Saptak S
98f6f3b7d7
Checks if username is ASCII string else throw an error
2021-11-30 01:19:29 +05:30
Saptak S
2a68b5bce1
Removes invisible whitespace characters from username in chat
2021-11-19 15:25:10 +05:30
Micah Lee
627f44c423
Merge branch 'advisory-fix-1' of github.com:onionshare/onionshare-ghsa-jh82-c5jw-pxpc into ros-fixes
2021-11-18 19:16:00 -08:00
Micah Lee
5f5b761fcf
Merge branch 'chat-session-handling' of github.com:onionshare/onionshare-ghsa-gjj5-998g-v36v into ros-fixes
2021-11-18 19:15:24 -08:00
Saptak S
b9d9f14916
Refuses connection if another session is already active
2021-11-14 23:44:16 +05:30
Saptak S
6429392a40
Adds username validation for socketio event handler as well
2021-11-14 23:28:17 +05:30
Saptak S
2a7c3d6867
Renames message event to chat_message
2021-11-14 21:06:47 +05:30
Saptak S
f4ade1ba8d
Removed room from chat
...
- Uses the global room instead of adding and leaving room for users
- Removes the joining event and triggers connection status from
server as soon as a connection event is received in server side
2021-11-14 20:58:21 +05:30
Miguel Jacq
096178a9e6
Use microseconds for Receive Mode dir/file names
2021-11-09 12:30:48 +11:00
Miguel Jacq
627c185fcb
Support sending a custom Content-Security-Policy header in Website mode
2021-11-08 16:31:05 +11:00
Saptak S
6edab6877a
Removes trailing slash from directories inside directories
2021-09-04 20:41:22 +05:30
Micah Lee
aac8020c3e
Merge pull request #1416 from SaptakS/fix-chat-shutdown
...
Adds exception for ConnectionError in chat mode during shutdown
2021-09-03 13:23:43 -07:00
Saptak Sengupta
1b5b6a6b71
Merge pull request #1399 from easyteacher/develop
...
Make last_modified and if_date timezone-aware (Fix #1398 )
2021-09-04 00:13:12 +05:30
Fushan Wen
f4b35f25d3
Make last_modified and if_date timezone-aware
...
Fix #1398
2021-09-03 00:07:48 +08:00
Saptak S
5a7ab3c12e
Adds exception for ConnectionError in chat mode during shutdown
...
The way flask-socketio stops a connection when running using
eventlet is by raising SystemExit to abort all the processes.
Hence the connections are closed and no response is returned
So I am just catching the ConnectionError to check if it was
chat mode, in which case it's okay.
2021-09-02 18:57:21 +05:30
Miguel Jacq
dd7938a134
Merge develop and resolve conflict
2021-08-30 13:41:15 +10:00
Miguel Jacq
a08f303f89
Remove rate-limit related code, and a couple more places where flask-httpauth was referenced
2021-08-28 09:41:09 +10:00
Miguel Jacq
0bf8f53d30
ClientAuthV3 fixes
...
* Remove Client Auth as an explicit option (it's on by default).
* Update wording about Public mode
* Fix tuple error when raising TorTooOldStealth exception in CLI
* Move Private Key button next to URL button in GUI
* Replace visual references of ClientAuth to Private Key
* Remove HTTPAuth Flask dependency and remove a lot of code to do with password generation,
401 auth triggers/invalid password rate limit detection etc
* Test updates
* Remove obsolete locale keys
2021-08-27 15:52:29 +10:00
Micah Lee
c6451e097c
Remove endpoint altogether because it's not needed
2021-08-20 11:59:26 -07:00
Twann
aa89c2192f
Fix issue #1365
2021-08-19 16:15:53 +02:00
whew
a132cd28f5
fix another typo...
2021-05-31 12:28:57 +00:00
whew
3f4f5e22ec
fix typo
2021-05-31 12:23:32 +00:00
whew
eeacd8c507
Merge branch 'develop' into add_security_headers
2021-05-31 12:13:58 +00:00
whew
56dd2d0b84
resolve conflict in chat_mode.py
2021-05-31 12:05:31 +00:00
whew
b8b7885a52
resolve conflict in web.py
2021-05-31 12:04:24 +00:00
Micah Lee
c682b7ec01
Merge branch 'fix_405_error_and_other_methods' of https://github.com/mig5/onionshare into mig5-fix_405_error_and_other_methods
2021-05-25 16:27:26 -07:00
Miguel Jacq
00473eaef6
Prevent usernames in Chat mode of length 128 chars or more
2021-05-14 10:44:14 +10:00
whew
ea72440543
Update web.py
2021-05-13 08:17:51 +00:00
whew
04fae8ada1
Update share_mode.py
2021-05-13 08:15:17 +00:00
whew
c19dc4fa78
Update send_base_mode.py
2021-05-13 08:14:33 +00:00
whew
986a9a09a9
Update receive_mode.py
2021-05-13 08:13:43 +00:00
whew
020e9a6a5a
Update chat_mode.py
2021-05-13 08:11:29 +00:00
Miguel Jacq
d4d6eea500
Move the 'supports_file_requests' attribute into the actual modes rather than the Web class
2021-05-11 09:25:22 +10:00
Miguel Jacq
0b6db6559d
Adds attribute self.mode_supports_file_requests in Web class. Don't send REQUEST_INDIVIDUAL_FILE_STARTED to the frontend if the mode doesn't support this, so that we don't trigger a chain reaction of toggling history widgets and the like. Set this attribute to True by default since most modes use it, but turn it off for Chat mode. Prevents an exception when sending a bad HTTP method or a 404 to a chat room
2021-05-11 08:41:17 +10:00
Miguel Jacq
a55a59e021
Disable OPTIONS on the update-session-username route on Chat mode
2021-05-11 08:39:44 +10:00
Miguel Jacq
dc4eaffa97
Website mode doesn't need to support POST as a method
2021-05-11 08:14:49 +10:00
Miguel Jacq
97922d33d0
Fix HTTP return code for custom 500 internal server error handler
2021-05-10 15:57:23 +10:00
Miguel Jacq
2618e89eda
Register the 405 error handler properly. Enforce the appropriate methods for each route (GET or POST only, with OPTIONS disabled). Add tests for invalid methods. Add a friendlier 500 internal server error handler
2021-05-10 11:23:44 +10:00
Micah Lee
0422020de1
Merge branch 'develop' into 1275_fix_website_mode
2021-05-04 20:02:54 -07:00
Micah Lee
34771e3ea9
When building the self.files, use forward slashes instead of backslashes in Windows
2021-05-04 20:01:30 -07:00
Miguel Jacq
c6ccd4de57
Remove unnecessary cleanup_filenames appending in the CompressThread. Ensure we also remove the temp dir that a Zip file is made within, by setting the temp dir in ZipWriter as a variable
2021-05-04 16:42:23 +10:00
Miguel Jacq
04019389da
Move the cleanup() function from Onionshare class to Web class, so that the list of files to be cleaned up is always available (needed for website temp files)
2021-05-04 16:21:42 +10:00
Micah Lee
ce7f676527
Fix GUI tests
2021-05-02 14:34:09 -07:00
Micah Lee
17966471ab
GUI displays "Read Message" button when a receive mode submission includes a message
2021-04-30 17:16:02 -07:00
Micah Lee
89bed3c5ac
If no files are uploaded, delete the empty receive mode dir that was created
2021-04-30 15:57:11 -07:00
Micah Lee
95e6985f86
Remove periods from receive mode time folder names, and save the message outside of the time folder
2021-04-30 15:53:23 -07:00
Micah Lee
47e02d781a
If a text message is received, save it in the ReceiveModeRequest object, and add includes_text=True to REQUEST_STARTED
2021-04-30 14:12:41 -07:00
Micah Lee
0a6056e5e6
Fix flake8 issues found in cli
2021-04-29 17:13:05 -07:00
Micah Lee
343e1be3d0
Merge branch 'develop' into 1305_receive_messages
2021-04-29 16:58:33 -07:00
Micah Lee
650bf93128
Merge pull request #1337 from mig5/update_csp
...
Update the Content-Security-Policy
2021-04-29 01:24:04 +00:00