DuckDuckGo's proxy is no longer supported as it stops reporting Content-Length header, which is crucial so that the safe could predict the actual file size before downloading it.
If you have it enabled in your config file, it will now close the safe with error code 1. You can either disable url uploads completely or just disable duckduckgo's proxy (though I believe not many will choose the latter as to begin with it was implemented to hide origin IP).
* Fixed home page going out of bound due to git commit message.
* Git commit message will no longer have dotted underline. The old solution by using border-bottom wasn't suitable when the text is being split by word-break, but text-decoration-style wouldn't look as good due to its distance from the text being too close.
* Updated bulma to 0.7.2.
* Bumped v1 and v3 version strings.
* Various other small tweaks.
Added a new config entry named "cacheFileIdentifiers". More info in config.sample.js file.
Improved some descriptions in config.sample.js file.
Added some CSS animations wherever applicable.
Bumped v1 version string.
Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist).
This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail.
If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether).
Added a new config option to filter files with no extension.
Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD").
In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension.
Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted.
Examples:
.hiddenfile => .hiddenfile
.hiddenfile.sh => .sh
.hiddenfile.001 => .hiddenfile.001
.hiddenfile.sh.001 => .sh.001
Simplified error messages of /api/upload/finishchunks.
Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok).
I plan to generalize this for the other API routes in the future.
Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok).
Bumped v1 version string (due to home.js).
Thus if you need to update an existing render, you just need to update v1 version string, and the new version string will be appended to the render's URL, thus forcing browser to refresh.
Also updated javelin_1.png since apparently I missed a tiny bit of watermark.
* Added ship waifu renders to homepage. These renders are toggleable since some of them maybe a bit NSFW-ish (state saved to browser's local storage).
* Updated lazyload to v10.19.0.
* Git commit URL is now have dotted bottom border.
* Thumbnail modal (the one that appears when you click display thumbnail button in lists view) now have a "Load original" button. For images it will simply load the original images, but for videos it will show a video player (relies on the browser's support for <video> tag). Thumbs view will now also have the "display thumbnail" button.
* Small changes to "add to album" modal.
* Small changes to alignment to modals in general.
Previously album pages would still use utils.getPrettyBytes(), but one of the previous commits got rid of it in favor of client-side solution.
I forgot to update album pages to also use client-side solution, but this commit fixes it.
On a side note, I also switched all instances of consts to var in the function.
Moved page.prepareShareX() to a single JS file named sharex.js. It'll be loaded in home and dashboard pages, and both home.js and dashboard.js will rely on the function provided by it.
The generated ShareX config file will also properly support cases where the safe is being hosted in a subdir now (e.i. https://example.com/lolisafe).
Moved utils.getPrettyBytes() and utils.getPrettySize() to client's dashboard.js.
Thus, server will no longer return prettified size and date (it'll be prettified by the client instead).
To be honest, I don't even know why I had them in server-side, it's obviously better this way.
Add to album prompt will no longer ask for confirmation (i.e. Are you sure?), instead it will go directly to album selection. If you don't want to continue, you can always press Cancel.
Updated version string in _globals.njk.
* Added "ShareX user profile" menu item to administration sidebar. This do the same thing as the ShareX icon in the homepage, which is to download a ShareX config.
* Updated version string in _globals.njk. A few of the previous commits also modified some JS files, but I forgot to update the version string back then.
I can't remember why I extended the config with "eslint:recommended" instead of "standard" back then. I know I wanted to force an older ecmaversion, but even then it would still work just fine with standard.
I've fixed it now to use standard. I've also applied auto-fix to dashboard.js and home.js, which fixed some stray or missing whitespaces, as well as the indenting of case's inside switch statement.
* Downgraded ecma version of client-side scripts to v5. This change means no more backtick strings and some others.
* Massively modified auth.js, dashboard.js and home.js to support the downgrade (dashboard.js had the most changes).
* Removed enter key event handler from auth page. The previous code had some small issues. I'd rather not have the handler than let the issues persist. I'll eventually look into adding this again in the future.
* Updated uploadController.js to handle some invalid requests into /api/delete and /api/bulkdelete.
Experimental changes:
* No more elements with "onclick" attribute.
* Form can now be submitted with Enter button as long as both the user and the pass inputs are filled.
This commit is intended to downgrade codes in JS files used for browser to increase browsers compatibility.
This branch is still experimental and may require much more testing.
* Some structure updates to the homepage and the No-JS uploader form. Making them both somewhat look better, especially in terms of spacing.
* Upload URLs form will now show an error alert when there the form is empty or only filled with whitespaces.
* Upload URLs form will now automatically remove empty lines or lines that consist of only whitespaces when the upload button is pressed.
* Added globals.v3 to _globals.njk, which will be used for CSS/JS files of libs (bulma, lazyload, etc.). globals.v1 will now only be used for lolisafe's JS and CSS files.
Since CSS/JS files of libs receive much less updates than lolisafe's (mainly since I push updates a lot), this will decrease the amount of files that users need to re-fetch on every updates.
* Added public/js/album.js which will be used by album.njk (albums public link). I'm going to disable inline scripts in safe.fiery.me.
* Better FAQ. Some points will now dynamically changes depending on the settings you have in your config.js. It's not perfect but certainly much better than before.
* Cache selected album the exact moment "Upload URLs" button is pressed, so that any in progress requests will not have its album id altered.
* All URLs will now be displayed in the uploads list (the thing in between upload buttons and footer links) the moment "Upload URLs" button is pressed. Previously it would only show the URLs one by one after each finished request.
Brief video: https://i.fiery.me/AByv.mp4.
* Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js.
Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4.
* /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload.
* Added file extension filter to /api/upload/finishchunks.
* Added proper total chunks size check to /api/upload/finishchunks.
* Various code improvements.
NOTICE: Please update your config.js. Use config.sample.js as the template.
There were a couple of renames and restructures.
* Album zipper API route will now internally save its state when it's generating zip files, and any subsequent requests will silently be "postponed" until the first spawned task is finished. This will guarantee that there are no multiple zipping tasks for the same album. The method may seem a bit hackish though.
* All instances of console.log(error) were replaced with console.error(error). This will guarantee that any error goes to stderr instead of stdout.
* Deleting file by names will now properly remove successful files from the textarea. There was a logic flaw.
* Failure to generate thumbnails will no longer print the full stack, but instead only the error message. It will also then symlink a template image from /public/images/unavailable.png (it's only a simple image that says that it failed to generate thumbnail).
This haven't been tested in Windows machines, but it'll probably work fine.
I thought of adding a new column to files table which will store information whether the thumbnail generation is sucessful or not, but oh well, I'll go with this method for now.
* Added "create new album" button at homepage uploader. Due to this, albums list will always be shown even when you don't have any albums (and of course the list will be empty).
Preview: https://i.fiery.me/ITQ5.mp4 (ignore the fact that the prompt says "Edit album", it's been fixed before this commit goes live)
* Refactored various bits of the codes to use async/await instead of Promise.then. This will obviously cause the browser's requirement to raise but hell, it's the modern browsers age.
* Various other code improvements.
* Updated API route: /upload/bulkdelete.
It now accepts an additional property named "field". In it you can now enter either "id" or "name", which will set whether it will bulk delete by ids or names respectively. It also no longer accepts property named "ids", instead it has to be named "values" (which of course is an array of either ids or names). So yeah, now the API route can be used to bulk delete by ids and names.
In the future this will be expanded to bulk deleting files by username (only accessible by root of course).
* Added a form to bulk delete files by names for the hardcore user, like me (https://i.fiery.me/AHph.png).
* Some design update. Mainly forms restructuring aimed at tight screens.
* Changing file name length, requesting new token and setting new password will no longer reload the dashboard page on success. Instead it will simply silently reload the form.
* utils.bulkDeleteFilesByIds() replaced by utils.bulkDeleteFiles() which now can either by ids or names. This will be the one that will eventually be extended for deleting by username.
* Various other code improvements.
* View thumbnail button will now use SweetAlert instead of Bulma's modal (preview: https://i.fiery.me/HDwX.png). It can be made more pretty but this will do for now.
* Fixed a bug where "Copy link to clipboard" button in albums list would only copy its identifier instead of the full URL.
Some other code improvements:
* All instances of adding/removing class names with Element.className will now use Element.classList. So instead of appending and replacing the string, it will now use add/remove functions, thus making it much easier to understand.
* "onkeypress" in auth page moved into a single addEventListener, sort of.
* Removed VSCode's discord extension entry from workspace settings. Eh, I'll go with user settings for this one.
* A bunch of refactors in public JS files (home.js, dashboard.js, etcetera).
* Added lazyload to home page (for thumbs of uploaded images), dashboard (for thumbs view) and albums' public link.
Albums' public link will silently fallback to loading all thumbs at once if JavaScript is disabled.
* A bunch of others code improvements. Honestly I'm too lazy to track all the changes.
Bulk deleting files and adding/removing selected files from album will no longer refresh the current view to the first page. It will now instead try to refresh the current page. There will be cases where the current page ends up empty (when bulk deleting or moving files from the current album), but I figured that isn't much of an issue when compared with the advantages.
Improvements related to albums:
* Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png).
This also adds a new API route: /api/albums/edit.
The old API route, /api/albums/rename, is still available but will silently be using the new API in backend.
* Deleting album will now also delete its zip archive if exists.
* Renaming albums will also rename its zip archive if exists.
* Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat.
* The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier.
* Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier.
* Added "download" and "public" columns to "albums" table in database/db.js.
Existing users can run "node database/migration.js" to add the columns.
Others:
* uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise.
* Album name of disabled/deleted albums will no longer be shown in uploads list.
* Added "fileLength" column to "users" table in database/db.js.
* Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though.
* Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch).
* Updated icons (added download icon).
* Some other improvements/tweaks here and there.
* Better thumbnails view in album page (it's now using the same styling as the one in dashboard, minus the on-hover effects and uploader/album names).
* Fixed unenclosed p tag in thumbs view at dashboard.js. It did not cause any issue because it's optional to enclose it, but oh well.
* Updated screenshot in README.md, as well as replaced fb_share.png with the same image.
* Removed 512px.png and replaced it with 512pxr.png (a round version) in manifest.json.
* globals.v is now split into globals.v1 and globals.v2. The former for CSS and JS files, the latter for images and config files (manifest.json, etcetera).
* All static images that are part of the layout will now have their URLs appended with globals.v2 (which means this does not include dynamically generated images such as thumbnails of uploaded files).
* Added "short_name" to manifest.json.
* Added 512px icon to manifest.json.
* Increased brightness of links to satisfy WCAG 2 AA standard.
* Added 'rel="noopener"' to all instances of a[target="_blank"].
* Added 'alt' to all instances of img.
* Updated static files' version string yet again.
* Added 'lang="en"' to html (_layout.njk).
* Dashboard will now display "N/A" when the file does not have an extension. Previously it would display the full name, which was of course a mistake.
* Updated static files' version string again.
uploadController.js:
* Fixed chunk uploads failing when "blockedExtensions" is missing from the config file.
config.sample.js:
* Renamed "blockedExtensions" to "extensionsFilter", and added a new option named "filterBlacklist". When "filterBlacklist" is set to 'true', all extensions in "extensionsFilter" array will be blacklisted, otherwise it will be a whitelist, so only files with those extensions that can be uploaded.
* Renamed "uploads.chunkedUploads.maxSize" to "uploads.chunkedUploads.chunkSize".
* Added "uploads.chunkedUploads.noJsMaxSize" which can be used to change the 'displayed' file size on the No-JS uploader page.
* Some other phrases updates.
_globals.njk:
* Updated static files' version string since there is a small update to home.js.
other files:
* Regular code improvements/tweaks.
* You can now disable using icons in home's footer links by setting "home_icons" to false in _globals.njk.
* Renamed "meta" block to "opengraph" in _layout.njk, since the block only represents opengraph tags anyways.
* Moved noscript warning to its own file at views/_partial/noscript.njk. It's also now being included in dashboard and auth pages.
* No-JS uploader will no longer use icons in its footer links. It will also no longer load fontello.css.
* Updated static files' version string in _globals.njk.
* Some other tweaks, mainly to get no-icons mode to work properly.
I'm reverting 2 commits before this. It was mainly about changing icons size to 1.75x instead of 2x their size. This time I'm keeping it back to 2x. I did some more thinking and I just wasn't satisfied with 1.75x.
* Added Firefox extension link. For now this will simply link my fork of the Chrome extension. You will have to build the extension by your own.
* Updated icons (added Firefox).
* Tiny refactor in home.js, thus I had to update version string in _globals.njk as well.
* Main upload button will no longer be "loading" if an error occurs with the API check request.
* It will now show a message asking user to try out the No-JS uploader when JavaScript is disabled.
* Added box-shadow to thumbnail container in thumbs view.
* Added -webkit- prefix to box-shadow in faq.html (also applied to the new one in dashboard.css for dashboard).
* Added VSCode settings to git repo. Now you can match yours with mine, if you want.
* Added .jsbeautifyrc for js-beautify (to be used by VSCode's Beautify extension).
* Refactored all instances of require('**/*.js') with require('**/*') wherever applicable (basically gotten rid of the .js extension).
* Refactored path in all instances of require() wherever applicable.
* Sorted instances of require() wherever applicable.
* Fixed 500 HTTP error trying to load an error page for 505 HTTP error.
* Removed special treatement of NoJS page from uploadsController.processFilesForDisplay().
* Updated version string of all static files.
* Beautified all HTML, HANDLEBARS and CSS files.
* Refactored the structure of footer links in homepage and No-JS uploader. This should now fix homepage going out-of-bound in smaller screens.
* Added CSS prefixes wherever applicable.
* Improved back-end side of No-JS uploader. This will now handle errors properly.
* No-JS uploader will now show max file size.
* No-JS uploader will now show a proper message when private mode is enabled and/or registration is disabled.
I accidentally removed 100% width from image container, causing files that did not have thumbnails to be left-aligned instead of centered, or something like that.
* Removed rimraf from dependency. Although really it'll still need to be used by other dependencies, such as eslint and bcrypt, so it'll still have to be downloaded by yarn either way.
* Updated dashboard.css. Added "overflow: hidden" to thumbnail container. Previously potrait thumbnails will be visible outside of their container.
* Removed notice about having "chunks" folder from config.sample.js. Added a line in lolisafe.js to create the folder if it doesn't exist instead.
* Updated bcrypt to v2.0.0. I'm not really sure whatever has changed, but I've tested that it didn't require any additional changes for our current usage.
* Chunks will no longer be saved with their original file's extension. Instead they'll only be saved as plain files named 0, 1, ..., n, without any extension whatsoever. Extension for joined chunks will be read from the original file's name in /api/upload/finishchunks. If the user doesn't pass that data when calling the API, the joined chunks will not have any extension.
* Since rimraf has been removed, uploadsController.actuallyFinishChunks() will now use a combination of fs.unlink() and fs.rmdir(). Promise.all() will be used when running fs.unlink() so that all chunks will be deleted at the same time through multiple instances of async tasks (probably).
* Some other small changes and tweaks in uploadController.js.
* Refactored all instances of "failedIds" and "albumIds" to "failedids" and "albumids" respectively. Abandoning camel case for these ones.
* Refactored the way it looks into which albums the files are supposed to be added into.
For /api/upload/finishchunks, you can add "albumid" to each object in files[] to specify which album you want the finsihed chunks to be added into. Each object may have different album IDs.
For /api/upload, which is regular uploads, unfortunately you can only choose one album at a time (by adding "albumid" to the request headers, like usual). It uses the same function as the one used for finishchunks to add the files into album, so it shouldn't be hard to extend this ability to regular uploads, someday in the future.
* Fixed a bug in /api/upload/finishchunks. Previously you couldn't ever get it to work.
* Updated error message when successful uploads could not be added to album.
* "albumid" will no longer be added to request headers if they are chunked uploads. They'd have been ignored anyways.
* Updated eslint-plugin-import dev dependency.
* Added 2 new ESLint rules: "prefer-const" and "object-shorthand".
* Refactor all JS files to follow the new ESLint rules.
* Refactored all instances of for-i into for-of wherever applicable.
* New uploads that can NOT be added to an album, for whatever reason, will print out message that they can not be added to the said album, but their links will still also be shown underneath the message. Previously it would only print out the message but not the link.
* Improved uploadController.processFilesForDisplay(). Previously it would loop through all uploaded files and update album info for EVERY file, even though to begin with it was designed so that every call would only have to access ONE album. So yeah, this time it will only update album info ONCE no matter how many files are being processed in that session.
* If files have to be added to an album on upload, it will now wait until they have either been succesfully added to the album or errored.
* File names in thumb view will now show their full URL on their tooltip.
* De loli-safe wherever it's safe to do so.
* Removed bulma tooltip. Sigh, it came from an impulsive decision out of boredom to begin with.
* Chrome extension and GitHub links in home page will now open in new tab.
* File's link in the dashboard's list will still show the full URL in its tooltip, but it will no longer use bulma tooltip extension.
* Updated home. All footer links are now using icons.
* Added Chrome extension link to home.
* Updated icons (added some and replaced some).
* Home will now show a different message if private mode is on but guests are still allowed to create accounts.
* Home will no longer show message about creating account if guests are not allowed to create one.
* Updated API route: /api/check. State of whether registration is enabled or not is now exposed with key "enableUserAccounts".
* Added "Clear selection" button. This will clear all selection, in case you have selected like hundreds of files already but decided not to do anything to them in the end.
* Bulk "Add to album" button will now only show its icon only.
* Better un/select all files logic.
* Updated icons (added "cancel" icon for the "Clear selection" button).
* Fixed information of selected files being cleared when canceling either add to album or bulk delete prompt.
* Add to album prompt will now show how many files are going to be moved.
* Fixed bulk delete failing to reload file list properly when being used while listing an album.
* Added new ESLint rule "quotes" with option "single". I'm pretty sure Standard used to have this as default. I actually liked that back then.
* File name, album/owner and size in thumbs view will no longer be clipped. Instead their overflow will be hidden in the form of ellipsis.
* Updated screenshot in README.md.
Updated styling so that table cells will no longer wrap its content to new lines. Its container will still allow users to scroll to left and right, so this works better than forcing a minimum width.
* Thumbnail button will no instead be disabled instead of not displayed when the file has no thumbnail.
* Bulk adding files to album will now un-check files that have been successfully moved to the album.
* Refactored all instances of "An error occurred" by appending an exclamation mark.
* Added the ability to add/remove files to/from album (API route: /api/albums/addfiles - https://s.fiery.me/dCAqLEQ9.mp4).
* Added the ability to purge files associated with an album when deleting the said album (set "purge" key to true in the JSON POST request to /api/albums/delete).
* Updated icons.
* Some other refactors, probably.
* Refactored all instances of "err" into "error".
* Added bulk delete feature (API route: /api/uploads/bulkdelete). It accepts an array of IDs (its key must be "ids" in the JSON POST request). Don't forget it still requires a token in the headers. (https://s.fiery.me/6rjMAYoC.mp4)
* Removed fontello.css from auth.html.
* Updated a bunch of styling.
* Added "copy link to clipboard" button to thumbs view.
* Added "view thumbnail" button to list view. Clicking the row will no longer trigger thumb view, instead you have to press that button.
* Updated icons.
* ... and perhaps some others that I can't remember?
* Small styling update to auth page.
* Changed icons used in dashboard.
* Added ClipboardJS.
* Added "copy link" button in file list (list view only) and album list. They will use ClipboardJS.
* Added "copy link" in upload result. For desktop, there will be small clipboard icons after the links, but for mobile and tablet, there will be a clickable buttons instead.
* Updated placeholder color for input elements.
* Updated "Loading..." in home page to use Bulma's loading spinner instead. It will also now be unclickable while still loading.
* Matched version string for all JS and CSS files.
* Switched standard to eslint with eslint-config-standard (and 4 more eslint plugins needed by standard).
* Added "curly" eslint rule with "all" option. I like it.
* Refactored all JS files to apply the new "curly" eslint rule.
* Renewed axios.min.js, dropzone.min.js and sweetalert.min.js. Re-minified and added a small comment stating their version and copyright statement.
* Some buttons in dashboard will now show loading icon whenever they're waiting for response from the server.
* Updated README.md and .gitignore.
* Improved list view. When a row is clicked, as long as it has a thumbnail, a modal will pop-out to show the thumbnail.
* Improved image placement in thumb view.
* Refactored all instances of id attribute in HTML files to use double quotes instead of single quote.
* Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files.
* Added chunked uploads support :3
* Updated Dropzone to 5.2.0.
* More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default.
* Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though.
* Refactored home.js to use const/let and some other stuff.
* Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle.
* Updated some version strings.
* And maybe some others that I can't remember.
