Andrei Marcu
d9723b8350
Merge pull request #49 from mutantmonkey/referrer_check
add strict referrer check for POST uploads
9 years ago
mutantmonkey
6ff181facb
add strict referrer check for POST uploads
This should protect against cross-site request forgery without the need
for cookies. It continues to allow requests with Linx-Delete-Key,
Linx-Expiry, or Linx-Randomize headers as these will not be set in the
case of cross-site requests.
9 years ago
andreimarcu
5885ef0832
Case-insensitive filesystems...
9 years ago
andreimarcu
62443e984d
API documentation. Fixes #30
9 years ago
andreimarcu
e9132a1193
File overwriting support. Fixes #8
9 years ago
andreimarcu
8ad079ed0a
Fix readme
9 years ago
andreimarcu
639d519712
Configurable maximum upload file size. Fixes #35
9 years ago
andreimarcu
040ffa89f7
Adjust margin
9 years ago
andreimarcu
37d3e96e22
Fix no-javascript fallback ugliness of index page. Fixes #37
9 years ago
andreimarcu
ed6ce1d1fa
Small cosmetic changes
9 years ago
andreimarcu
a60a7cc9e6
Cache static files + Separate CSS more. Fixes #44
9 years ago
andreimarcu
6e33fe6ac8
Metadata holds mimetype, sha256sum, archiveFiles
9 years ago
andreimarcu
d05f0b645b
Display contents of common archives. Fixes #34
9 years ago
andreimarcu
edfb80daac
Markdown display handler. Fixes #33
9 years ago
andreimarcu
3c868d8fe5
Document new usage options
9 years ago
andreimarcu
9b07728ddb
Added https option + graceful shutdown
9 years ago
andreimarcu
a1e3f6f31f
go vet complaint
9 years ago
andreimarcu
9640e2c7ce
Tests + fixes
9 years ago
andreimarcu
11039d57f1
Fix dyreshark breakages + fix small file with no extension bug
9 years ago
Andrei Marcu
3d55697adc
Merge pull request #42 from matthazinski/remote_upload_params
Add support for deletion key and expiry in remote upload
9 years ago
Matt Hazinski
875ebd6db2
Add support for deletion key and expiry in remote upload
9 years ago
Andrei Marcu
a5d4f754e7
Merge pull request #41 from dyreshark/master
Cleanup
9 years ago
George Burgess IV
12551d12b3
housekeeping
9 years ago
George Burgess IV
1e421e07cd
swap to using time types instead of ints
9 years ago
George Burgess IV
4330d605e3
Clean up logging on start
9 years ago
andreimarcu
c5250e529e
Headers are now Linx-.. instead of X-...
9 years ago
andreimarcu
ce73598f12
Document csp flags
9 years ago
Andrei Marcu
f5e11ef8a3
Merge pull request #40 from mutantmonkey/librejs
add LibreJS tags to JavaScript
9 years ago
mutantmonkey
73eba6aaad
add LibreJS tags to JavaScript
Fixes #38
9 years ago
Andrei Marcu
46d6b7b98a
Merge pull request #39 from mutantmonkey/robots.txt
add a file blacklist and add robots.txt
9 years ago
mutantmonkey
ad9d712a3a
add a file blacklist and add robots.txt
Fixes #26
9 years ago
andreimarcu
d40cc5e1be
More textarea consistency
9 years ago
andreimarcu
060ab351b0
Textarea consistency with pastebin
9 years ago
andreimarcu
cb8b8800ba
Cleanup vim artifacts
9 years ago
Andrei Marcu
7152adb902
Merge pull request #36 from mutantmonkey/csp
Add support for Content-Security-Policy and X-Frame-Options
9 years ago
mutantmonkey
b96ee60c4c
Revert "add X-Content-Type-Options: nosniff"
This reverts commit 71d5f51ae6
.
9 years ago
mutantmonkey
71d5f51ae6
add X-Content-Type-Options: nosniff
9 years ago
mutantmonkey
42aab4dca1
fix a merge conflict mistake for upload errors
9 years ago
mutantmonkey
e030c07f94
allow unsafe-inline for style-src for now
This is used for the upload progress bar. Hopefully we can find a better
solution in the future for this.
9 years ago
mutantmonkey
5e7e96af01
add support for some security headers
This commit adds support for Content-Security-Policy and
X-Frame-Options using the ContentSecurityPolicy middleware.
9 years ago
mutantmonkey
70cff4431d
tweak editor textarea style
9 years ago
mutantmonkey
f0e71325c4
Merge branch 'master' into csp
9 years ago
andreimarcu
3e2537ca68
Get rid of ace editor
9 years ago
mutantmonkey
44172ec98a
clean up HTML, CSS, and JavaScript for CSP
In order to implement Content-Security-Policy, the inlined style, event
handlers, and scripts all have to go. This commit completes this work.
9 years ago
andreimarcu
1e1c8caa53
Add /favicon.ico route
9 years ago
andreimarcu
d40803f165
More verbose errors
9 years ago
mutantmonkey
84f38026eb
do some more HTML and JS cleanup
9 years ago
mutantmonkey
b83f11e80a
remove inline js on pastebin pages
9 years ago
andreimarcu
335517bf17
Update upload.js with 200 status for delete
9 years ago
andreimarcu
7f2db43108
DELETE requests respond with 200 on successful deletes
9 years ago