Commit Graph

43 Commits

Author SHA1 Message Date
andreimarcu
6987edc0d8 Remove non-API navigation links when using auth 2015-10-14 15:20:41 -04:00
mutantmonkey
cd83f9f0eb fix CSP referrer policy
The policy of "referrer none" was incorrect and was nonfunctional. With
this change, the CSP referrer policy is set to origin, which
will causes only the origin to be sent for requests made from the main
site.

A fix was also needed for referrer checks in two places.
2015-10-11 23:49:15 -07:00
mutantmonkey
dd4ac3a7ed add support remote auth keys
These are taken as a parameter to the remote upload page. Note that all
keys will be logged since this is a GET request.
2015-10-11 19:31:13 -07:00
mutantmonkey
aa7dad3a03 add support for auth keys
Add a middleware that requires authorization for all POST, PUT, and
DELETE requests. This is done using the Authorization header and the
provided auth key is then checked against a file containing scrypted
auth keys. These keys are salted the constant string `linx-server`.
2015-10-11 17:34:53 -07:00
andreimarcu
2b0135697b Add option for using Real-IP 2015-10-11 20:32:28 -04:00
andreimarcu
354278d488 Real-IP middleware for fastcgi + nginx doc update 2015-10-10 11:22:24 -04:00
mutantmonkey
82edabd036 change -b flag to -bind
This is for consistency with Goji's default flag and is more clear.
2015-10-09 23:06:28 -07:00
mutantmonkey
a09297389b create our own mux instead of using goji default
This is a better way to do things since we were customizing middleware
and everything anyway. It's also necessary in order to avoid pulling in
the default Goji -bind flag: https://github.com/zenazn/goji/issues/47
2015-10-09 23:04:08 -07:00
andreimarcu
62443e984d API documentation. Fixes #30 2015-10-08 21:48:06 -04:00
andreimarcu
639d519712 Configurable maximum upload file size. Fixes #35 2015-10-08 01:38:50 -04:00
andreimarcu
9b07728ddb Added https option + graceful shutdown 2015-10-07 12:48:44 -04:00
George Burgess IV
12551d12b3 housekeeping 2015-10-05 23:51:49 -07:00
George Burgess IV
4330d605e3 Clean up logging on start 2015-10-05 23:49:57 -07:00
andreimarcu
ce73598f12 Document csp flags 2015-10-04 22:43:42 -04:00
mutantmonkey
ad9d712a3a add a file blacklist and add robots.txt
Fixes #26
2015-10-04 18:16:27 -07:00
mutantmonkey
e030c07f94 allow unsafe-inline for style-src for now
This is used for the upload progress bar. Hopefully we can find a better
solution in the future for this.
2015-10-04 15:11:23 -07:00
mutantmonkey
5e7e96af01 add support for some security headers
This commit adds support for Content-Security-Policy and
X-Frame-Options using the ContentSecurityPolicy middleware.
2015-10-04 14:58:00 -07:00
andreimarcu
1e1c8caa53 Add /favicon.ico route 2015-10-04 12:58:30 -04:00
andreimarcu
8f7b47f572 Support remote uploads 2015-10-01 20:58:08 -04:00
andreimarcu
52cc3b4dff Add fastcgi support and static cache headers 2015-10-01 10:32:59 -04:00
andreimarcu
ba73f4adf3 Fix static directory listing recursion 2015-09-30 15:54:30 -04:00
andreimarcu
2f5bf2cd65 Added pasteHandler and paste upload 2015-09-30 00:56:51 -04:00
andreimarcu
5b91993677 Add torrent generation 2015-09-29 23:35:25 -04:00
andreimarcu
22818d86ce Implement hotlink protection 2015-09-29 19:28:10 -04:00
mutantmonkey
091225b9e4 add torrent support
This change adds an option to download files with BitTorrent. A webseed
is provided in the torrent file to bootstrap the swarm.
2015-09-28 22:58:14 -07:00
Matt Hazinski
51ccc2f6a4 Add delete method 2015-09-28 23:46:43 -04:00
andreimarcu
ae1933c93b go.rice needs string literal 2015-09-28 21:58:50 -04:00
andreimarcu
2255716c7d switch to mimemagic to avoid cgo 2015-09-28 21:41:07 -04:00
andreimarcu
56e305bfcc go.rice now serves static and template files 2015-09-28 20:46:58 -04:00
andreimarcu
5f78fe6619 Added tests for uploads 2015-09-28 16:02:03 -04:00
andreimarcu
8c50d4322f Added support for testing, removed uuid requirement 2015-09-28 12:30:21 -04:00
andreimarcu
c32a698cbc upload expiry/barename respect, random fixes 2015-09-28 00:25:57 -04:00
andreimarcu
935db7c618 Fixed pdf/audio 2015-09-27 23:07:15 -04:00
Matt Hazinski
a10b838f4d Add preliminary metadata support 2015-09-27 22:43:41 -04:00
andreimarcu
674c4be3e3 Never accept PRs without testing again 2015-09-26 07:50:33 -04:00
Matt Hazinski
11cb55232a Make filesDir if it does not exist 2015-09-25 22:03:23 -04:00
andreimarcu
9b0385bf6f Check if file exists and increment filename 2015-09-25 12:47:55 -04:00
andreimarcu
d98b63e8bd Performance improvements, custom 404+500, -nologs, PUT uploads fix 2015-09-25 12:00:14 -04:00
andreimarcu
8caae56b39 json response + imported old drag and drop uploader 2015-09-25 00:58:38 -04:00
andreimarcu
acb124b7fb Add template globals, disable template caching while debug 2015-09-24 23:21:42 -04:00
andreimarcu
d869599da7 Bare /static support, some css/templates import 2015-09-24 16:04:51 -04:00
andreimarcu
52b7e594f3 cleanup imports 2015-09-24 02:08:44 -04:00
andreimarcu
2dbe318b18 Initial commit 2015-09-24 01:44:49 -04:00