Commit Graph

124 Commits (b7c8304cfd954846852f47430ecf03f39ce85099)

Author SHA1 Message Date
Rigel Kent 5e755fff9d add Content Security Policy (#1252)
* add Content Security Policy

* remove reflect-metadata on production builds to get rid of unsafe-eval

* fix baseCSP usage

* add SRI to CSP

* add blob: to media-src

* remove SRI

* CSP set to reportOnly

* adding data: to connect-src CSP

* remove block-all-mixed-content

* add report-uri support
2018-12-13 09:49:45 +01:00
Chocobozzz 2feebf3e6a
Add sitemap 2018-12-05 17:44:34 +01:00
Chocobozzz 0b2f03d371
Speedup peertube startup 2018-11-19 15:21:09 +01:00
Chocobozzz df66d81583
Add compatibility with other Linked Signature algorithms 2018-11-14 16:32:27 +01:00
Rigel Kent b83b8dd5ae add cli option to run without client 2018-11-14 15:59:56 +01:00
Chocobozzz e5565833f6
Improve redundancy: add 'min_lifetime' configuration 2018-09-24 13:38:39 +02:00
Chocobozzz c48e82b5e0 Basic video redundancy implementation 2018-09-13 14:05:49 +02:00
Rigel Kent 6328da8c01
make HSTS opt-in and leave it to the reverse-proxy 2018-09-09 22:10:38 +02:00
Chocobozzz 328e607d32
Add sql trace in error log on sequelize error 2018-08-31 11:43:46 +02:00
Rigel Kent aad0ec24e8 advertising PeerTube's rather simple DNT policy 2018-08-08 09:22:15 +02:00
Chocobozzz ed31c05985 Add ability to list video imports 2018-08-06 11:19:16 +02:00
Chocobozzz ce32426be9 Auto update youtube-dl 2018-08-06 11:19:16 +02:00
Chocobozzz 14f2b3ad11
Graceful job queue shutdown 2018-07-30 18:49:54 +02:00
Chocobozzz 3ac046e2a4
Fix peertube on chrome 2018-07-26 16:46:36 +02:00
Chocobozzz 57c36b277e Begin advanced search 2018-07-24 14:04:05 +02:00
Chocobozzz 57bf30a984
Fix CSP 2018-07-17 18:44:47 +02:00
Rigel Kent aa1c3d929f
(quickfix) loosening CSP 2018-07-17 16:36:07 +02:00
Chocobozzz 62945f067b
Add cors for static paths too 2018-07-17 15:04:54 +02:00
Rigel Kent 4bdd9473fd adding CSP, no-referrer policies and allow dns prefetching 2018-07-17 12:03:31 +02:00
Rigel Kent d00e2393d4 selective route permission to use embeds with x-frame-deny 2018-07-17 12:03:31 +02:00
Chocobozzz f4001cf408
Handle .srt subtitles 2018-07-16 14:31:40 +02:00
Chocobozzz 40e87e9ecc Implement captions/subtitles 2018-07-16 11:50:08 +02:00
Chocobozzz 3ff5a19b4c
Do not enable cors twice on /api in test mode 2018-06-29 09:48:19 +02:00
William Lahti 12daa83784 move CORS allowance to the REST API router 2018-06-29 09:46:44 +02:00
William Lahti b229e38d50 fix lint error on travis [let it be known, I disagree with this rule] 2018-06-29 09:46:44 +02:00
William Lahti 1fd2d96ff8 open CORS to allow in-browser apps to communicate w/ PeerTube instances 2018-06-29 09:46:44 +02:00
Chocobozzz 8afc19a612
Add ability to choose the language 2018-06-28 15:53:12 +02:00
Chocobozzz 9b67da3d9b
Add tracker rate limiter 2018-06-26 16:53:43 +02:00
Chocobozzz 23687332e6
Improve update host script and add warning if AP urls are invalid 2018-06-21 18:36:08 +02:00
Chocobozzz 2baea0c77c
Add ability for uploaders to schedule video update 2018-06-14 18:06:56 +02:00
Chocobozzz 989e526abf
Prepare i18n files 2018-06-05 08:43:01 +02:00
Chocobozzz 74af5a8361
Client E2E tests first step 2018-05-17 10:55:50 +02:00
Chocobozzz f55e5a7bf8
Process broadcast requests in parallel 2018-04-18 16:04:49 +02:00
Pierre-Alain TORET cff8b272b1 Support hostname binding in config
* Add basic support for hostname binding

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>

* Make production example a bit more secure

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>

* Make example config files compatible with hostname binding modification

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>

* Fix typo

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>

* Bind on 127.0.0.1 by default

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>

* Update Docker configuration with hostname binding

Signed-off-by: Pierre-Alain TORET <pierre-alain.toret@protonmail.com>
2018-04-17 11:14:32 +02:00
Rigel Kent 244e76a552
feature: initial syndication feeds support
Provides rss 2.0, atom 1.0 and json 1.0 feeds for videos (instance and account-wide) on listings and video-watch views.

* still lacks redis caching
* still lacks lastBuildDate support
* still lacks channel-wide support
* still lacks semantic annotation (for licenses, NSFW warnings, etc.)
* still lacks love ( ˘ ³˘)

* RSS: has MRSS support for torrent lists!
* RSS: includes the first torrent in an enclosure
* JSON: lists all torrents in the 'attachments' object
* ATOM: lacking torrent listing support

Advances #23
Partial implementation for the accountId generation in the client, which will need a hotfix to add a way to get the proper account id.
2018-04-17 01:09:06 +02:00
Chocobozzz 3d3441d6c7
Don't start application until all components were initialized 2018-04-04 11:04:14 +02:00
Chocobozzz 490b595a01
Prevent brute force login attack 2018-03-29 11:03:30 +02:00
Chocobozzz d5b7d9110d
Fix error logging 2018-03-26 16:04:14 +02:00
Chocobozzz bf9ae5ce57
Fix log in with special password character (+) 2018-03-26 11:49:44 +02:00
Chocobozzz e3a682a877
Handle thumbnail update 2018-02-14 16:03:09 +01:00
Chocobozzz ac81d1a06d
Add ability to set video thumbnail/preview 2018-02-14 16:03:09 +01:00
Chocobozzz 1e9d7b60cd
Fix crash with websocket tracker 2018-02-09 13:15:40 +01:00
Chocobozzz bc4c766aca
Handle error on websocket error 2018-02-09 10:34:11 +01:00
Chocobozzz ecb4e35f4e
Add ability to reset our password 2018-01-30 13:27:07 +01:00
Chocobozzz 94a5ff8a4a
Move job queue to redis
We'll use it as cache in the future.

/!\ You'll loose your old jobs (pending jobs too) so upgrade only when
you don't have pending job anymore.
2018-01-25 18:41:17 +01:00
Chocobozzz 23e27dd535
Add ability to configure log level 2018-01-19 13:58:13 +01:00
Chocobozzz 60650c77c8
Add scores to follows and remove bad ones 2018-01-11 09:35:50 +01:00
Chocobozzz 6b467fd54e
Fix tls and account bug 2018-01-05 14:15:32 +01:00
Chocobozzz e8e122002d
Automatically resize avatars 2018-01-03 11:36:03 +01:00
Chocobozzz 01de67b9a4
Add avatar max size limit 2018-01-03 11:10:40 +01:00
Chocobozzz 4635f59d7c
Add video comment components 2017-12-27 16:11:53 +01:00
Chocobozzz 50d6de9c28
Begin moving video channel to actor 2017-12-19 10:53:16 +01:00
Chocobozzz 91fea9fc48
Add migration 2017-12-13 17:46:23 +01:00
Chocobozzz 3fd3ab2d34
Move models to typescript-sequelize 2017-12-13 16:50:33 +01:00
Chocobozzz 4f49137101
Fix req accepts 2017-11-30 13:37:11 +01:00
Chocobozzz 98ec8b8e73
Fix lint 2017-11-30 13:16:23 +01:00
Chocobozzz 86d13ec2aa
Users list only available when use is authenticated
And has a special right
2017-11-29 13:18:05 +01:00
Chocobozzz 165cdc75bf
Fix well known and json parser with mastodon 2017-11-29 11:34:44 +01:00
Chocobozzz afffe98839
Speed up activity pub http requests 2017-11-27 19:40:52 +01:00
Chocobozzz 350e31d6b6
Follow works 2017-11-27 19:40:51 +01:00
Chocobozzz 571389d43b
Make it compile at least 2017-11-27 19:40:51 +01:00
Chocobozzz a96aed1518
Add ability to download a video from direct link or torrent file 2017-10-19 14:58:28 +02:00
Chocobozzz d8755eed1e
Add oembed endpoint 2017-10-16 10:07:26 +02:00
Chocobozzz b60e5f38da Upgrade express validator to v4 2017-09-15 12:17:08 +02:00
Chocobozzz 3482688cce Fix config checker 2017-08-26 09:17:20 +02:00
Chocobozzz 556ddc3192 Upgrade common server dependencies 2017-08-25 18:36:49 +02:00
Chocobozzz 93e1258c7c Move video file metadata in their own table
Will be used for user video quotas and multiple video resolutions
2017-08-25 11:36:23 +02:00
Chocobozzz 407c4473ad Fix upgrade script \n 2017-07-23 09:43:44 +02:00
Chocobozzz f981dae861 Add previews cache system between pods 2017-07-12 11:56:02 +02:00
Chocobozzz 6fcd19ba73 Move to promises
Closes https://github.com/Chocobozzz/PeerTube/issues/74
2017-07-05 14:14:16 +02:00
Chocobozzz 1840c2f7c9 Update webpack stack 2017-06-11 15:19:43 +02:00
Chocobozzz 4d4e5cd4dc require -> import 2017-06-05 21:53:49 +02:00
Chocobozzz e02643f32e Type models 2017-05-25 17:32:16 +02:00
Chocobozzz 65fcc3119c First typescript iteration 2017-05-20 09:57:40 +02:00