Andrei Marcu
4fee922543
Merge pull request #58 from mutantmonkey/referrer_fixup2
trim trailing / for origin checking
9 years ago
mutantmonkey
39d874374d
trim trailing / for origin checking
9 years ago
Andrei Marcu
60239467fd
Merge pull request #56 from mutantmonkey/auth
Add support for auth keys (and remote auth keys)
9 years ago
mutantmonkey
613ab24721
show usage for -authfile and -remoteauthfile
9 years ago
mutantmonkey
2cd432b5d3
update readme
9 years ago
mutantmonkey
dd4ac3a7ed
add support remote auth keys
These are taken as a parameter to the remote upload page. Note that all
keys will be logged since this is a GET request.
9 years ago
mutantmonkey
3dc4753b7a
move reading auth keys into readAuthKeys
9 years ago
andreimarcu
104f648c0f
Remove artifact
9 years ago
andreimarcu
ae02f537f7
Add linx-genkey
9 years ago
mutantmonkey
adbc1604dc
add some more auth tests
It's going to be difficult to get 100% code coverage, but we can at
least ensure that checkAuth works properly.
9 years ago
mutantmonkey
cc4e2ca0d9
read authfile once only
Read the authfile upon initial server start and store the auth keys in
the auth struct, rather than reading the file for each page load.
9 years ago
mutantmonkey
3c9e260926
improve auth tests and rename auth struct
9 years ago
mutantmonkey
aa7dad3a03
add support for auth keys
Add a middleware that requires authorization for all POST, PUT, and
DELETE requests. This is done using the Authorization header and the
provided auth key is then checked against a file containing scrypted
auth keys. These keys are salted the constant string `linx-server`.
9 years ago
andreimarcu
2b0135697b
Add option for using Real-IP
9 years ago
andreimarcu
9ac016c3b5
Document overwriting a file
9 years ago
Andrei Marcu
6c9d517c80
Merge pull request #55 from mutantmonkey/redirect_fix
use 303 redirects instead of 301s
9 years ago
mutantmonkey
52ec9f8e2d
use 303 redirects instead of 301s
HTTP status code 301 is for a permanent redirect, which these are not.
Although 302 would work here in most browsers, it would not follow the
HTTP spec, so instead we use 303 which has a clearly and consistently
defined behavior in response to a POST or PUT request.
9 years ago
andreimarcu
354278d488
Real-IP middleware for fastcgi + nginx doc update
9 years ago
andreimarcu
ef13181a23
Adjust the csp_test to use the new mux
9 years ago
Andrei Marcu
d42b2d28ac
Merge pull request #53 from mutantmonkey/fixbind
Replace -b and -bind with a single -bind
9 years ago
mutantmonkey
5600dd1ce3
update readme for new -bind flag
9 years ago
mutantmonkey
82edabd036
change -b flag to -bind
This is for consistency with Goji's default flag and is more clear.
9 years ago
mutantmonkey
a09297389b
create our own mux instead of using goji default
This is a better way to do things since we were customizing middleware
and everything anyway. It's also necessary in order to avoid pulling in
the default Goji -bind flag: https://github.com/zenazn/goji/issues/47
9 years ago
Andrei Marcu
95d3a62c0c
Merge pull request #52 from mutantmonkey/textarea_tab
add tab functionality to pastebin (resolves #48 )
9 years ago
mutantmonkey
e0d0e40368
add tab functionality to pastebin ( resolves #48 )
The tab key now inserts a tab instead of changing the focus.
9 years ago
Andrei Marcu
883768f512
Merge pull request #51 from mutantmonkey/blacklist_fixup
add crossdomain.xml to file blacklist
9 years ago
mutantmonkey
874c23087d
add crossdomain.xml to file blacklist
9 years ago
andreimarcu
eeede281a7
Case insensitive fs again
9 years ago
Andrei Marcu
d9723b8350
Merge pull request #49 from mutantmonkey/referrer_check
add strict referrer check for POST uploads
9 years ago
mutantmonkey
6ff181facb
add strict referrer check for POST uploads
This should protect against cross-site request forgery without the need
for cookies. It continues to allow requests with Linx-Delete-Key,
Linx-Expiry, or Linx-Randomize headers as these will not be set in the
case of cross-site requests.
9 years ago
andreimarcu
5885ef0832
Case-insensitive filesystems...
9 years ago
andreimarcu
62443e984d
API documentation. Fixes #30
9 years ago
andreimarcu
e9132a1193
File overwriting support. Fixes #8
9 years ago
andreimarcu
8ad079ed0a
Fix readme
9 years ago
andreimarcu
639d519712
Configurable maximum upload file size. Fixes #35
9 years ago
andreimarcu
040ffa89f7
Adjust margin
9 years ago
andreimarcu
37d3e96e22
Fix no-javascript fallback ugliness of index page. Fixes #37
9 years ago
andreimarcu
ed6ce1d1fa
Small cosmetic changes
9 years ago
andreimarcu
a60a7cc9e6
Cache static files + Separate CSS more. Fixes #44
9 years ago
andreimarcu
6e33fe6ac8
Metadata holds mimetype, sha256sum, archiveFiles
9 years ago
andreimarcu
d05f0b645b
Display contents of common archives. Fixes #34
9 years ago
andreimarcu
edfb80daac
Markdown display handler. Fixes #33
9 years ago
andreimarcu
3c868d8fe5
Document new usage options
9 years ago
andreimarcu
9b07728ddb
Added https option + graceful shutdown
9 years ago
andreimarcu
a1e3f6f31f
go vet complaint
9 years ago
andreimarcu
9640e2c7ce
Tests + fixes
9 years ago
andreimarcu
11039d57f1
Fix dyreshark breakages + fix small file with no extension bug
9 years ago
Andrei Marcu
3d55697adc
Merge pull request #42 from matthazinski/remote_upload_params
Add support for deletion key and expiry in remote upload
9 years ago
Matt Hazinski
875ebd6db2
Add support for deletion key and expiry in remote upload
9 years ago
Andrei Marcu
a5d4f754e7
Merge pull request #41 from dyreshark/master
Cleanup
9 years ago