Commit Graph

360 Commits

Author SHA1 Message Date
andreimarcu ce73598f12 Document csp flags 2015-10-04 22:43:42 -04:00
Andrei Marcu f5e11ef8a3 Merge pull request #40 from mutantmonkey/librejs
add LibreJS tags to JavaScript
2015-10-04 21:47:05 -04:00
mutantmonkey 73eba6aaad add LibreJS tags to JavaScript
Fixes #38
2015-10-04 18:42:56 -07:00
Andrei Marcu 46d6b7b98a Merge pull request #39 from mutantmonkey/robots.txt
add a file blacklist and add robots.txt
2015-10-04 21:21:06 -04:00
mutantmonkey ad9d712a3a add a file blacklist and add robots.txt
Fixes #26
2015-10-04 18:16:27 -07:00
andreimarcu d40cc5e1be More textarea consistency 2015-10-04 19:05:13 -04:00
andreimarcu 060ab351b0 Textarea consistency with pastebin 2015-10-04 18:56:30 -04:00
andreimarcu cb8b8800ba Cleanup vim artifacts 2015-10-04 18:24:13 -04:00
Andrei Marcu 7152adb902 Merge pull request #36 from mutantmonkey/csp
Add support for Content-Security-Policy and X-Frame-Options
2015-10-04 18:22:52 -04:00
mutantmonkey b96ee60c4c Revert "add X-Content-Type-Options: nosniff"
This reverts commit 71d5f51ae6.
2015-10-04 15:21:27 -07:00
mutantmonkey 71d5f51ae6 add X-Content-Type-Options: nosniff 2015-10-04 15:18:22 -07:00
mutantmonkey 42aab4dca1 fix a merge conflict mistake for upload errors 2015-10-04 15:13:53 -07:00
mutantmonkey e030c07f94 allow unsafe-inline for style-src for now
This is used for the upload progress bar. Hopefully we can find a better
solution in the future for this.
2015-10-04 15:11:23 -07:00
mutantmonkey 5e7e96af01 add support for some security headers
This commit adds support for Content-Security-Policy and
X-Frame-Options using the ContentSecurityPolicy middleware.
2015-10-04 14:58:00 -07:00
mutantmonkey 70cff4431d tweak editor textarea style 2015-10-04 14:57:36 -07:00
mutantmonkey f0e71325c4 Merge branch 'master' into csp 2015-10-04 14:39:29 -07:00
andreimarcu 3e2537ca68 Get rid of ace editor 2015-10-04 17:27:47 -04:00
mutantmonkey 44172ec98a clean up HTML, CSS, and JavaScript for CSP
In order to implement Content-Security-Policy, the inlined style, event
handlers, and scripts all have to go. This commit completes this work.
2015-10-04 14:13:29 -07:00
andreimarcu 1e1c8caa53 Add /favicon.ico route 2015-10-04 12:58:30 -04:00
andreimarcu d40803f165 More verbose errors 2015-10-04 12:47:20 -04:00
mutantmonkey 84f38026eb do some more HTML and JS cleanup 2015-10-04 00:14:21 -07:00
mutantmonkey b83f11e80a remove inline js on pastebin pages 2015-10-03 23:58:56 -07:00
andreimarcu 335517bf17 Update upload.js with 200 status for delete 2015-10-04 02:28:00 -04:00
andreimarcu 7f2db43108 DELETE requests respond with 200 on successful deletes 2015-10-04 02:25:00 -04:00
andreimarcu adf77c642f Added basic build script 2015-10-02 22:23:38 -04:00
andreimarcu 64034a74a6 Merge branch 'mutantmonkey-no_css_in_js' 2015-10-02 02:07:52 -04:00
mutantmonkey f216b06df5 remove most of CSS from JavaScript
The uploadElement is probably going to have to stay, unfortunately, but
the rest is gone.
2015-10-01 23:05:26 -07:00
Andrei Marcu 5fa994771f Merge pull request #24 from mutantmonkey/torrent_fixup
change CreateTorrent to createTorrent
2015-10-02 01:37:50 -04:00
andreimarcu 5aa8ed011f Merge branch 'mutantmonkey-safeuris' 2015-10-02 01:37:19 -04:00
mutantmonkey 199289a58d change CreateTorrent to createTorrent
After some discussion, I decided it was probably best to not export this
after all.
2015-10-01 22:33:30 -07:00
mutantmonkey 98106ec74f use better random for URLs and delete keys
Using a PRNG seeded based on only the time for these is a bad idea as
the output is predictable. Instead, use a package that generates random
strings using go's crypo/rand package to provide cryptographically
secure random URLs and delete keys.
2015-10-01 22:09:40 -07:00
andreimarcu 8f7b47f572 Support remote uploads 2015-10-01 20:58:08 -04:00
andreimarcu 9cd20c81fc This is not the commit you are looking for 2015-10-01 13:01:44 -04:00
andreimarcu c339a8c770 Highlight dropzone when dragging 2015-10-01 12:46:34 -04:00
andreimarcu e3dbbd1b11 Fix typo 2015-10-01 11:10:46 -04:00
andreimarcu 61e1661dde Fix small file uploads 2015-10-01 11:03:41 -04:00
andreimarcu 52cc3b4dff Add fastcgi support and static cache headers 2015-10-01 10:32:59 -04:00
andreimarcu 6a227d15a2 Reorder navigation 2015-10-01 00:15:30 -04:00
andreimarcu fcb9afde0d Pass randomize and expires in upload 2015-09-30 23:55:03 -04:00
andreimarcu 31359499ac Switch to dropzonejs. Fixes #18 2015-09-30 23:37:00 -04:00
andreimarcu ba73f4adf3 Fix static directory listing recursion 2015-09-30 15:54:30 -04:00
andreimarcu d55cf33a5d Add support for pastebin display 2015-09-30 12:06:23 -04:00
Andrei Marcu 3bf7c88cc8 Merge pull request #16 from Uncurlhalo/fix-512-byte-files
Add a check to see if we already hit EOF on Read
2015-09-30 11:01:04 -04:00
Jacob Melton c22e314d80 Add a check to see if we already hit EOF on Read 2015-09-30 10:58:49 -04:00
andreimarcu 8a1b688b3c Remove error 2015-09-30 00:59:19 -04:00
andreimarcu 2f5bf2cd65 Added pasteHandler and paste upload 2015-09-30 00:56:51 -04:00
andreimarcu fd75607652 Added /paste/ 2015-09-30 00:46:58 -04:00
andreimarcu 751de1d176 Merge branch 'mutantmonkey-torrent' 2015-09-29 23:36:10 -04:00
andreimarcu 5b91993677 Add torrent generation 2015-09-29 23:35:25 -04:00
andreimarcu 0efcbbb480 Requesting display url with accept json. Fixes #9 2015-09-29 23:24:17 -04:00