Commit Graph

73 Commits

Author SHA1 Message Date
Bobby Wibowo
f166a70d71
Updated lolisafe.js
Updated cache control
2019-01-06 04:16:19 +07:00
Bobby Wibowo
874ddba665
Updated lolisafe.js
Cache control album ZIPs
2019-01-06 04:14:33 +07:00
Bobby Wibowo
2f51954024
Updates
Experimental cache control
2019-01-06 04:09:47 +07:00
Bobby Wibowo
8a1fa9f8fb
clean up lolisafe.js 2019-01-01 12:34:16 +07:00
Bobby Wibowo
adb2ff7e71
Updated lolisafe.js 2018-12-20 21:43:31 +07:00
Bobby Wibowo
00a4e44758
Updates 2018-12-20 19:25:41 +07:00
Bobby Wibowo
d723c0f562
Updates [!! update config.js !!]
Added extended support for URL uploads.
Namely URL proxy support and separate extensions filter (as in separate
from the primary extensions filter).
There's also a new option to set a disclaimer message that will be
printed underneath the URL uploads form.

Trust proxy is now toggleable from the configuration file.
I think they should only be enabled when you're behind proxy such as
Cloudflare or Incapsula.
I'm not sure how it behaves with only a bare nginx reverse proxy though.

Empty files can now be filtered.

Sorted preset extensions filter in config.sample.js.

Rephrased some options in config.sample.js as well.

maxTries now default to 3 in config.sample.js.

Various other small changes.
2018-12-20 18:53:37 +07:00
Bobby Wibowo
89ec426e71
Removed lines related to DuckDuckGo's proxy
I think I've let them sit for like a week or so. It should've been
enough of a buffer time for everyone else.
2018-12-19 01:19:04 +07:00
Bobby Wibowo
00cbd3e76c
Updates
Updated ESLint rule: curly, again.
Mainly to also enabled "consistent" rule, which enforces curly into
else/elseif blocks, if its if block requires curly.

Added support for GET requests to /api/delete route.
Its usage is /api/delete/identifier, where identifier is the filename.
Though just like its POST route, it needs token in the header.
2018-12-19 00:41:42 +07:00
Bobby Wibowo
53789a20c2
Updated uploadController.js
DuckDuckGo's proxy is no longer supported as it stops reporting Content-Length header, which is crucial so that the safe could predict the actual file size before downloading it.

If you have it enabled in your config file, it will now close the safe with error code 1. You can either disable url uploads completely or just disable duckduckgo's proxy (though I believe not many will choose the latter as to begin with it was implemented to hide origin IP).
2018-12-09 00:55:04 +07:00
Bobby Wibowo
2ee1c40868
Whoops, bugfix 2018-12-04 20:35:49 +07:00
Bobby Wibowo
07b4ef8fc2
Updates
Added a new config entry named "cacheFileIdentifiers". More info in config.sample.js file.

Improved some descriptions in config.sample.js file.

Added some CSS animations wherever applicable.

Bumped v1 version string.
2018-12-04 18:58:53 +07:00
Bobby Wibowo
a17cfb83a2
Enable ids caching by default 2018-12-03 16:32:26 +07:00
Bobby Wibowo
6af52341c9
Init ids-cache branch 2018-12-03 16:18:52 +07:00
Bobby Wibowo
c3d4c237cb
Init account-manager branch 2018-10-10 02:52:41 +07:00
Bobby Wibowo
d4b6933891
Improved help message for URL upload
* Hide notice about max size if it's equal to max size of regular uploads.

* Show notice about DuckDuckGo's proxy if it's turned on.

* Also updated description in config.sample.js to further emphasize about the limitation of using DuckDuckGo's proxy.
2018-09-30 05:38:13 +07:00
Bobby Wibowo
0d38995b2b
Updates
* When gitHash in config.js is set to true, latest commit hash of the currently enabled git repo/branch will be displayed in home and nojs uploader pages.

* Error pages can now be configured with errorPages option (their root directory and their file names).
2018-09-20 18:41:17 +07:00
Bobby Wibowo
a207c4a806
Init 'clamdjs' branch (#8)
Use clamdjs module instead of clam-engine. This module connects to clam daemon server.
2018-09-04 22:48:24 +07:00
Bobby Wibowo
36da76357e
Updates
* Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine.

* File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed.

Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-02 03:37:26 +07:00
Bobby Wibowo
4d7b23bb39
Initial commit at browser-ecma6 branch
This commit is intended to downgrade codes in JS files used for browser to increase browsers compatibility.

This branch is still experimental and may require much more testing.
2018-07-14 10:42:18 +07:00
Bobby Wibowo
c4eed6e478
Updates
* Added globals.v3 to _globals.njk, which will be used for CSS/JS files of libs (bulma, lazyload, etc.). globals.v1 will now only be used for lolisafe's JS and CSS files.
Since CSS/JS files of libs receive much less updates than lolisafe's (mainly since I push updates a lot), this will decrease the amount of files that users need to re-fetch on every updates.

* Added public/js/album.js which will be used by album.njk (albums public link). I'm going to disable inline scripts in safe.fiery.me.

* Better FAQ. Some points will now dynamically changes depending on the settings you have in your config.js. It's not perfect but certainly much better than before.
2018-05-12 23:34:19 +07:00
Bobby Wibowo
bd722129de
Updates, now supports uploading by URLs!
* Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js.
Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4.

* /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload.

* Added file extension filter to /api/upload/finishchunks.

* Added proper total chunks size check to /api/upload/finishchunks.

* Various code improvements.
2018-05-11 21:34:13 +07:00
Bobby Wibowo
479db54cd3
Updates (experimental)
* Possible performance improvement. Some bulk db queries will now be executed in a single query instead of spawning multiple async task for each query. This is sorta experimental though, use it at your own risk (though I'll use it right away at safe.fiery.me).

* It's now possible for root user to add files to other users' albums through the API route. I don't plan on allowing root user to list other users' album list from the dashboard, I just thought that there'd be no harm in extending the API a little bit.

* Kinda better error logging for uncaught exception and unhandled rejection. Their stack trace should be logged now.
2018-05-11 00:25:52 +07:00
Bobby Wibowo
7991a63315
Updates (please update your config.js)
NOTICE: Please update your config.js. Use config.sample.js as the template.
There were a couple of renames and restructures.

* Album zipper API route will now internally save its state when it's generating zip files, and any subsequent requests will silently be "postponed" until the first spawned task is finished. This will guarantee that there are no multiple zipping tasks for the same album. The method may seem a bit hackish though.

* All instances of console.log(error) were replaced with console.error(error). This will guarantee that any error goes to stderr instead of stdout.

* Deleting file by names will now properly remove successful files from the textarea. There was a logic flaw.

* Failure to generate thumbnails will no longer print the full stack, but instead only the error message. It will also then symlink a template image from /public/images/unavailable.png (it's only a simple image that says that it failed to generate thumbnail).
This haven't been tested in Windows machines, but it'll probably work fine.
I thought of adding a new column to files table which will store information whether the thumbnail generation is sucessful or not, but oh well, I'll go with this method for now.
2018-05-09 15:41:30 +07:00
Bobby Wibowo
4660200b1e
More improvements to albums, and others
Improvements related to albums:

* Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png).
This also adds a new API route: /api/albums/edit.
The old API route, /api/albums/rename, is still available but will silently be using the new API in backend.

* Deleting album will now also delete its zip archive if exists.

* Renaming albums will also rename its zip archive if exists.

* Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat.

* The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier.

* Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier.

* Added "download" and  "public" columns to "albums" table in database/db.js.
Existing users can run "node database/migration.js" to add the columns.

Others:

* uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise.

* Album name of disabled/deleted albums will no longer be shown in uploads list.

* Added "fileLength" column to "users" table in database/db.js.

* Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though.

* Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch).

* Updated icons (added download icon).

* Some other improvements/tweaks here and there.
2018-04-29 00:26:39 +07:00
Bobby Wibowo
6cc6928c62
Merging all the changes from 'master'
There's nothing much really. Here's a summary:
* Added dmca.gripe to README.md.
* Updated chrome extension's instruction in README.md.
* Bumped year in LICENSE.
* Moved error pages from /pages/errors to /pages/error.
* Added a README.md to /pages/error clarifying the fact that this repo is using symlinks for error pages.
2018-04-26 19:28:31 +07:00
Bobby Wibowo
498002ee2d
Updated lolisafe.js
Removed file extension check from setHeaders function. It will now apply Cache-Control to all files in /public, and to all files in the uploads folder if they are being served by node.
2018-04-25 14:30:38 +07:00
Bobby Wibowo
674d20c62c
Updates
Regular code improvements.
2018-04-21 04:39:06 +07:00
Bobby Wibowo
09f51c8448
Updates~ 😉
Thanks to Zephyrrus for the hints about nunjucks, sort of (he did not really give out any specific hints to me, I stalked his fork, lmao).

* Replaced Handlebars with Nunjucks.

* Replaced all static HTML files with their NJK-equivalent (excluding error pages).

* Renamed "albumDomain" to "homeDomain" in config.sample.js (make sure you update your config.js too).

* Updated dependencies: knex and eslint-plugin-import (dev).

* Updated vscode's settings.json (I may update this again very soon).
2018-04-19 04:00:36 +07:00
Bobby Wibowo
dd43acecea
Updates
* Added VSCode settings to git repo. Now you can match yours with mine, if you want.

* Added .jsbeautifyrc for js-beautify (to be used by VSCode's Beautify extension).

* Refactored all instances of require('**/*.js') with require('**/*') wherever applicable (basically gotten rid of the .js extension).

* Refactored path in all instances of require() wherever applicable.

* Sorted instances of require() wherever applicable.

* Fixed 500 HTTP error trying to load an error page for 505 HTTP error.

* Removed special treatement of NoJS page from uploadsController.processFilesForDisplay().

* Updated version string of all static files.

* Beautified all HTML, HANDLEBARS and CSS files.

* Refactored the structure of footer links in homepage and No-JS uploader. This should now fix homepage going out-of-bound in smaller screens.

* Added CSS prefixes wherever applicable.

* Improved back-end side of No-JS uploader. This will now handle errors properly.

* No-JS uploader will now show max file size.

* No-JS uploader will now show a proper message when private mode is enabled and/or registration is disabled.
2018-04-13 23:20:57 +07:00
Bobby Wibowo
4923cf9800
Updates
* Added No-JS uploader page (it's on /nojs).

* Updated uploadsController.processFilesForDisplay() to support requests from No-JS uploader page.

* Added "Bash uploader" link to footer.

* Updated icons (added terminal icon for "Bash uploader" footer link).
2018-04-12 21:37:42 +07:00
Bobby Wibowo
7978325cd6
Updates
* Removed rimraf from dependency. Although really it'll still need to be used by other dependencies, such as eslint and bcrypt, so it'll still have to be downloaded by yarn either way.

* Updated dashboard.css. Added "overflow: hidden" to thumbnail container. Previously potrait thumbnails will be visible outside of their container.

* Removed notice about having "chunks" folder from config.sample.js. Added a line in lolisafe.js to create the folder if it doesn't exist instead.

* Updated bcrypt to v2.0.0. I'm not really sure whatever has changed, but I've tested that it didn't require any additional changes for our current usage.

* Chunks will no longer be saved with their original file's extension. Instead they'll only be saved as plain files named 0, 1, ..., n, without any extension whatsoever. Extension for joined chunks will be read from the original file's name in /api/upload/finishchunks. If the user doesn't pass that data when calling the API, the joined chunks will not have any extension.

* Since rimraf has been removed, uploadsController.actuallyFinishChunks() will now use a combination of fs.unlink() and fs.rmdir(). Promise.all() will be used when running fs.unlink() so that all chunks will be deleted at the same time through multiple instances of async tasks (probably).

* Some other small changes and tweaks in uploadController.js.
2018-04-09 01:30:25 +07:00
Bobby Wibowo
b1dbb931c1
Updates
* Updated eslint-plugin-import dev dependency.

* Added 2 new ESLint rules: "prefer-const" and "object-shorthand".

* Refactor all JS files to follow the new ESLint rules.

* Refactored all instances of for-i into for-of wherever applicable.
2018-04-05 17:52:57 +07:00
Bobby Wibowo
7f10cccf70
Updates
* If files have to be added to an album on upload, it will now wait until they have either been succesfully added to the album or errored.

* File names in thumb view will now show their full URL on their tooltip.
2018-04-05 00:38:15 +07:00
Bobby Wibowo
0067c8fe83
Updates
* Refactored all instances of "err" into "error".

* Added bulk delete feature (API route: /api/uploads/bulkdelete). It accepts an array of IDs (its key must be "ids" in the JSON POST request). Don't forget it still requires a token in the headers. (https://s.fiery.me/6rjMAYoC.mp4)

* Removed fontello.css from auth.html.

* Updated a bunch of styling.

* Added "copy link to clipboard" button to thumbs view.

* Added "view thumbnail" button to list view. Clicking the row will no longer trigger thumb view, instead you have to press that button.

* Updated icons.

* ... and perhaps some others that I can't remember?
2018-03-30 06:22:08 +07:00
Bobby Wibowo
49cf3b0654
Updates
* Removed unnecessary math operator from lolisafe.js.

* Updated comment about HttpErrorPages (the branch was renamed from "fiery-me" to "fiery.me").
2018-02-10 06:20:34 +07:00
Bobby Wibowo
6246436aed
Hehe.. 2018-01-25 01:31:31 +07:00
Bobby Wibowo
878bdd484d
Added error pages
Utilizing BobbyWibowo/HttpErrorPages.
2018-01-25 01:13:17 +07:00
Bobby Wibowo
60c6357491
Updates
I don't know what I'm doing.
2018-01-24 23:18:01 +07:00
Bobby Wibowo
fc71601074
Updates
* Show horizontal scrollbar for table only when needed.

* Cache-Control for static files.
2018-01-24 23:04:21 +07:00
Bobby Wibowo
32dd070e49
Yet another bunch of updates
* Self-host all libs (including but not limited to Font Awesome icons). LICENSE files were properly included as well.

* Temporarily disabling error pages.

* Added "start" and "pm2" scripts. To be used with "yarn SCRIPT_NAME" or "npm run SCRIPT_NAME".

* Added container for the tables in dashboard. On narrow screens, such as phones, users will then have the ability to use horizontal scroll on the tables.

* Fixed various resource paths. This should now work properly when not being hosted in root domain (e.i. https://fiery.me/lolisafe/).

* Before checking API, the "Running in ..." button will now say "Loading..." instead.
2018-01-24 22:31:23 +07:00
Bobby Wibowo
bcdfcd7064
Various updates
* Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too.

* Lots of refactors to follow the rules of Standard.

* Fixed issue with uploading as a not logged in user.
2018-01-24 03:06:30 +07:00
Bobby Wibowo
47f2f30682
More breaking changes
* Added Editor Config file.

* Added ".vscode/" to .gitignore.

* Added final newline to some files.

* Added KDE Breeze Dark colors.

 * Applied various ESLint autofixes. There were still plenty of non-auto-fixable issues though. I'm not sure why this project had ESLint dev dependency but still ended up with countless issues.

* ... and maybe some others.
2018-01-24 01:00:55 +07:00
Pitu
992b632d1a Added album downloading through front-end 2017-10-04 02:05:38 -03:00
Pitu
8d8dbc7078 Missing semicolon 2017-10-04 00:59:18 -03:00
Pitu
54a262ef95 Fixes serving the actual configured uploads folder 2017-10-03 23:45:23 -03:00
Pitu
128b7113bf Little bit of this 2017-10-03 21:13:15 -03:00
Pitu
c1963b2809 Changed how domains are handled 2017-10-03 19:48:26 -03:00
Pitu
6b72453d4a Made the album viewer route SSR so crawlers dont have issues 🎉 2017-09-20 03:03:31 -03:00
Caroline
ce23b0f19d Keep the bad guys out >:c (#36) 2017-04-27 09:04:19 +02:00