and restructures.

* Album zipper API route will now internally save its state when it's generating zip files, and any subsequent requests will silently be "postponed" until the first spawned task is finished. This will guarantee that there are no multiple zipping tasks for the same album. The method may seem a bit hackish though.

* All instances of console.log(error) were replaced with console.error(error). This will guarantee that any error goes to stderr instead of stdout.

* Deleting file by names will now properly remove successful files from the textarea. There was a logic flaw.

* Failure to generate thumbnails will no longer print the full stack, but instead only the error message. It will also then symlink a template image from /public/images/unavailable.png (it's only a simple image that says that it failed to generate thumbnail).
This haven't been tested in Windows machines, but it'll probably work fine.
I thought of adding a new column to files table which will store information whether the thumbnail generation is sucessful or not, but oh well, I'll go with this method for now.
2018-05-09 15:41:30 +07:00
Bobby Wibowo
4660200b1e
More improvements to albums, and others
Improvements related to albums:

* Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png).
This also adds a new API route: /api/albums/edit.
The old API route, /api/albums/rename, is still available but will silently be using the new API in backend.

* Deleting album will now also delete its zip archive if exists.

* Renaming albums will also rename its zip archive if exists.

* Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat.

* The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier.

* Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier.

* Added "download" and  "public" columns to "albums" table in database/db.js.
Existing users can run "node database/migration.js" to add the columns.

Others:

* uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise.

* Album name of disabled/deleted albums will no longer be shown in uploads list.

* Added "fileLength" column to "users" table in database/db.js.

* Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though.

* Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch).

* Updated icons (added download icon).

* Some other improvements/tweaks here and there.
2018-04-29 00:26:39 +07:00
Bobby Wibowo
6cc6928c62
Merging all the changes from 'master'
There's nothing much really. Here's a summary:
* Added dmca.gripe to README.md.
* Updated chrome extension's instruction in README.md.
* Bumped year in LICENSE.
* Moved error pages from /pages/errors to /pages/error.
* Added a README.md to /pages/error clarifying the fact that this repo is using symlinks for error pages.
2018-04-26 19:28:31 +07:00
Bobby Wibowo
498002ee2d
Updated lolisafe.js
Removed file extension check from setHeaders function. It will now apply Cache-Control to all files in /public, and to all files in the uploads folder if they are being served by node.
2018-04-25 14:30:38 +07:00
Bobby Wibowo
674d20c62c
Updates
Regular code improvements.
2018-04-21 04:39:06 +07:00
Bobby Wibowo
09f51c8448
Updates~ 😉
Thanks to Zephyrrus for the hints about nunjucks, sort of (he did not really give out any specific hints to me, I stalked his fork, lmao).

* Replaced Handlebars with Nunjucks.

* Replaced all static HTML files with their NJK-equivalent (excluding error pages).

* Renamed "albumDomain" to "homeDomain" in config.sample.js (make sure you update your config.js too).

* Updated dependencies: knex and eslint-plugin-import (dev).

* Updated vscode's settings.json (I may update this again very soon).
2018-04-19 04:00:36 +07:00
Bobby Wibowo
dd43acecea
Updates
* Added VSCode settings to git repo. Now you can match yours with mine, if you want.

* Added .jsbeautifyrc for js-beautify (to be used by VSCode's Beautify extension).

* Refactored all instances of require('**/*.js') with require('**/*') wherever applicable (basically gotten rid of the .js extension).

* Refactored path in all instances of require() wherever applicable.

* Sorted instances of require() wherever applicable.

* Fixed 500 HTTP error trying to load an error page for 505 HTTP error.

* Removed special treatement of NoJS page from uploadsController.processFilesForDisplay().

* Updated version string of all static files.

* Beautified all HTML, HANDLEBARS and CSS files.

* Refactored the structure of footer links in homepage and No-JS uploader. This should now fix homepage going out-of-bound in smaller screens.

* Added CSS prefixes wherever applicable.

* Improved back-end side of No-JS uploader. This will now handle errors properly.

* No-JS uploader will now show max file size.

* No-JS uploader will now show a proper message when private mode is enabled and/or registration is disabled.
2018-04-13 23:20:57 +07:00
Bobby Wibowo
4923cf9800
Updates
* Added No-JS uploader page (it's on /nojs).

* Updated uploadsController.processFilesForDisplay() to support requests from No-JS uploader page.

* Added "Bash uploader" link to footer.

* Updated icons (added terminal icon for "Bash uploader" footer link).
2018-04-12 21:37:42 +07:00
Bobby Wibowo
7978325cd6
Updates
* Removed rimraf from dependency. Although really it'll still need to be used by other dependencies, such as eslint and bcrypt, so it'll still have to be downloaded by yarn either way.

* Updated dashboard.css. Added "overflow: hidden" to thumbnail container. Previously potrait thumbnails will be visible outside of their container.

* Removed notice about having "chunks" folder from config.sample.js. Added a line in lolisafe.js to create the folder if it doesn't exist instead.

* Updated bcrypt to v2.0.0. I'm not really sure whatever has changed, but I've tested that it didn't require any additional changes for our current usage.

* Chunks will no longer be saved with their original file's extension. Instead they'll only be saved as plain files named 0, 1, ..., n, without any extension whatsoever. Extension for joined chunks will be read from the original file's name in /api/upload/finishchunks. If the user doesn't pass that data when calling the API, the joined chunks will not have any extension.

* Since rimraf has been removed, uploadsController.actuallyFinishChunks() will now use a combination of fs.unlink() and fs.rmdir(). Promise.all() will be used when running fs.unlink() so that all chunks will be deleted at the same time through multiple instances of async tasks (probably).

* Some other small changes and tweaks in uploadController.js.
2018-04-09 01:30:25 +07:00
Bobby Wibowo
b1dbb931c1
Updates
* Updated eslint-plugin-import dev dependency.

* Added 2 new ESLint rules: "prefer-const" and "object-shorthand".

* Refactor all JS files to follow the new ESLint rules.

* Refactored all instances of for-i into for-of wherever applicable.
2018-04-05 17:52:57 +07:00
Bobby Wibowo
7f10cccf70
Updates
* If files have to be added to an album on upload, it will now wait until they have either been succesfully added to the album or errored.

* File names in thumb view will now show their full URL on their tooltip.
2018-04-05 00:38:15 +07:00
Bobby Wibowo
0067c8fe83
Updates
* Refactored all instances of "err" into "error".

* Added bulk delete feature (API route: /api/uploads/bulkdelete). It accepts an array of IDs (its key must be "ids" in the JSON POST request). Don't forget it still requires a token in the headers. (https://s.fiery.me/6rjMAYoC.mp4)

* Removed fontello.css from auth.html.

* Updated a bunch of styling.

* Added "copy link to clipboard" button to thumbs view.

* Added "view thumbnail" button to list view. Clicking the row will no longer trigger thumb view, instead you have to press that button.

* Updated icons.

* ... and perhaps some others that I can't remember?
2018-03-30 06:22:08 +07:00
Bobby Wibowo
49cf3b0654
Updates
* Removed unnecessary math operator from lolisafe.js.

* Updated comment about HttpErrorPages (the branch was renamed from "fiery-me" to "fiery.me").
2018-02-10 06:20:34 +07:00
Bobby Wibowo
6246436aed
Hehe.. 2018-01-25 01:31:31 +07:00
Bobby Wibowo
878bdd484d
Added error pages
Utilizing BobbyWibowo/HttpErrorPages.
2018-01-25 01:13:17 +07:00
Bobby Wibowo
60c6357491
Updates
I don't know what I'm doing.
2018-01-24 23:18:01 +07:00
Bobby Wibowo
fc71601074
Updates
* Show horizontal scrollbar for table only when needed.

* Cache-Control for static files.
2018-01-24 23:04:21 +07:00
Bobby Wibowo
32dd070e49
Yet another bunch of updates
* Self-host all libs (including but not limited to Font Awesome icons). LICENSE files were properly included as well.

* Temporarily disabling error pages.

* Added "start" and "pm2" scripts. To be used with "yarn SCRIPT_NAME" or "npm run SCRIPT_NAME".

* Added container for the tables in dashboard. On narrow screens, such as phones, users will then have the ability to use horizontal scroll on the tables.

* Fixed various resource paths. This should now work properly when not being hosted in root domain (e.i. https://fiery.me/lolisafe/).

* Before checking API, the "Running in ..." button will now say "Loading..." instead.
2018-01-24 22:31:23 +07:00
Bobby Wibowo
bcdfcd7064
Various updates
* Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too.

* Lots of refactors to follow the rules of Standard.

* Fixed issue with uploading as a not logged in user.
2018-01-24 03:06:30 +07:00
Bobby Wibowo
47f2f30682
More breaking changes
* Added Editor Config file.

* Added ".vscode/" to .gitignore.

* Added final newline to some files.

* Added KDE Breeze Dark colors.

 * Applied various ESLint autofixes. There were still plenty of non-auto-fixable issues though. I'm not sure why this project had ESLint dev dependency but still ended up with countless issues.

* ... and maybe some others.
2018-01-24 01:00:55 +07:00
Pitu
992b632d1a Added album downloading through front-end 2017-10-04 02:05:38 -03:00
Pitu
8d8dbc7078 Missing semicolon 2017-10-04 00:59:18 -03:00
Pitu
54a262ef95 Fixes serving the actual configured uploads folder 2017-10-03 23:45:23 -03:00
Pitu
128b7113bf Little bit of this 2017-10-03 21:13:15 -03:00
Pitu
c1963b2809 Changed how domains are handled 2017-10-03 19:48:26 -03:00
Pitu
6b72453d4a Made the album viewer route SSR so crawlers dont have issues 🎉 2017-09-20 03:03:31 -03:00
Caroline
ce23b0f19d Keep the bad guys out >:c (#36) 2017-04-27 09:04:19 +02:00
Pitu
1db1b06a48 Refactor 2017-03-17 01:14:24 -03:00
Pitu
e05a7c751e Added public album sharing 👌 2017-02-07 04:32:55 -03:00
Pitu
18c66d27fb Added support for custom html files
There's a new folder that gets created upon running lolisafe for the first time. On said folder any html file with the same name as the default ones will be loaded instead, letting you place custom frontend files without messing with git.
2017-02-06 00:06:33 -03:00
Pitu
9b204b6c27 👌 2017-02-01 19:56:47 -03:00
Pitu
f29f208e52 Another thing crawl told me to do 2017-02-01 19:55:00 -03:00
Pitu
f56afcdd5c Something crawl told me to do 2017-02-01 19:52:29 -03:00
Pitu
e595298994 Making the window 5 seconds instead of milliseconds sounds about right 2017-02-01 19:51:51 -03:00
Pitu
67411d7fa9 Added rate limiting 2017-02-01 19:46:10 -03:00
Pitu
999c148dff Changed /panel to /dashboard 2017-01-31 03:37:17 -03:00
Pitu
9cd3846795 Added FAQ 2017-01-31 03:31:10 -03:00
Pitu
da47babc05 Added auth route 2017-01-29 04:19:14 -03:00