aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* mod_http_file_share: Indicate missing token via WWW-Authenticate headerKim Alvefur2021-01-291-0/+1
|
* mod_http_file_share: Clarify message about missing Authorization headerKim Alvefur2021-01-291-1/+1
|
* mod_http_file_share: Allow started uploads to complete after token expiredKim Alvefur2021-01-281-1/+1
| | | | | | | Otherwise uploads taking longer than 5 minutes would be rejected on completion, and that's probably annoying. Thanks jonas’
* mod_http_file_share: Serve configurable set of safe mime types inline ↵Kim Alvefur2021-01-281-1/+8
| | | | | | (thanks jonas’) Otherwise people complain about browser 'Save as' dialog.
* mod_http_file_share: Cache file metadataKim Alvefur2021-01-281-9/+38
| | | | | | | | For faster access by avoiding archive ID. No benchmarks were harmed in the making of this commit. ... no benchmarks were performed at all.
* mod_http_file_share: Extract all file properties into variables earlierKim Alvefur2021-01-281-4/+12
| | | | | A step towards adding caching, which will unpack into the same variables.
* mod_http_file_share: Fix the obligatory misplaced closing bracket (thanks ↵Kim Alvefur2021-01-271-1/+1
| | | | scansion)
* mod_http_file_share: Insert pauses to avoid blocknig for long periodsKim Alvefur2021-01-271-0/+8
| | | | Similar to the mod_mam cleanup job
* mod_http_file_share: Add support for removing old files (default 2 weeks)Kim Alvefur2021-01-271-1/+59
|
* mod_http_file_share: More security headersKim Alvefur2021-01-271-2/+4
|
* mod_http_file_share: Strip authorization type prefix a bit earlierKim Alvefur2021-01-271-2/+5
|
* mod_http_file_share: Factor out function for generating full filenameKim Alvefur2021-01-271-2/+6
|
* mod_http_file_share: Use '.bin' file extensionKim Alvefur2021-01-271-2/+3
| | | | | Distinct from '.dat' used by datamanager / internal stortage for Lua object storage so that they can't easily be loaded by accident that way.
* mod_http_file_share: Validate file size early in HTTP PUT requestKim Alvefur2021-01-271-0/+5
|
* mod_http_file_share: Move Authorization type stringKim Alvefur2021-01-271-2/+2
| | | | It belongs with the header more than the token itself
* mod_http_file_share: Add some loggingKim Alvefur2021-01-271-0/+14
|
* mod_http_file_share: Handle content-type being optionalKim Alvefur2021-01-271-2/+2
|
* mod_http_file_share: Reject invalid file sizesKim Alvefur2021-01-272-0/+17
|
* mod_http_file_share: Fix name of max-file-size tagKim Alvefur2021-01-271-1/+1
|
* mod_http_file_share: Expand registry to fix extra tagKim Alvefur2021-01-271-5/+6
| | | | | Error registry compact format doesn't support extra.tag so needs to be the more verbose format
* mod_http_file_share: Verify final file size on completion of uploadKim Alvefur2021-01-271-0/+5
|
* mod_http_file_share: Add file type filterKim Alvefur2021-01-263-0/+20
| | | | | Unlike mod_http_upload, this can't be bypassed by uploading with a different file extension.
* mod_http_file_share: Add file size limit (default 10M)Kim Alvefur2021-01-263-0/+30
|
* mod_http_file_share: Validate that filename does not contain '/'Kim Alvefur2021-01-262-0/+19
|
* mod_http_file_share: Return proper error if unauthorizedKim Alvefur2021-01-261-1/+5
|
* mod_http_file_share: Add basic access controlKim Alvefur2021-01-261-1/+7
| | | | Partly lifted from mod_external_services
* mod_http_file_share: Add support for external file upload serviceKim Alvefur2021-01-262-3/+9
| | | | | PUT /upload/:slot/:filename Authorization: Bearer JWT{ uploader, filename, filesize, filetype, exp }
* mod_http_file_share: Let's write another XEP-0363 implementationKim Alvefur2021-01-265-0/+229
| | | | | | | | | | This variant is meant to improve upon mod_http_upload in some ways: * Handle files much of arbitrary size efficiently * Allow GET and PUT URLs to be different * Remember Content-Type sent by client * Avoid dependency on mod_http_files * Built-in way to delegate storage to another httpd
* util.interpolation: Add test for #1623Kim Alvefur2021-01-251-0/+5
|
* Merge 0.11->trunkKim Alvefur2021-01-251-2/+2
|\
| * util.interpolation: Fix combination of filters and fallback values #1623Kim Alvefur2021-01-251-2/+2
| |
* | util.startup: Make installer_plugin_path relative to data directoryKim Alvefur2021-01-241-3/+2
| | | | | | | | | | | | Having it relative to current working directory is problematic since this depends on how Prosody was started and changes to the data directory during startup (but after this point).
* | util.startup: Don't create installer plugin path (as root)Kim Alvefur2021-01-241-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | Since this runs before dropping root, the directory ends up being owned by root, resulting in luarocks failing to install anything, since by then it would be running as the prosody user. luarocks creates this directory if needed, so creating it during startup is not necessary. One potential issue is if the directory is somewhere where Prosody can't write, but then you will simply have to create it yourself with the appropriate permissions.
* | util.prosodyctl.check: Recognise global options related to plugin installerKim Alvefur2021-01-211-0/+1
| |
* | net.unbound: Fix to initialize under prosodyctlKim Alvefur2021-01-211-0/+1
| | | | | | | | | | Lazy initialization only worked for async queries, but prosodyctl check dns uses sync queries.
* | prosodyctl: Add reference to #1602 (plugin installer docs) in commentKim Alvefur2021-01-211-0/+1
| |
* | prosodyctl: Move message after conditionKim Alvefur2021-01-211-1/+1
| | | | | | | | If the condition is false, the message becomes a lie!
* | util.prosodyctl: Remove unused calculation [luacheck]Kim Alvefur2021-01-211-1/+1
| |
* | util.prosodyctl: Rename unused variable to '_' [luacheck]Kim Alvefur2021-01-211-1/+1
| |
* | prosodyctl: Fix copypaste oversightKim Alvefur2021-01-211-2/+2
| |
* | util.prosodyctl: Always return exit code from luarocksKim Alvefur2021-01-211-4/+1
| | | | | | | | os.exit(true) errors on Lua 5.1
* | prosodyctl: Abort if no plugin source specified for the installerKim Alvefur2021-01-211-1/+7
| | | | | | | | Better than having a non-working default.
* | prosodyctl: Move UI related calls out of util.prosodyctlKim Alvefur2021-01-212-8/+5
| | | | | | | | | | I think this follows the general separation of duties between prosodyctl and util.prosodyctl better.
* | prosodyctl: Use luarocks status code as exit codeKim Alvefur2021-01-211-3/+6
| | | | | | | | Enables some shell level error handling
* | util.prosodyctl: Reword message to sound more naturalKim Alvefur2021-01-211-1/+1
| | | | | | | | | | | | | | English is hard. "to" might also work, but we'll go with this for now. 18:32:11 <MattJ> s/at/in/ ? 18:32:19 <MattJ> to match luarocks :)
* | util.prosodyctl: Propagate status from luarocks invocationKim Alvefur2021-01-211-1/+6
| |
* | util.prosodyctl: Use installer path prepared by util.startupKim Alvefur2021-01-211-10/+1
| |
* | lint: Add initial semgrep configKim Alvefur2021-01-181-0/+24
| |
* | util.datamanager: Fix not passing variables as format string to logger ↵Kim Alvefur2021-01-161-1/+1
| | | | | | | | | | | | | | (thanks semgrep) Passing error messages as format string could lead to errors, although not a problem anymore since util.format sanitizes this.
* | core.modulemanager: Fix resource location compat with LuaRocks 2.xKim Alvefur2021-01-161-1/+1
| | | | | | | | | | The path doesn't include lua version, at least least on Debian, which still has luarocks 2.x