Commit Graph

85 Commits (7ed2c1a46fd11caca16d5aec80d9f90d7a2d3429)

Author SHA1 Message Date
Yohan Boniface c342726ad4 Allow to control RATES_LIMIT from configuration (#1787)
* Allow to control RATES_LIMIT from configuration

* @Chocobozzz review (squash me)
2019-04-26 13:48:55 +02:00
Chocobozzz cda03765fe
Add ability to delete old remote views 2019-04-12 08:31:06 +02:00
Chocobozzz 8f0bc73d7d
Add ability to limit videos history size 2019-04-11 15:38:53 +02:00
Chocobozzz 31b6ddf866
Add ability to disable tracker 2019-04-10 09:23:18 +02:00
Chocobozzz 14893eb71c
Add ability to manually approves instance followers in REST API 2019-04-08 15:18:04 +02:00
Chocobozzz 5b9c965d5a
Add ability to forbid followers 2019-04-08 14:06:23 +02:00
Josh Morel 7ccddd7b52 add quarantine videos feature (#1637)
* add quarantine videos feature

* increase Notification settings test timeout

to 20000ms. was completing 7000 locally but timing out
after 10000 on travis

* fix quarantine video test issues

-propagate misspelling
-remove skip from server/tests/client.ts

* WIP use blacklist for moderator video approval

instead of video.quarantine boolean

* finish auto-blacklist feature
2019-04-02 11:26:47 +02:00
Chocobozzz 0b16f5f220 Add videos playlist exist tests 2019-03-18 11:17:59 +01:00
Chocobozzz 539d3f4faa
BREAKING: update CSP configuration
Disable it by default and add ability to specify a custom report uri
2019-02-21 16:28:53 +01:00
Chocobozzz f8802489bb
Add isNSFW instance configuration key 2019-02-20 15:36:43 +01:00
Chocobozzz 7f8f8bdb4a
HLS is only supported by ffmpeg 4
Because of c8f625f529
2019-02-12 11:14:36 +01:00
Chocobozzz 9b712a2017
Add ffmpeg version in config for hls transcoding 2019-02-11 11:46:08 +01:00
Chocobozzz 0920929696 Add hls support on server 2019-02-11 09:13:02 +01:00
Chocobozzz a4101923e6
Implement contact form on server side 2019-01-10 11:32:37 +01:00
Rigel Kent 5e755fff9d add Content Security Policy (#1252)
* add Content Security Policy

* remove reflect-metadata on production builds to get rid of unsafe-eval

* fix baseCSP usage

* add SRI to CSP

* add blob: to media-src

* remove SRI

* CSP set to reportOnly

* adding data: to connect-src CSP

* remove block-all-mixed-content

* add report-uri support
2018-12-13 09:49:45 +01:00
Chocobozzz 14e2014acc Support additional video extensions 2018-12-11 15:11:09 +01:00
Chocobozzz 6040f87d14
Add tmp and redundancy directories 2018-12-04 16:04:15 +01:00
Chocobozzz 8d4273463f
Check follow constraints when getting a video 2018-11-16 15:49:16 +01:00
Chocobozzz e5565833f6
Improve redundancy: add 'min_lifetime' configuration 2018-09-24 13:38:39 +02:00
Chocobozzz f9f899b9f8
Add redundancy check interval in config 2018-09-19 16:21:30 +02:00
Chocobozzz d9bdd007d7
Put config redundancy strategies in "strategies" subkey 2018-09-19 16:12:07 +02:00
Rigel Kent df182b373f
normalize robot.txt and specify test servers as scope of security audits 2018-09-18 11:18:51 +02:00
Chocobozzz 3f6b6a565d
Add recently added redundancy strategy 2018-09-14 11:05:38 +02:00
Chocobozzz b36f41ca09
Add trending videos strategy 2018-09-14 09:57:21 +02:00
Chocobozzz c48e82b5e0 Basic video redundancy implementation 2018-09-13 14:05:49 +02:00
Rigel Kent 1f4f151019
add vulnerability disclosure policy 2018-09-06 14:25:27 +02:00
Austin Heap 5447516b9a draft "security.txt" spec integration (#1020) 2018-09-06 14:23:46 +02:00
Chocobozzz 9a629c6efb
Trending by interval 2018-08-31 17:22:01 +02:00
Josh Morel d9eaee3939 add user account email verificiation (#977)
* add user account email verificiation

includes server and client code to:

* enable verificationRequired via custom config
* send verification email with registration
* ask for verification email
* verify via email
* prevent login if not verified and required
* conditional client links to ask for new verification email

* allow login for verified=null

these are users created when verification not required
should still be able to login when verification is enabled

* refactor email verifcation pr

* change naming from verified to emailVerified
* change naming from askVerifyEmail to askSendVerifyEmail
* undo unrelated automatic prettier formatting on api/config
* use redirectService for home
* remove redundant success notification on email verified

* revert test.yaml smpt host
2018-08-31 09:18:19 +02:00
Felix Ableitner bee0abffff Implement daily upload limit (#956)
* Implement daily upload limit (ref #652)

* remove duplicate code

* review fixes

* fix tests?

* whitespace fixes, finish leftover todo

* fix tests

* added some new tests

* use different config value for tests

* remove todo
2018-08-28 09:01:35 +02:00
Chocobozzz f37dc0dd14 Add ability to search video channels 2018-08-27 09:41:54 +02:00
Chocobozzz 1297eb5db6 Add refresh video on search 2018-08-27 09:41:54 +02:00
Chocobozzz a84b8fa5cf Add import.video.torrent configuration 2018-08-08 09:30:31 +02:00
Chocobozzz 5d08a6a74e Add import http enabled configuration 2018-08-06 11:19:16 +02:00
Rigel Kent 1c3386e87f adding ORM pool configuration 2018-07-31 15:38:08 +02:00
Chocobozzz f842e810b4
Update default config cache 2018-07-25 15:11:06 +02:00
Chocobozzz 40e87e9ecc Implement captions/subtitles 2018-07-16 11:50:08 +02:00
Rigel Kent 19f7b248d8 adding redis unix connection 2018-07-14 15:00:56 +02:00
Chocobozzz 09f35e2a6f
Add warning regarding transcoding 2018-06-07 16:44:22 +02:00
Chocobozzz 351d5225d6
Improve Twitter config help 2018-05-31 11:04:34 +02:00
Chocobozzz 6401417d6c
Add help in conf file regarding SMTP 2018-05-29 10:28:08 +02:00
Rigel Kent ff2c1fe813 feature: IP filtering on signup page
disable registration form on IP not in range
checking the CIDR list before filtering with it
placing the cidr filters as an attribute object in the config
2018-05-22 19:44:34 +02:00
Chocobozzz 78881bc4fa
Allow crawling by default 2018-05-22 11:02:10 +02:00
Rigel Kent 30c82f0d2e feature: db selection in redis
resolves #579
2018-05-21 17:49:56 +02:00
Rigel Kent ac235c37e2 robots.txt config and route 2018-05-16 10:50:55 +02:00
Chocobozzz 8be1afa12b
Add ability to embed a video in Twitter
The instance should be whitelisted first
2018-05-11 08:48:20 +02:00
Chocobozzz 0883b3245b
Add ability to choose what policy we have for NSFW videos
There is a global instance setting and a per user setting
2018-04-19 11:01:34 +02:00
Pierre-Alain TORET cff8b272b1 Support hostname binding in config
* Add basic support for hostname binding

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>

* Make production example a bit more secure

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>

* Make example config files compatible with hostname binding modification

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>

* Fix typo

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>

* Bind on 127.0.0.1 by default

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>

* Update Docker configuration with hostname binding

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>
2018-04-17 11:14:32 +02:00
luz.paz f209b32afa Misc. typos
Found via `codespell -q 3`
2018-03-30 18:51:57 +02:00
Chocobozzz 490b595a01
Prevent brute force login attack 2018-03-29 11:03:30 +02:00