mutantmonkey
456274c1b9
Split and move auth into a separate package ( #224 )
...
* Split and move auth into a separate package
This change will make it easier to implement additional authentication
methods, such as OpenID Connect. For now, only the existing "apikeys"
authentication method is supported.
* Use absolute site prefix to prevent redirect loop
2020-08-14 00:42:45 -07:00
Infinoid
5eb6f32ff0
Switch to a more comprehensive mimetype detection library ( #231 )
2020-08-02 22:16:47 -07:00
Andrei Marcu
7543c82473
Remote upload: Add direct_url param for redirect
2020-03-12 14:18:12 -07:00
Andrei Marcu
a4240680c8
Merge branch 'accesskey' of git://github.com/stek29/linx-server into stek29-accesskey
2020-03-06 15:29:41 -08:00
Paweł Płazieński
597bec430c
Allow Basic authentication in browser ( #195 )
2020-03-06 15:21:49 -08:00
Viktor Oreshkin
b63274ad01
allow limiting access by passwords ( fix #194 )
2020-02-17 18:02:47 +03:00
mutantmonkey
8f3108148b
Add option to force random filenames ( fixes #86 ) ( #159 )
2019-01-26 02:04:32 -08:00
mutantmonkey
5d9a93b1e2
Add S3 backend ( #156 )
2019-01-24 23:33:11 -08:00
Andrei Marcu
e506304b84
Return direct URL in json responses
2019-01-14 15:28:32 -08:00
mutantmonkey
b7fadd9676
Add linx-cleanup tool
...
This doesn't completely fix #116 , but it makes setting up a cron job to
do cleanup much more pleasant.
2017-05-01 21:27:28 -07:00
andreimarcu
37f9a0cbbc
Change unknown extension from .ext to .file
2017-03-25 08:44:18 -07:00
mutantmonkey
e6ac89d6dc
Switch to https://github.com/h2non/filetype
...
This library is much better at detecting MIME types properly than the
existing one. Fixes #117 .
2017-03-25 01:08:56 -07:00
mutantmonkey
647aa2c0f6
Fix max expiry when provided expiry is 0
...
Previously, we did not properly handle the case where the provided
expiry was zero and the max expiry was configured to be nonzero; add an
additional check to cover this case.
Fixes #111 .
2016-11-02 19:31:32 -07:00
mutantmonkey
fef43d856e
Add option for maximum expiration time ( fixes #99 )
2016-09-18 22:05:26 -07:00
andreimarcu
81a1513809
Add newline for PUT response
2016-07-22 18:15:44 -07:00
andreimarcu
1e1f28658d
Remove spaces in mime mapping and ensure no spaces in filenames
2016-07-22 18:08:59 -07:00
mutantmonkey
fcd18eceec
use abstracted storage for flexibility
...
I moved the storage functionality into the StorageBackend interface,
which is currently only implemented by LocalfsBackend.
2016-06-08 20:18:31 -07:00
mutantmonkey
47670af185
Infer site URL from host and headers
...
We can use the Host property of the request and the X-Forwarded-Proto to
infer the site URL. To reduce complexity, the path is not inferred, and
it is assumed that linx-server is running at /. If this is not the case,
the site URL must be manually configured; this is no different than it
was before.
2016-06-04 18:34:22 -07:00
mutantmonkey
b0d2f2a142
support .tar.gz-style extensions
...
Some extensions actually consist of multiple parts, like .tar.gz, so we
should handle this properly instead of merging part of the extension
with the bare name. Right now only tar is allowed, but others can be
added easily.
Fixes #74 .
2016-02-12 21:27:39 -08:00
andreimarcu
4856ab0750
Allow for non-/ deployments. Fixes #61
2015-10-30 18:36:47 -04:00
andreimarcu
9b1df43ef2
Trim "-" in filenames
2015-10-28 14:31:51 -04:00
andreimarcu
c8fc62398a
Enable randomize in remote uploads
2015-10-18 11:07:39 -04:00
andreimarcu
9847beeff5
Cleanup
2015-10-14 22:47:36 -04:00
andreimarcu
3c659601e2
Make it an option for post uploads
2015-10-14 20:40:25 -04:00
andreimarcu
68653372ff
Rename auth header to Linx-Api-Key and remove
...
b64encoding requirement for uploading with keys
2015-10-14 16:18:29 -04:00
mutantmonkey
a7ae455ac1
strict referrer check improvements
...
* Always check Origin if it is present, regardless of headers sent
* Whitelist X-Requested-With header
2015-10-12 00:28:04 -07:00
mutantmonkey
dd4ac3a7ed
add support remote auth keys
...
These are taken as a parameter to the remote upload page. Note that all
keys will be logged since this is a GET request.
2015-10-11 19:31:13 -07:00
mutantmonkey
52ec9f8e2d
use 303 redirects instead of 301s
...
HTTP status code 301 is for a permanent redirect, which these are not.
Although 302 would work here in most browsers, it would not follow the
HTTP spec, so instead we use 303 which has a clearly and consistently
defined behavior in response to a POST or PUT request.
2015-10-10 20:22:10 -07:00
mutantmonkey
874c23087d
add crossdomain.xml to file blacklist
2015-10-09 00:06:23 -07:00
Andrei Marcu
d9723b8350
Merge pull request #49 from mutantmonkey/referrer_check
...
add strict referrer check for POST uploads
2015-10-08 23:35:19 -04:00
mutantmonkey
6ff181facb
add strict referrer check for POST uploads
...
This should protect against cross-site request forgery without the need
for cookies. It continues to allow requests with Linx-Delete-Key,
Linx-Expiry, or Linx-Randomize headers as these will not be set in the
case of cross-site requests.
2015-10-08 20:27:04 -07:00
andreimarcu
e9132a1193
File overwriting support. Fixes #8
2015-10-08 12:49:29 -04:00
andreimarcu
639d519712
Configurable maximum upload file size. Fixes #35
2015-10-08 01:38:50 -04:00
andreimarcu
6e33fe6ac8
Metadata holds mimetype, sha256sum, archiveFiles
2015-10-07 22:45:34 -04:00
andreimarcu
9640e2c7ce
Tests + fixes
2015-10-07 03:00:03 -04:00
andreimarcu
11039d57f1
Fix dyreshark breakages + fix small file with no extension bug
2015-10-07 01:15:45 -04:00
Andrei Marcu
3d55697adc
Merge pull request #42 from matthazinski/remote_upload_params
...
Add support for deletion key and expiry in remote upload
2015-10-07 00:11:38 -04:00
Matt Hazinski
875ebd6db2
Add support for deletion key and expiry in remote upload
2015-10-07 00:08:14 -04:00
George Burgess IV
1e421e07cd
swap to using time types instead of ints
2015-10-05 23:50:20 -07:00
andreimarcu
c5250e529e
Headers are now Linx-.. instead of X-...
2015-10-06 00:31:09 -04:00
mutantmonkey
ad9d712a3a
add a file blacklist and add robots.txt
...
Fixes #26
2015-10-04 18:16:27 -07:00
andreimarcu
3e2537ca68
Get rid of ace editor
2015-10-04 17:27:47 -04:00
andreimarcu
d40803f165
More verbose errors
2015-10-04 12:47:20 -04:00
mutantmonkey
98106ec74f
use better random for URLs and delete keys
...
Using a PRNG seeded based on only the time for these is a bad idea as
the output is predictable. Instead, use a package that generates random
strings using go's crypo/rand package to provide cryptographically
secure random URLs and delete keys.
2015-10-01 22:09:40 -07:00
andreimarcu
8f7b47f572
Support remote uploads
2015-10-01 20:58:08 -04:00
andreimarcu
9cd20c81fc
This is not the commit you are looking for
2015-10-01 13:01:44 -04:00
andreimarcu
61e1661dde
Fix small file uploads
2015-10-01 11:03:41 -04:00
andreimarcu
31359499ac
Switch to dropzonejs. Fixes #18
2015-09-30 23:37:00 -04:00
Jacob Melton
c22e314d80
Add a check to see if we already hit EOF on Read
2015-09-30 10:58:49 -04:00
andreimarcu
8a1b688b3c
Remove error
2015-09-30 00:59:19 -04:00
andreimarcu
2f5bf2cd65
Added pasteHandler and paste upload
2015-09-30 00:56:51 -04:00
Andrei Marcu
f1135085c2
Merge pull request #14 from Uncurlhalo/add-mime-detection
...
Assign extention based on mimetype if empty extension
2015-09-29 22:10:19 -04:00
Jacob Melton
2ef8546864
Add basic MIME detection support
2015-09-29 22:01:55 -04:00
andreimarcu
02f86da3c7
Display expiry and size info
2015-09-29 19:00:16 -04:00
andreimarcu
f0b1a8e47b
Cleanup artifacts
2015-09-28 16:17:32 -04:00
andreimarcu
5f78fe6619
Added tests for uploads
2015-09-28 16:02:03 -04:00
andreimarcu
8c50d4322f
Added support for testing, removed uuid requirement
2015-09-28 12:30:21 -04:00
andreimarcu
c32a698cbc
upload expiry/barename respect, random fixes
2015-09-28 00:25:57 -04:00
Matt Hazinski
a10b838f4d
Add preliminary metadata support
2015-09-27 22:43:41 -04:00
andreimarcu
6ca4579e34
Switch to new uuid repo
2015-09-26 07:47:46 -04:00
andreimarcu
9b0385bf6f
Check if file exists and increment filename
2015-09-25 12:47:55 -04:00
andreimarcu
d98b63e8bd
Performance improvements, custom 404+500, -nologs, PUT uploads fix
2015-09-25 12:00:14 -04:00
andreimarcu
9d6dcdcbba
Follow some dyretips
2015-09-25 09:04:06 -04:00
andreimarcu
8caae56b39
json response + imported old drag and drop uploader
2015-09-25 00:58:38 -04:00
andreimarcu
d869599da7
Bare /static support, some css/templates import
2015-09-24 16:04:51 -04:00
andreimarcu
d130cfe8e1
Some cleanup
2015-09-24 08:30:16 -04:00
andreimarcu
2dbe318b18
Initial commit
2015-09-24 01:44:49 -04:00