HelloZeroNet/ZeroNet
1
0
Fork 0
mirror of https://github.com/HelloZeroNet/ZeroNet.git synced 2023-12-14 04:33:03 +01:00
Code Issues Projects Releases Wiki Activity
1690 commits 3 branches 24 tags 18 MiB
Commit graph

1690 commits

This branch
This branch
All branches
Author SHA1 Message Date
cclauss 8db16a1421 Update PeerDbPlugin.py 2017-07-16 22:48:35 +02:00
cclauss 21d0b829d3 Update UiWebsocketPlugin.py 2017-07-16 22:47:22 +02:00
cclauss 08219a0285 Update ContentDbPlugin.py 2017-07-16 22:46:13 +02:00
cclauss d426b6bb02 Update NewsfeedPlugin.py 2017-07-16 22:43:57 +02:00
cclauss 688c240b35 Update MutePlugin.py 2017-07-16 22:42:29 +02:00
cclauss b82cf8d08d Update FilePackPlugin.py 2017-07-16 22:39:42 +02:00
cclauss c44cb11800 Update CryptMessagePlugin.py 2017-07-16 22:38:47 +02:00
cclauss b9e0275417 Update __init__.py 2017-07-16 22:35:14 +02:00
Andrew (anoa) dc82f7ab3e
Small grammar fix 2017-07-15 00:30:25 -07:00
shortcutme a6ce2a0253
Rev2156 2017-07-15 01:32:39 +02:00
shortcutme a0d85d7d83
Prompt new site addition in raw mode 2017-07-15 01:32:15 +02:00
shortcutme 6a4882d81d
Test SafeRe repetition limit 2017-07-15 01:31:08 +02:00
shortcutme ac1a03d17b
Don't allow more than 10 repetitions in one pattern 2017-07-15 01:30:53 +02:00
shortcutme 0e930efd95
Cache SafeRe patterns 2017-07-15 01:30:35 +02:00
shortcutme d281f112d9
Rev2154, Fix same origin checking in proxy mode 2017-07-14 11:08:22 +02:00
shortcutme 5a42cb92cd
Rev2153 2017-07-14 10:37:19 +02:00
shortcutme 3459d35ed2
Test unsafe regex pattern recognization 2017-07-14 10:37:09 +02:00
shortcutme 699a8be721
Test unsafe patterns in dbschema 2017-07-14 10:36:41 +02:00
shortcutme 1f4a5643db
Test unsafe regex patterns on sign and verify 2017-07-14 10:36:18 +02:00
shortcutme 492408def7
Use class variable to store test site privatekey 2017-07-14 10:35:44 +02:00
shortcutme 74763465a8
Use SafeRe to match file patterns in dbschema.json 2017-07-14 10:34:57 +02:00
shortcutme c069d4f67c
Use SafeRe to match user defined patterns in content.json 2017-07-14 10:34:18 +02:00
shortcutme bf41c7b651
Detect potentionally unsafe regex patterns 2017-07-14 10:31:42 +02:00
shortcutme 3f5a5b4f9b
Rev2151 2017-07-13 19:33:16 +02:00
shortcutme b60a1ec455
Test invalid filenames 2017-07-13 19:33:07 +02:00
shortcutme 13157eea1e
Move included content verification to separate function, fix root content.json file path verification 2017-07-13 19:32:54 +02:00
shortcutme dd11f87673
Rev2148, Fix signing typo 2017-07-13 15:03:04 +02:00
shortcutme 87910a236b
Rev2147 2017-07-13 15:00:23 +02:00
shortcutme 096675c87e
Add unit to verification error 2017-07-13 15:00:04 +02:00
shortcutme 7d3beeb9e0
Enforce valid relative paths on verification 2017-07-13 14:59:17 +02:00
shortcutme 96a097e33d
Separate isValidRelativePath function 2017-07-13 14:58:52 +02:00
shortcutme 1bb3140f5b
Move file hashing to separate funcion to allow easier extension 2017-07-13 14:58:16 +02:00
shortcutme 6bf3d34c6c
Rev2145 2017-07-12 12:28:28 +02:00
shortcutme 3cd7e4e48e
Better way to strip pyc/pyd from config file path 2017-07-12 12:28:21 +02:00
shortcutme 2777c4c537
Read max 6MB from archive to protect against tar/zipbombs 2017-07-12 12:28:03 +02:00
shortcutme e525ea2431
Rev2144, Fix CSP header in FilePack plugin, Allow media-src and font-src from self source 2017-07-11 23:00:33 +02:00
shortcutme c8f37674c6
Rev2142, Fix random wrong data dir path 2017-07-11 21:03:24 +02:00
shortcutme 12ca870e38
Rev2141 2017-07-10 02:42:50 +02:00
shortcutme f630e6c25e
Test raw access security 2017-07-10 02:42:41 +02:00
shortcutme 7c6bea6ddd
Fix raw site access without / at the site address end 2017-07-10 02:42:28 +02:00
shortcutme efbef25c76
UserSetSettings, UserGetSettings Websocket API commands 2017-07-10 02:41:01 +02:00
shortcutme 1384da4691
Rev2137 2017-07-09 14:54:20 +02:00
shortcutme 26a250d1df
Media isMediaRequestAllowed no longer required for origin checking 2017-07-09 14:12:53 +02:00
shortcutme 426fe561c9
Cleanup not used wrapper opener check 2017-07-09 14:12:13 +02:00
shortcutme 5950b04c40
Add allow-origin header for media requests from same origin to fix css font support 2017-07-09 14:11:44 +02:00
shortcutme 434cfce32a
More simple same origin test for media files cross-site access 2017-07-09 14:11:06 +02:00
shortcutme febdea6c64
Serve files without wrapper if requested using /raw/ prefix 2017-07-09 14:10:01 +02:00
shortcutme 6c0062dbc1
Rev2132 2017-07-06 00:09:47 +02:00
shortcutme 49735b7e55
Fix not internal error on request files from not seeded sites 2017-07-06 00:09:35 +02:00
shortcutme 1d6168f457
Download, svg, xml, flash, pdf files instead of displaying to avoid js execution 2017-07-06 00:09:05 +02:00