Backup_Repos/filestash
1
0
Fork 0
mirror of https://github.com/mickael-kerjean/filestash synced 2025-12-10 10:23:40 +01:00
Code Issues Projects Releases Wiki Activity
964 commits 4 branches 6 tags 132 MiB
Commit graph

476 commits

Author SHA1 Message Date
Mickael Kerjean
c7e40e42db feature (429): rate limit authentication endpoints 2022-09-04 22:26:03 +10:00
Mickael Kerjean
952f45097e feature (rest): setup for rest api 2022-09-04 18:39:34 +10:00
Mickael Kerjean
dd6f0ca407 feature (cancellation): logic to cancel request in client and server 2022-09-02 17:26:32 +10:00
Mickael Kerjean
0bfab6eff2 feature (report): activity report plugin 2022-09-02 00:58:43 +10:00
Mickael Kerjean
bb9fb89d44 fix (concurrency): prevent concurrent map writes 
when booting up, we have a lot of Set in the Config alongside a lot of
Get, Let's block all the concurrent Set
 2022-09-01 23:28:29 +10:00
Mickael Kerjean
231e5ba18d feature (auditing): pluggable auditing in admin console 2022-09-01 07:37:59 +10:00
Mickael Kerjean
75696a8088 fix (plg_backend_tmp): incorrect permission when creating folder 2022-08-31 00:40:23 +10:00
Mickael Kerjean
a82177e719 maintain (ctx): pass app context as pointer 2022-08-30 17:27:23 +10:00
Mickael Kerjean
b62a9dd423 fix (os): wrapper for file related operation via the os package 2022-08-30 01:46:06 +10:00
Mickael Kerjean
8bbd4a2f57 fix (symlink): evaluate symlinks before opening file 2022-08-29 20:10:14 +10:00
Mickael Kerjean
28c2e5070d fix (#500): ldap issue as reported in #500 2022-08-28 23:41:20 +10:00
Mickael Kerjean
bb91f589e1 fix (open): handle non existing local file 2022-08-28 22:18:38 +10:00
Mickael Kerjean
4f0741111b feature (auth): add machine_id in template binding 2022-08-28 22:04:50 +10:00
Mickael Kerjean
812446ac23 fix (symlink): wrap os.OpenFile to prevent symlinks expansion 
os.Open and os.OpenFile make it possible to open a wide range of
files as seen in https://cs.opensource.google/go/go/+/refs/tags/go1.19:src/os/types.go;l=35

We only want to handle regular files and folders, no socket, device,
symlink, ....
 2022-08-28 21:43:43 +10:00
Mickael Kerjean
633f17a63b feature (plg_authenticate_passthrough): populate session data 2022-08-26 21:03:26 +10:00
Mickael Kerjean
4f4fcfc16e fix (ftp): prevent connection close when uploading / downloading 2022-08-26 15:53:49 +10:00
Mickael Kerjean
f7484b7aab fix (plg_backend_tmp): sanity check for user input 2022-08-23 18:07:44 +10:00
Mickael Kerjean
8f7ac67db7 fix (plg_backend_tmp): prevent local filesystem access 2022-08-23 17:33:52 +10:00
Mickael Kerjean
fea8c024c9 feature (middleware): add environment variable in template bind 
This enable binding environment variable for things like hostname that
would look like '{{ .ENV_NAME }}.example.com'
 2022-08-19 23:10:06 +10:00
Mickael Kerjean
77767af252 maintain (plg_backend_nop): additional debug log 2022-08-19 12:13:52 +10:00
Mickael Kerjean
ee6256e075 fix (plg_plugin_webdav): IIS compat 2022-08-09 19:08:14 +10:00
Mickael Kerjean
a75a33d49b fix (share): access shared link multiple times issue 
When trying to access a shared link protected with a password many
times over, user would see an ErrNotValid (case 2 from ShareVerifyProof in
ctrl/share.go). With this commit, we are making sure the proof cookie
doesn't grow more when trying to access the same link over and over again
 2022-07-20 00:25:39 +10:00
Mickael Kerjean
1d47e557fc debug (log): expose additional info on debug more 2022-07-19 22:56:27 +10:00
Mickael Kerjean
9f7550938b fix (iframe): proof cookie should be iframe friendly 
before this commit, we couldn't embed a shared link protected by a
password as it would show the following error: "Unauthorized Shared
space".
 2022-07-16 18:59:53 +10:00
Mickael Kerjean
9a1de6253c feature (logging): additional logging info in debug mode 2022-07-14 13:27:21 +10:00
Mickael Kerjean
b2690e906b feature (plg_backend_ftp): alternative ftp backend 2022-06-12 02:25:31 +10:00
Mickael Kerjean
d265d5b5e0 fix (panic): concurrent read issue 2022-05-19 00:45:56 +10:00
Mickael Kerjean
77b64fcfcc improve (ldap): trim prefix for ldap backend connection 2022-05-19 00:42:06 +10:00
Mickael Kerjean
f72b630e50 fix (csp): csp policy on cat 
The issue this is fixing is for the plg_opener_htmlframe which does
open html documents as an iframe. Without this, we couldn't load any
js at all which was causing issue to render things like markdown via
external libs and such
 2022-05-13 08:43:47 +10:00
Mickael Kerjean
2e10feff4f feature (manifest): generate application manifest server side 
the app manifest used to be statically generated meaning it would show
Filestash whenever user tries to install as an app. Now admin can
change that to show something else
 2022-05-11 22:23:02 +10:00
Mickael Kerjean
4ec94902b5 fix (healthz): pass when using either http / https 2022-05-11 00:46:05 +10:00
Mickael Kerjean
bf72ee1bd2 feature (plugin): css plugin enhancement 2022-05-11 00:45:41 +10:00
Mickael Kerjean
0988f7ccb0 fix (onlyoffice): issue with http/https starter 2022-05-10 20:51:19 +10:00
Mickael Kerjean
f71e07a53a fix (plg_starter_https): unused deps 2022-05-09 00:59:28 +10:00
Mickael Kerjean
19df27edda cleanup (plg_starter_https): remove dead code 2022-05-06 01:05:25 +10:00
Mickael Kerjean
cc65e1d6dd fix (sftp): disable insecure access on sftp 
for those use case where we want to force the client to send the
fingerprint of the public key
 2022-04-30 13:35:21 +10:00
Mickael Kerjean
a0d434cd96 fix (sftp): easier format for host key verification 2022-04-30 13:15:54 +10:00
Mickael Kerjean
054c92c71f fix (plg_starter_https): broken https plugin 
the https plugin was broken. Instead of trying to do everything, we've
refactor the plugin to only do self signed certificate.

let's encrypt is causing a lot of weird issues as it won't work in a range of vps
provider so we considered it out of scope for this plugin. If we're to
integrate with lets encrypt in the future, this should be done as
another starter plugin
 2022-04-30 12:35:04 +10:00
Mickael Kerjean
d94c0fef1a fix (log): log to file when using Log.Stdout 2022-04-27 00:37:39 +10:00
Mickael Kerjean
e2b1b4f477 fix (constant): license info as code 2022-04-25 20:03:13 +10:00
Mickael Kerjean
f9e51482d5 feature (css): inject css as a plugin 2022-04-25 00:34:44 +10:00
Mickael Kerjean
b9279fa77f improve (iframe): warning with unsupported use case 2022-04-21 01:28:58 +10:00
Mickael Kerjean
b3762eff6a fix (regression): regression caught by e2e tests 2022-04-21 01:13:15 +10:00
Mickael Kerjean
629a80c836 fix (#469): allow cross domain iframe 2022-04-20 08:04:09 +10:00
Mickael Kerjean
84aaea4008 fix (console): provide a fix for #461 and #463 2022-04-07 08:52:07 +10:00
Mickael Kerjean
9b60ac6301 feature (log): enable more log types 2022-04-07 08:02:24 +10:00
Mickael Kerjean
d1890ecb33 cleanup (config): remove dead code 2022-04-07 07:35:26 +10:00
Mickael Kerjean
3d0fc67b50 cleanup (main): cleanup server main func 2022-04-05 08:05:56 +10:00
Mickael Kerjean
614ec4ff6a Merge branch 'master' of ssh://github.com/mickael-kerjean/filestash 2022-04-02 20:09:06 +11:00
Mickael Kerjean
0e4fc75b35 cleanup (plugin): list of prebuild plugin 2022-04-02 20:07:05 +11:00