Commit Graph

103 Commits

Author SHA1 Message Date
Saptak S
f1cf52b166
Merge branch 'main' of github.com:onionshare/onionshare-ghsa-9mxm-qp84-xgx6 into release-2.6.2 2024-03-15 12:32:44 +05:30
Miguel Jacq
35670533d8
Set a maximum length of 524288 characters for text messages in Receive mode 2024-03-12 10:23:43 +11:00
Saptak S
2ef15395d4
Allow only ascii characters 2024-03-09 00:13:40 +05:30
Saptak S
ad61786b0f
Allows only specific unicode characters for username
Added a function to remove all characters apart from characters which
fall under the unicode categories of letters and numbers. Also added a
list of allowed special characters.
2024-03-08 21:00:19 +05:30
Saptak S
b2f0444f57
Raise error from waitress if not shutdown 2023-10-21 18:41:02 +05:30
Miguel Jacq
cf6a6e4590
Add trailing slash on directories in website mode to assist with relative asset links 2023-10-17 17:45:23 +11:00
Miguel Jacq
4439838ee7
Raise a Waitress exception into the UI with a modal dialog and reset the share if it occurs 2023-05-31 15:38:52 +10:00
Miguel Jacq
e434c0463c
Stop Waitress immediately rather than waiting 2023-05-30 16:19:37 +10:00
Miguel Jacq
9a19c47185
Removed some deprecation warnings spotted in pytest output. Harden waitress 2023-05-30 10:46:11 +10:00
Miguel Jacq
83b2bf2f0c
Switch to Waitress and Flask-Compress in lieu of werkzeug server 2023-05-29 14:46:17 +10:00
Micah Lee
6f9665f96b
Fix stubbed_show_server_banner function, so CLI tests pass 2022-09-30 13:27:25 -07:00
Micah Lee
305abff13c
Remove cleanup_tempfiles altogether because they are not being used 2022-02-13 10:40:55 -08:00
Micah Lee
33fd639f2a Use a TemporaryDirectory instead of NamedTemporaryFile to avoid opening an already open file in Windows 2022-02-09 18:19:50 -08:00
Micah Lee
c8ea770223
Merge branch 'ros-fixes' into release-2.5 2022-01-17 09:51:25 -08:00
Micah Lee
ababc2de46
Update copyright year to 2022 2022-01-16 16:15:49 -08:00
Micah Lee
9e99ad8b8d
Merge branch 'develop' of github.com:onionshare/onionshare into ros-fixes 2022-01-16 15:49:33 -08:00
Micah Lee
ec7fa4ef16
Solve obnoxious cx_Freeze issue that broke websockets by enforcing async_mode=gevent, and including the correct modules in the build 2021-12-21 16:55:59 -08:00
Micah Lee
3da0b7a3ea
Enable websocket logs in verbose mode 2021-12-21 15:01:35 -08:00
Micah Lee
7e55e8e816
Fix permission denied error in Windows, which was introduced using tempfile.NamedTemporaryFile, by using a TemporaryDirectory instead 2021-12-21 14:28:23 -08:00
Miguel Jacq
e6a17bc743
Force the MIME type for .js files to be text/javascript, to override silly OS databases/registries with incorrect settings, which Flask would otherwise depend on 2021-12-17 17:53:15 +11:00
Micah Lee
1dde6f6deb
Add temp file to cleanup list just once when its first created 2021-12-02 18:51:06 -08:00
Micah Lee
b3d53ca2f2
Fix CLI tests 2021-12-01 21:01:32 -08:00
Micah Lee
c8ba508d26
Merge branch 'develop' into 1470_tempfiles 2021-12-01 20:37:45 -08:00
Micah Lee
8ec9a24af1
Explicitly cleanup temp files and dirs 2021-12-01 20:34:54 -08:00
Micah Lee
109d63a10c
Use NamedTemporaryFile instead of TemporaryFile, to fix crash when sharing one file 2021-12-01 20:10:51 -08:00
Saptak S
98f6f3b7d7
Checks if username is ASCII string else throw an error 2021-11-30 01:19:29 +05:30
Saptak S
2a68b5bce1
Removes invisible whitespace characters from username in chat 2021-11-19 15:25:10 +05:30
Micah Lee
b659eccfbf
Use a NamedTemporaryFile instead of TemporaryFile for streamed gzip files 2021-11-18 20:17:39 -08:00
Micah Lee
f5b60de2e6
Use high level tempfile classes that clean up after themselves 2021-11-18 20:03:18 -08:00
Micah Lee
627f44c423
Merge branch 'advisory-fix-1' of github.com:onionshare/onionshare-ghsa-jh82-c5jw-pxpc into ros-fixes 2021-11-18 19:16:00 -08:00
Micah Lee
5f5b761fcf
Merge branch 'chat-session-handling' of github.com:onionshare/onionshare-ghsa-gjj5-998g-v36v into ros-fixes 2021-11-18 19:15:24 -08:00
Saptak S
b9d9f14916
Refuses connection if another session is already active 2021-11-14 23:44:16 +05:30
Saptak S
6429392a40
Adds username validation for socketio event handler as well 2021-11-14 23:28:17 +05:30
Saptak S
2a7c3d6867
Renames message event to chat_message 2021-11-14 21:06:47 +05:30
Saptak S
f4ade1ba8d
Removed room from chat
- Uses the global room instead of adding and leaving room for users
- Removes the joining event and triggers connection status from
server as soon as a connection event is received in server side
2021-11-14 20:58:21 +05:30
Miguel Jacq
096178a9e6
Use microseconds for Receive Mode dir/file names 2021-11-09 12:30:48 +11:00
Miguel Jacq
627c185fcb
Support sending a custom Content-Security-Policy header in Website mode 2021-11-08 16:31:05 +11:00
Saptak S
6edab6877a
Removes trailing slash from directories inside directories 2021-09-04 20:41:22 +05:30
Micah Lee
aac8020c3e
Merge pull request #1416 from SaptakS/fix-chat-shutdown
Adds exception for ConnectionError in chat mode during shutdown
2021-09-03 13:23:43 -07:00
Saptak Sengupta
1b5b6a6b71
Merge pull request #1399 from easyteacher/develop
Make last_modified and if_date timezone-aware (Fix #1398)
2021-09-04 00:13:12 +05:30
Fushan Wen
f4b35f25d3 Make last_modified and if_date timezone-aware
Fix #1398
2021-09-03 00:07:48 +08:00
Saptak S
5a7ab3c12e
Adds exception for ConnectionError in chat mode during shutdown
The way flask-socketio stops a connection when running using
eventlet is by raising SystemExit to abort all the processes.
Hence the connections are closed and no response is returned
So I am just catching the ConnectionError to check if it was
chat mode, in which case it's okay.
2021-09-02 18:57:21 +05:30
Miguel Jacq
dd7938a134
Merge develop and resolve conflict 2021-08-30 13:41:15 +10:00
Miguel Jacq
a08f303f89
Remove rate-limit related code, and a couple more places where flask-httpauth was referenced 2021-08-28 09:41:09 +10:00
Miguel Jacq
0bf8f53d30
ClientAuthV3 fixes
* Remove Client Auth as an explicit option (it's on by default).
 * Update wording about Public mode
 * Fix tuple error when raising TorTooOldStealth exception in CLI
 * Move Private Key button next to URL button in GUI
 * Replace visual references of ClientAuth to Private Key
 * Remove HTTPAuth Flask dependency and remove a lot of code to do with password generation,
   401 auth triggers/invalid password rate limit detection etc
 * Test updates
 * Remove obsolete locale keys
2021-08-27 15:52:29 +10:00
Micah Lee
c6451e097c
Remove endpoint altogether because it's not needed 2021-08-20 11:59:26 -07:00
Twann
aa89c2192f
Fix issue #1365 2021-08-19 16:15:53 +02:00
whew
a132cd28f5
fix another typo... 2021-05-31 12:28:57 +00:00
whew
3f4f5e22ec
fix typo 2021-05-31 12:23:32 +00:00
whew
eeacd8c507
Merge branch 'develop' into add_security_headers 2021-05-31 12:13:58 +00:00