Commit graph

21 commits

Author SHA1 Message Date
jj
3e36c5e2ca
Merge branch '7.11' into encrypt-stream
Signed-off-by: jj <log@riseup.net>
2024-03-05 17:58:37 +01:00
dumbmoron
7fab5a37ff
crypto: use secret directly instead of deriving key 2024-03-05 16:49:00 +00:00
wukko
97f4528e92 core/api: update checkSafeLength 2024-03-05 21:15:32 +06:00
wukko
6ed03b0035 crypto: rename sha256 func to generateHmac
it has always been actually hmac
2024-03-05 20:55:17 +06:00
wukko
c22d76444b core/api: remove unnecessary Math.floor for timestamp 2024-03-05 20:41:33 +06:00
wukko
18056dc7af cors: revert cors name change in serverInfo 2024-03-05 20:13:01 +06:00
wukko
011a0127b4 env: rename ENABLE_CORS to CORS_WILDCARD for better clarity 2024-03-05 19:20:56 +06:00
wukko
e16ee6c1d3 env: readable environment variables in all files
apiPort -> API_PORT
apiURL -> API_URL
apiName -> API_NAME
cors -> ENABLE_CORS
cookiePath -> COOKIE_PATH

webPort -> WEB_PORT
webURL -> WEB_URL
showSponsors -> SHOW_SPONSORS
isBeta -> IS_BETA
2024-03-05 19:08:59 +06:00
wukko
e282a9183f stream: encrypt cached stream data & clean up related modules
also limited CORS methods to GET and POST
2024-03-05 18:14:26 +06:00
wukko
f8f85b771b api core: fix cors env variable 2024-02-16 08:39:31 +06:00
dumbmoron
a375000ae9
api: use req.ip instead of cloudflare headers, ratelimit ipv6 by prefix
allows for more versatile configurations that do not necessarily have to use cloudflare

also ratelimits IPv6 addresses by prefix instead of individual addresses
currently set at /56, which should not be too strict
(yet allows a /48 holder to make 256 as many requests instead of 2^80 as many requests), change if needed
2024-01-31 10:36:19 +00:00
wukko
ddc87ca42b
api: clean url upon entry, not down the road 2023-12-25 12:34:20 +00:00
wukko
afab7f94a7 api & web: ports in env are no longer strictly required 2023-12-02 22:01:58 +06:00
wukko
f4b486a236 actually use rate-limit status 2023-08-14 01:51:55 +06:00
wukko
c5681bba94 making deepsource happy 2023-08-11 22:07:34 +06:00
wukko
43a3ebf475 7.0: ui refresh and more 2023-08-05 00:43:12 +06:00
wukko
65161107fa 6.2: no more ip verification
- removed ip verification and updated privacy policy to reflect this change.
- streamable links now last for 20 seconds instead of 2 minutes.
- cleaned up stream verification algorithm. now the same function isn't run 4 times in a row.
- removed deprecated way of hosting a cobalt instance.
2023-06-27 19:56:15 +06:00
wukko
527ca29215 6.0
in this commit:
- enhanced css (hover border, less annoying donate highlight, checkbox width fix for mobile, more consistent color scheme)
- addition of an urgent notice (in this case it mentions all issues related to old infra being fixed)
- updated twitter picker test
- changelog for 6.0
- removed partial translations
2023-06-07 21:41:06 +06:00
wukko
66c797e252 oops 2023-06-05 12:47:03 +06:00
wukko
55f1e4b704 tumblr audio, youtube vr, updated setup script, further mitosis accommodations 2023-06-05 12:43:04 +06:00
wukko
9edc4bd61b new inner layout
- one main controlling script (cobalt.js).
- added api server name to serverInfo endpoint.
- one dockerfile.
- less mess.
2023-05-22 01:13:05 +06:00