summaryrefslogtreecommitdiffstats
path: root/application
AgeCommit message (Collapse)AuthorFilesLines
2012-04-09upload_form: Display everything but forms if not logged in.Florian Pritz1-1/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Fix netrc information on client page.Florian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09add history link to header; fix indentationFlorian Pritz1-6/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Redirect to / if log in successfulFlorian Pritz2-5/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09upload_form(): don't require a userFlorian Pritz1-2/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Don't show delete button when not foundFlorian Pritz1-25/+25
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09muser: fix handling of cli clients without accountFlorian Pritz3-11/+18
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Improve handling of cli clients without accountFlorian Pritz1-2/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09fix missing $username when including header from file_modFlorian Pritz2-25/+28
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09declare used class variablesFlorian Pritz1-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09do_upload(): fix errors if no file was uploadedFlorian Pritz1-1/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09remove password from text formFlorian Pritz1-2/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Revert "Disable paste box"Florian Pritz2-23/+22
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09improve page titlesFlorian Pritz2-5/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09more user changesFlorian Pritz4-56/+55
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09start working on usersFlorian Pritz17-68/+280
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09add helper script to create split css filesFlorian Pritz1-0/+26
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09improve start page for cli clientsFlorian Pritz2-4/+20
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Set 404 if a paste doesn't existFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Remove upload box on UI.Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Fix HTML syntax errorFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Disable paste boxFlorian Pritz2-21/+22
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-05Disable search indexingFlorian Pritz1-0/+1
All links will become invalid pretty soon so this just leads to lots of dead links in the bots search index. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-02Fix "Unknown ID" typoFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-03-28add scheme highlightingFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-03-09CSP: allow object-srcFlorian Pritz1-1/+1
Video files won't play without this. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-26fix handling of ocaml mimetypeFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19move stale file removal to it's own functionFlorian Pritz1-5/+9
This shouldn't be needed and it's also pretty slow. No need to run it with ever cronjob. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19file/cron: make accessible via CLI onlyFlorian Pritz1-1/+6
In production environments the cronjob might run quite some time and could be used to overload the server. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19file/cron: close dir handles after useFlorian Pritz1-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19file/cron: clean up stale filesFlorian Pritz1-0/+33
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19Implement CSP for direct file downloadsFlorian Pritz1-0/+3
With this header we tell the browser to ignore javascript, frames and objects which decreases the exploitability of simple html pastes if viewed raw ("<domain>/<id>", without a tailing slash) quite a lot. You can still upload arbitrary files containing javascript code, but the browser will refuse to execute it. References: https://wiki.mozilla.org/Security/CSP/Specification Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19encode special chars in some placesFlorian Pritz2-3/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-14bump geshi to 1.0.8.10Florian Pritz207-497/+11171
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-01-25strip base64 decoded file of special charsFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-01-25allow client to overwrite filenameFlorian Pritz1-1/+12
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18remove superfluous spaceFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18uplaod_from: fix feature description for binary filesFlorian Pritz1-1/+1
/ID/plain will work too. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18fix left over mime2extension call and commentsFlorian Pritz1-4/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18only calculate field lengths for cli clientsFlorian Pritz1-5/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18factorise mode detectionFlorian Pritz1-8/+36
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18improve readability of download()Florian Pritz1-13/+17
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18use the same date for if-modified-since everywhereFlorian Pritz1-2/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18remove parameter of client()Florian Pritz1-4/+4
Parameters of controller functions are treated as url parameter so file/client/0 would also disable the headers. The cli client has empty headers anyway so just check that. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18fix missing space on upload_historyFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18display more information on delete_formFlorian Pritz2-5/+39
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18add delete icon on upload_historyFlorian Pritz2-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17use perl from PATH and copy markdown.pl to scripts/Florian Pritz2-6/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17remove php code from upload_from.jsFlorian Pritz1-1/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17move JS of upload_form to separate fileFlorian Pritz1-65/+1
The code hardly changes so it should be cached by the browser. This won't work if it's inlined. Signed-off-by: Florian Pritz <bluewind@xinu.at>