Commit Graph

58 Commits

Author SHA1 Message Date
mutantmonkey
b7fadd9676 Add linx-cleanup tool
This doesn't completely fix #116, but it makes setting up a cron job to
do cleanup much more pleasant.
2017-05-01 21:27:28 -07:00
andreimarcu
37f9a0cbbc Change unknown extension from .ext to .file 2017-03-25 08:44:18 -07:00
mutantmonkey
e6ac89d6dc Switch to https://github.com/h2non/filetype
This library is much better at detecting MIME types properly than the
existing one. Fixes #117.
2017-03-25 01:08:56 -07:00
mutantmonkey
647aa2c0f6 Fix max expiry when provided expiry is 0
Previously, we did not properly handle the case where the provided
expiry was zero and the max expiry was configured to be nonzero; add an
additional check to cover this case.

Fixes #111.
2016-11-02 19:31:32 -07:00
mutantmonkey
fef43d856e Add option for maximum expiration time (fixes #99) 2016-09-18 22:05:26 -07:00
andreimarcu
81a1513809 Add newline for PUT response 2016-07-22 18:15:44 -07:00
andreimarcu
1e1f28658d Remove spaces in mime mapping and ensure no spaces in filenames 2016-07-22 18:08:59 -07:00
mutantmonkey
fcd18eceec use abstracted storage for flexibility
I moved the storage functionality into the StorageBackend interface,
which is currently only implemented by LocalfsBackend.
2016-06-08 20:18:31 -07:00
mutantmonkey
47670af185 Infer site URL from host and headers
We can use the Host property of the request and the X-Forwarded-Proto to
infer the site URL. To reduce complexity, the path is not inferred, and
it is assumed that linx-server is running at /. If this is not the case,
the site URL must be manually configured; this is no different than it
was before.
2016-06-04 18:34:22 -07:00
mutantmonkey
b0d2f2a142 support .tar.gz-style extensions
Some extensions actually consist of multiple parts, like .tar.gz, so we
should handle this properly instead of merging part of the extension
with the bare name. Right now only tar is allowed, but others can be
added easily.

Fixes #74.
2016-02-12 21:27:39 -08:00
andreimarcu
4856ab0750 Allow for non-/ deployments. Fixes #61 2015-10-30 18:36:47 -04:00
andreimarcu
9b1df43ef2 Trim "-" in filenames 2015-10-28 14:31:51 -04:00
andreimarcu
c8fc62398a Enable randomize in remote uploads 2015-10-18 11:07:39 -04:00
andreimarcu
9847beeff5 Cleanup 2015-10-14 22:47:36 -04:00
andreimarcu
3c659601e2 Make it an option for post uploads 2015-10-14 20:40:25 -04:00
andreimarcu
68653372ff Rename auth header to Linx-Api-Key and remove
b64encoding requirement for uploading with keys
2015-10-14 16:18:29 -04:00
mutantmonkey
a7ae455ac1 strict referrer check improvements
* Always check Origin if it is present, regardless of headers sent
* Whitelist X-Requested-With header
2015-10-12 00:28:04 -07:00
mutantmonkey
dd4ac3a7ed add support remote auth keys
These are taken as a parameter to the remote upload page. Note that all
keys will be logged since this is a GET request.
2015-10-11 19:31:13 -07:00
mutantmonkey
52ec9f8e2d use 303 redirects instead of 301s
HTTP status code 301 is for a permanent redirect, which these are not.
Although 302 would work here in most browsers, it would not follow the
HTTP spec, so instead we use 303 which has a clearly and consistently
defined behavior in response to a POST or PUT request.
2015-10-10 20:22:10 -07:00
mutantmonkey
874c23087d add crossdomain.xml to file blacklist 2015-10-09 00:06:23 -07:00
Andrei Marcu
d9723b8350 Merge pull request #49 from mutantmonkey/referrer_check
add strict referrer check for POST uploads
2015-10-08 23:35:19 -04:00
mutantmonkey
6ff181facb add strict referrer check for POST uploads
This should protect against cross-site request forgery without the need
for cookies. It continues to allow requests with Linx-Delete-Key,
Linx-Expiry, or Linx-Randomize headers as these will not be set in the
case of cross-site requests.
2015-10-08 20:27:04 -07:00
andreimarcu
e9132a1193 File overwriting support. Fixes #8 2015-10-08 12:49:29 -04:00
andreimarcu
639d519712 Configurable maximum upload file size. Fixes #35 2015-10-08 01:38:50 -04:00
andreimarcu
6e33fe6ac8 Metadata holds mimetype, sha256sum, archiveFiles 2015-10-07 22:45:34 -04:00
andreimarcu
9640e2c7ce Tests + fixes 2015-10-07 03:00:03 -04:00
andreimarcu
11039d57f1 Fix dyreshark breakages + fix small file with no extension bug 2015-10-07 01:15:45 -04:00
Andrei Marcu
3d55697adc Merge pull request #42 from matthazinski/remote_upload_params
Add support for deletion key and expiry in remote upload
2015-10-07 00:11:38 -04:00
Matt Hazinski
875ebd6db2 Add support for deletion key and expiry in remote upload 2015-10-07 00:08:14 -04:00
George Burgess IV
1e421e07cd swap to using time types instead of ints 2015-10-05 23:50:20 -07:00
andreimarcu
c5250e529e Headers are now Linx-.. instead of X-... 2015-10-06 00:31:09 -04:00
mutantmonkey
ad9d712a3a add a file blacklist and add robots.txt
Fixes #26
2015-10-04 18:16:27 -07:00
andreimarcu
3e2537ca68 Get rid of ace editor 2015-10-04 17:27:47 -04:00
andreimarcu
d40803f165 More verbose errors 2015-10-04 12:47:20 -04:00
mutantmonkey
98106ec74f use better random for URLs and delete keys
Using a PRNG seeded based on only the time for these is a bad idea as
the output is predictable. Instead, use a package that generates random
strings using go's crypo/rand package to provide cryptographically
secure random URLs and delete keys.
2015-10-01 22:09:40 -07:00
andreimarcu
8f7b47f572 Support remote uploads 2015-10-01 20:58:08 -04:00
andreimarcu
9cd20c81fc This is not the commit you are looking for 2015-10-01 13:01:44 -04:00
andreimarcu
61e1661dde Fix small file uploads 2015-10-01 11:03:41 -04:00
andreimarcu
31359499ac Switch to dropzonejs. Fixes #18 2015-09-30 23:37:00 -04:00
Jacob Melton
c22e314d80 Add a check to see if we already hit EOF on Read 2015-09-30 10:58:49 -04:00
andreimarcu
8a1b688b3c Remove error 2015-09-30 00:59:19 -04:00
andreimarcu
2f5bf2cd65 Added pasteHandler and paste upload 2015-09-30 00:56:51 -04:00
Andrei Marcu
f1135085c2 Merge pull request #14 from Uncurlhalo/add-mime-detection
Assign extention based on mimetype if empty extension
2015-09-29 22:10:19 -04:00
Jacob Melton
2ef8546864 Add basic MIME detection support 2015-09-29 22:01:55 -04:00
andreimarcu
02f86da3c7 Display expiry and size info 2015-09-29 19:00:16 -04:00
andreimarcu
f0b1a8e47b Cleanup artifacts 2015-09-28 16:17:32 -04:00
andreimarcu
5f78fe6619 Added tests for uploads 2015-09-28 16:02:03 -04:00
andreimarcu
8c50d4322f Added support for testing, removed uuid requirement 2015-09-28 12:30:21 -04:00
andreimarcu
c32a698cbc upload expiry/barename respect, random fixes 2015-09-28 00:25:57 -04:00
Matt Hazinski
a10b838f4d Add preliminary metadata support 2015-09-27 22:43:41 -04:00