Commit Graph

313 Commits

Author SHA1 Message Date
Nick Sweeting 4a6a3dfc36
coerce DOWNLOAD_COUNTS and EXPIRE_TIMES_SECONDS into positive integer arrays 2021-05-19 01:39:14 -04:00
timvisee 512c9803bd
Enable base URL detection by default with npm start, remove FXA_CLIENT_ID 2021-05-07 13:07:26 +02:00
timvisee 4c45d6217d
Properly derive base URL as configured in file upload logic
Fixes https://github.com/timvisee/send/issues/29
2021-05-07 13:07:17 +02:00
Cullen Walsh 02e8cb264f Add detect_base_url config
This diff adds the detect_base_url config, controlled by the
DETECT_BASE_URL env variable. When set to true, the BASE_URL setting is
ignored, and the base_url is derived from the request protocol and host
header.

Test Plan: Started up a local instance in my homelab, running docker
node:15 image with a nginx reverse proxy. Configured nginx to use the
same backend with multiple hostnames on https. Opened in browser and
confirmed og:url meta tag uses correct url.
2021-05-05 22:19:11 -07:00
Aaron f5bb74e921
index.js: Add "data:" as an allowed image source in CSP
Signed-off-by: Aaron <admin@datahoarder.dev>
2021-04-21 21:40:15 +02:00
timvisee 1b6c5b8f97
Only set Redis client password if password is specified
This attempts to fix a Redis connection issue when the Redis password
is an empty string.

See https://github.com/timvisee/send-docker-compose/issues/3#issuecomment-822885578
2021-04-20 18:37:19 +02:00
piaoger gong e2dde364eb add env for redis pwd and port 2021-04-18 11:08:35 +08:00
timvisee 15d37da667
Remove obsolete anonymous limits
Related to https://gitlab.com/timvisee/send/-/issues/3
2021-04-12 15:19:02 +02:00
Romain Hv a0bc20aeb6 Remove metrics #4 2021-03-15 19:56:51 +01:00
timvisee 5b9c8301c7
Fix incorrect environment variable for config property 2021-02-05 02:24:48 +01:00
timvisee 6960cc75fa
Add configurable donate, CLI and DMCA and source links in footer 2021-01-27 00:21:03 +01:00
timvisee 3165086869
Remove legal page, add no affiliation text in footer 2021-01-09 19:14:42 +01:00
io mintz 44c03e355f CSP: remove a bunch of unused mozilla-only domains and FXA domains 2020-11-13 22:24:38 +00:00
Danny Coates 28c48f51d1
set downloadMetadata.status to 404 on unfound downloads. fixes #1501
Co-authored-by: timvisee <tim@visee.me>
2020-10-16 15:52:28 +02:00
Danny Coates b5ef1785ab
replaced fxa-geodb with load balancer header
Co-authored-by: timvisee <tim@visee.me>
2020-10-16 15:51:28 +02:00
Danny Coates e909a3bae8
refactored storage, style tweaks
Co-authored-by: timvisee <tim@visee.me>
2020-10-16 15:47:56 +02:00
Danny Coates 4f273eca03
added oauth refresh token support
Co-authored-by: timvisee <tim@visee.me>
2020-10-16 15:46:24 +02:00
timvisee 45d5f41731
Remove Firefox branding from app name in front-end 2020-10-15 18:48:54 +02:00
Danny Coates ccbcb69666
Merge pull request #1434 from MichaelPeter-Shockoe/master
modify connect-src of Content Security Policy to include dynamic wss URL based on configured base URL
2020-07-09 19:37:02 -07:00
Danny Coates e6ff9e486b
Merge pull request #1063 from hbakhtiyor/patch-1
Convert ContentLength of storage to number
2020-07-09 19:34:33 -07:00
Danny Coates 17afd6ad58
Merge pull request #1416 from factorysh/s3_endpoint
Choose your endpoint.
2020-07-09 19:33:21 -07:00
Danny Coates 7dd1fcca9b
Merge pull request #1480 from jackyzy823/fxa-csp
Handle Content-Security-Policy for self hosting FxA
2020-07-09 19:31:06 -07:00
Danny Coates 3195ee7d16
Merge pull request #1465 from minvs1/redis-retry-configs
Allow to set custom retry parameters
2020-07-09 19:17:28 -07:00
jackyzy823 e2876b119d add configs to handle content-security-policy correctly for custom fxa urls 2020-06-11 21:57:48 +08:00
Danny Coates 89469e3c9c
updated node to 12 2020-04-29 17:38:55 -07:00
minvs1 7aead375d8 Allow to set custom retry parameters 2020-04-21 23:30:39 +03:00
Mathieu Lecarme 97deb78de6 Use the config object. 2020-03-23 15:48:07 +01:00
Mathieu Lecarme 2d22573588 Choose your endpoint.
See https://github.com/mozilla/send/issues/1239
2020-03-23 15:48:07 +01:00
Michael Peter 5ff6266a5e modify connect-src of Content Security Policy to include dynamic wss URL based on configured base URL 2020-01-17 17:47:09 -05:00
Danny Coates 097d3c8377
make geoip lookup optional 2020-01-11 14:06:17 -08:00
Danny Coates d5c488196d
no-cache harder 2019-09-05 13:33:12 -07:00
Danny Coates 807ecff471
updated sentry libs from raven to @sentry 2019-08-09 11:06:21 -07:00
Danny Coates 6378676c2d
use resumable uploads to GCS 2019-08-07 10:10:42 -07:00
Danny Coates 527040afef
updated ws dependency and slightly improved client side error handling, hung uploads will error instead of hang forever 2019-08-06 14:47:21 -07:00
Danny Coates c80f9ada65
updated deps 2019-07-29 15:26:11 -07:00
Danny Coates 58191975b9
stubbed /login page for redirect base login flow 2019-07-23 09:27:34 -07:00
Danny Coates b9c87fd779
updated tailwindcss to 1.0 2019-06-14 11:37:30 -07:00
Danny Coates 23ecb632eb added signin button color experiment. closes #1306 (#1320) 2019-05-03 13:10:56 -04:00
Danny Coates f603f40f43 added agent to server metrics (#1321) 2019-05-03 12:25:12 -04:00
Hugo Abreu f517c514d8 Defined retry_strategy for redis. Closes #1292 2019-05-02 21:56:28 +01:00
Danny Coates 20b9279eec added survey dialog. closes #1307 2019-05-01 09:47:04 -07:00
Robert f94918bebd Prevent possible download counter race condition 2019-04-19 13:10:49 +02:00
Danny Coates 7f76a279c3
fixed L10N_DEV option 2019-03-31 13:04:16 -07:00
Danny Coates efea0e5ab0
added gravatar to CSP image-src 2019-03-31 13:04:15 -07:00
Danny Coates 5d19a9d696
fixed dev android for longer file ids 2019-03-31 13:04:15 -07:00
Danny Coates 8cf3b89f91
increase file id to 8 bytes 2019-03-26 09:32:44 -07:00
Danny Coates ebbb1d05d2
use crypto.timingSafeEqual in hmac and ownerToken authentication 2019-03-14 22:09:34 -07:00
Danny Coates 3e14d3049d
only index / route 2019-03-14 13:17:47 -07:00
Danny Coates c4891c3866
fixed req.route bug when no routes match 2019-03-14 12:02:36 -07:00
Danny Coates 4e26c6ab75
added robots meta tag 2019-03-14 11:40:01 -07:00