Commit Graph

310 Commits

Author SHA1 Message Date
Cullen Walsh 02e8cb264f Add detect_base_url config
This diff adds the detect_base_url config, controlled by the
DETECT_BASE_URL env variable. When set to true, the BASE_URL setting is
ignored, and the base_url is derived from the request protocol and host
header.

Test Plan: Started up a local instance in my homelab, running docker
node:15 image with a nginx reverse proxy. Configured nginx to use the
same backend with multiple hostnames on https. Opened in browser and
confirmed og:url meta tag uses correct url.
2021-05-05 22:19:11 -07:00
Aaron f5bb74e921
index.js: Add "data:" as an allowed image source in CSP
Signed-off-by: Aaron <admin@datahoarder.dev>
2021-04-21 21:40:15 +02:00
timvisee 1b6c5b8f97
Only set Redis client password if password is specified
This attempts to fix a Redis connection issue when the Redis password
is an empty string.

See https://github.com/timvisee/send-docker-compose/issues/3#issuecomment-822885578
2021-04-20 18:37:19 +02:00
piaoger gong e2dde364eb add env for redis pwd and port 2021-04-18 11:08:35 +08:00
timvisee 15d37da667
Remove obsolete anonymous limits
Related to https://gitlab.com/timvisee/send/-/issues/3
2021-04-12 15:19:02 +02:00
Romain Hv a0bc20aeb6 Remove metrics #4 2021-03-15 19:56:51 +01:00
timvisee 5b9c8301c7
Fix incorrect environment variable for config property 2021-02-05 02:24:48 +01:00
timvisee 6960cc75fa
Add configurable donate, CLI and DMCA and source links in footer 2021-01-27 00:21:03 +01:00
timvisee 3165086869
Remove legal page, add no affiliation text in footer 2021-01-09 19:14:42 +01:00
io mintz 44c03e355f CSP: remove a bunch of unused mozilla-only domains and FXA domains 2020-11-13 22:24:38 +00:00
Danny Coates 28c48f51d1
set downloadMetadata.status to 404 on unfound downloads. fixes #1501
Co-authored-by: timvisee <tim@visee.me>
2020-10-16 15:52:28 +02:00
Danny Coates b5ef1785ab
replaced fxa-geodb with load balancer header
Co-authored-by: timvisee <tim@visee.me>
2020-10-16 15:51:28 +02:00
Danny Coates e909a3bae8
refactored storage, style tweaks
Co-authored-by: timvisee <tim@visee.me>
2020-10-16 15:47:56 +02:00
Danny Coates 4f273eca03
added oauth refresh token support
Co-authored-by: timvisee <tim@visee.me>
2020-10-16 15:46:24 +02:00
timvisee 45d5f41731
Remove Firefox branding from app name in front-end 2020-10-15 18:48:54 +02:00
Danny Coates ccbcb69666
Merge pull request #1434 from MichaelPeter-Shockoe/master
modify connect-src of Content Security Policy to include dynamic wss URL based on configured base URL
2020-07-09 19:37:02 -07:00
Danny Coates e6ff9e486b
Merge pull request #1063 from hbakhtiyor/patch-1
Convert ContentLength of storage to number
2020-07-09 19:34:33 -07:00
Danny Coates 17afd6ad58
Merge pull request #1416 from factorysh/s3_endpoint
Choose your endpoint.
2020-07-09 19:33:21 -07:00
Danny Coates 7dd1fcca9b
Merge pull request #1480 from jackyzy823/fxa-csp
Handle Content-Security-Policy for self hosting FxA
2020-07-09 19:31:06 -07:00
Danny Coates 3195ee7d16
Merge pull request #1465 from minvs1/redis-retry-configs
Allow to set custom retry parameters
2020-07-09 19:17:28 -07:00
jackyzy823 e2876b119d add configs to handle content-security-policy correctly for custom fxa urls 2020-06-11 21:57:48 +08:00
Danny Coates 89469e3c9c
updated node to 12 2020-04-29 17:38:55 -07:00
minvs1 7aead375d8 Allow to set custom retry parameters 2020-04-21 23:30:39 +03:00
Mathieu Lecarme 97deb78de6 Use the config object. 2020-03-23 15:48:07 +01:00
Mathieu Lecarme 2d22573588 Choose your endpoint.
See https://github.com/mozilla/send/issues/1239
2020-03-23 15:48:07 +01:00
Michael Peter 5ff6266a5e modify connect-src of Content Security Policy to include dynamic wss URL based on configured base URL 2020-01-17 17:47:09 -05:00
Danny Coates 097d3c8377
make geoip lookup optional 2020-01-11 14:06:17 -08:00
Danny Coates d5c488196d
no-cache harder 2019-09-05 13:33:12 -07:00
Danny Coates 807ecff471
updated sentry libs from raven to @sentry 2019-08-09 11:06:21 -07:00
Danny Coates 6378676c2d
use resumable uploads to GCS 2019-08-07 10:10:42 -07:00
Danny Coates 527040afef
updated ws dependency and slightly improved client side error handling, hung uploads will error instead of hang forever 2019-08-06 14:47:21 -07:00
Danny Coates c80f9ada65
updated deps 2019-07-29 15:26:11 -07:00
Danny Coates 58191975b9
stubbed /login page for redirect base login flow 2019-07-23 09:27:34 -07:00
Danny Coates b9c87fd779
updated tailwindcss to 1.0 2019-06-14 11:37:30 -07:00
Danny Coates 23ecb632eb added signin button color experiment. closes #1306 (#1320) 2019-05-03 13:10:56 -04:00
Danny Coates f603f40f43 added agent to server metrics (#1321) 2019-05-03 12:25:12 -04:00
Hugo Abreu f517c514d8 Defined retry_strategy for redis. Closes #1292 2019-05-02 21:56:28 +01:00
Danny Coates 20b9279eec added survey dialog. closes #1307 2019-05-01 09:47:04 -07:00
Robert f94918bebd Prevent possible download counter race condition 2019-04-19 13:10:49 +02:00
Danny Coates 7f76a279c3
fixed L10N_DEV option 2019-03-31 13:04:16 -07:00
Danny Coates efea0e5ab0
added gravatar to CSP image-src 2019-03-31 13:04:15 -07:00
Danny Coates 5d19a9d696
fixed dev android for longer file ids 2019-03-31 13:04:15 -07:00
Danny Coates 8cf3b89f91
increase file id to 8 bytes 2019-03-26 09:32:44 -07:00
Danny Coates ebbb1d05d2
use crypto.timingSafeEqual in hmac and ownerToken authentication 2019-03-14 22:09:34 -07:00
Danny Coates 3e14d3049d
only index / route 2019-03-14 13:17:47 -07:00
Danny Coates c4891c3866
fixed req.route bug when no routes match 2019-03-14 12:02:36 -07:00
Danny Coates 4e26c6ab75
added robots meta tag 2019-03-14 11:40:01 -07:00
Danny Coates 017bb0d146
wrap openid-config request in try/catch 2019-03-13 12:07:59 -07:00
Danny Coates e702022d7f
default accept-language to en-US when regexp does not match 2019-03-13 11:30:37 -07:00
Christopher Ramírez f3fb433531 Fix link to dev.js and prod.js files.
The links on readme.md were pointing to no longer existant files.
With this PR these links are updated to the new location of the
files inside the ./bin directory.
2019-03-13 07:45:55 -06:00