adbc1604dc
add some more auth tests
...
It's going to be difficult to get 100% code coverage, but we can at
least ensure that checkAuth works properly.
2015-10-11 18:37:36 -07:00
cc4e2ca0d9
read authfile once only
...
Read the authfile upon initial server start and store the auth keys in
the auth struct, rather than reading the file for each page load.
2015-10-11 18:36:27 -07:00
3c9e260926
improve auth tests and rename auth struct
2015-10-11 17:43:31 -07:00
aa7dad3a03
add support for auth keys
...
Add a middleware that requires authorization for all POST, PUT, and
DELETE requests. This is done using the Authorization header and the
provided auth key is then checked against a file containing scrypted
auth keys. These keys are salted the constant string `linx-server`.
2015-10-11 17:34:53 -07:00
2b0135697b
Add option for using Real-IP
2015-10-11 20:32:28 -04:00
9ac016c3b5
Document overwriting a file
2015-10-11 20:28:46 -04:00
6c9d517c80
Merge pull request #55 from mutantmonkey/redirect_fix
...
use 303 redirects instead of 301s
2015-10-10 23:25:57 -04:00
52ec9f8e2d
use 303 redirects instead of 301s
...
HTTP status code 301 is for a permanent redirect, which these are not.
Although 302 would work here in most browsers, it would not follow the
HTTP spec, so instead we use 303 which has a clearly and consistently
defined behavior in response to a POST or PUT request.
2015-10-10 20:22:10 -07:00
354278d488
Real-IP middleware for fastcgi + nginx doc update
2015-10-10 11:22:24 -04:00
ef13181a23
Adjust the csp_test to use the new mux
2015-10-10 11:17:38 -04:00
d42b2d28ac
Merge pull request #53 from mutantmonkey/fixbind
...
Replace -b and -bind with a single -bind
2015-10-10 11:14:54 -04:00
5600dd1ce3
update readme for new -bind flag
2015-10-09 23:16:30 -07:00
82edabd036
change -b flag to -bind
...
This is for consistency with Goji's default flag and is more clear.
2015-10-09 23:06:28 -07:00
a09297389b
create our own mux instead of using goji default
...
This is a better way to do things since we were customizing middleware
and everything anyway. It's also necessary in order to avoid pulling in
the default Goji -bind flag: https://github.com/zenazn/goji/issues/47
2015-10-09 23:04:08 -07:00
95d3a62c0c
Merge pull request #52 from mutantmonkey/textarea_tab
...
add tab functionality to pastebin (resolves #48 )
2015-10-10 01:25:18 -04:00
e0d0e40368
add tab functionality to pastebin ( resolves #48 )
...
The tab key now inserts a tab instead of changing the focus.
2015-10-09 22:21:23 -07:00
883768f512
Merge pull request #51 from mutantmonkey/blacklist_fixup
...
add crossdomain.xml to file blacklist
2015-10-09 18:45:03 -04:00
874c23087d
add crossdomain.xml to file blacklist
2015-10-09 00:06:23 -07:00
eeede281a7
Case insensitive fs again
2015-10-08 23:58:57 -04:00
d9723b8350
Merge pull request #49 from mutantmonkey/referrer_check
...
add strict referrer check for POST uploads
2015-10-08 23:35:19 -04:00
6ff181facb
add strict referrer check for POST uploads
...
This should protect against cross-site request forgery without the need
for cookies. It continues to allow requests with Linx-Delete-Key,
Linx-Expiry, or Linx-Randomize headers as these will not be set in the
case of cross-site requests.
2015-10-08 20:27:04 -07:00
5885ef0832
Case-insensitive filesystems...
2015-10-08 21:50:10 -04:00
62443e984d
API documentation. Fixes #30
2015-10-08 21:48:06 -04:00
e9132a1193
File overwriting support. Fixes #8
2015-10-08 12:49:29 -04:00
8ad079ed0a
Fix readme
2015-10-08 01:40:03 -04:00
639d519712
Configurable maximum upload file size. Fixes #35
2015-10-08 01:38:50 -04:00
040ffa89f7
Adjust margin
2015-10-08 01:18:21 -04:00
37d3e96e22
Fix no-javascript fallback ugliness of index page. Fixes #37
2015-10-08 00:19:22 -04:00
ed6ce1d1fa
Small cosmetic changes
2015-10-07 23:49:21 -04:00
a60a7cc9e6
Cache static files + Separate CSS more. Fixes #44
2015-10-07 23:35:48 -04:00
6e33fe6ac8
Metadata holds mimetype, sha256sum, archiveFiles
2015-10-07 22:45:34 -04:00
d05f0b645b
Display contents of common archives. Fixes #34
2015-10-07 16:45:41 -04:00
edfb80daac
Markdown display handler. Fixes #33
2015-10-07 15:00:42 -04:00
3c868d8fe5
Document new usage options
2015-10-07 13:25:38 -04:00
9b07728ddb
Added https option + graceful shutdown
2015-10-07 12:48:44 -04:00
a1e3f6f31f
go vet complaint
2015-10-07 03:02:07 -04:00
9640e2c7ce
Tests + fixes
2015-10-07 03:00:03 -04:00
11039d57f1
Fix dyreshark breakages + fix small file with no extension bug
2015-10-07 01:15:45 -04:00
3d55697adc
Merge pull request #42 from matthazinski/remote_upload_params
...
Add support for deletion key and expiry in remote upload
2015-10-07 00:11:38 -04:00
875ebd6db2
Add support for deletion key and expiry in remote upload
2015-10-07 00:08:14 -04:00
a5d4f754e7
Merge pull request #41 from dyreshark/master
...
Cleanup
2015-10-06 03:01:33 -04:00
12551d12b3
housekeeping
2015-10-05 23:51:49 -07:00
1e421e07cd
swap to using time types instead of ints
2015-10-05 23:50:20 -07:00
4330d605e3
Clean up logging on start
2015-10-05 23:49:57 -07:00
c5250e529e
Headers are now Linx-.. instead of X-...
2015-10-06 00:31:09 -04:00
ce73598f12
Document csp flags
2015-10-04 22:43:42 -04:00
f5e11ef8a3
Merge pull request #40 from mutantmonkey/librejs
...
add LibreJS tags to JavaScript
2015-10-04 21:47:05 -04:00
73eba6aaad
add LibreJS tags to JavaScript
...
Fixes #38
2015-10-04 18:42:56 -07:00
46d6b7b98a
Merge pull request #39 from mutantmonkey/robots.txt
...
add a file blacklist and add robots.txt
2015-10-04 21:21:06 -04:00
ad9d712a3a
add a file blacklist and add robots.txt
...
Fixes #26
2015-10-04 18:16:27 -07:00
mutantmonkey
andreimarcu
Matt Hazinski
George Burgess IV