| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Reader now reads headers into stream, and some checks are added there
and in UploadFileClientHandler, so if headers are too long, they are
treated as bad request.
|
|
I accidentally tried "folder../" instead "folder/../" and understood
that I made "folder../" forbidden too, though it's a valid folder name.
|
|
Now if there is no "rootpath" specified, it's not even listed by
FilesPageHandler and ListAjaxHandler. And, of course, not available to
use anywhere else.
|
|
Paths containing '../' are forbidden to use in Files Manager. There is
also a special inner black list of paths which are not used and a check
that specified path is under "savepath" or "rootpath" (from "cloud"
domain).
|
|
|
|
StorageWizardDialog now runs LocalWebserver in "minimal mode" for
security reasons. In this mode server uses only those handlers which
state to support it.
There are two handlers which support minimal mode: IndexPageHandler
(which handles `code` requests needed by StorageWizardDialog) and
ResourceHandler (which provides inner resources like `style.css` or
`logo.png` from `wwwroot.zip` archive).
|
|
Using a dedicated callback object for this was an unnecessary overhead.
|
|
It now redirects user on success not only when file was the last field
in the content, but also when it was uploaded already and Handler worked
further to search for more files.
|
|
Full version is used like in Eugene's Google Analytics stub. Plus, on
PS3 that string contains "PlayStation", and that would be cool to know
that ScummVM+libcurl+PS3 work together.
|
|
|
|
|
|
|
|
Remove unnecessary JSON warnings, fix a few places.
|
|
Add JSON checks in the callback.
|
|
More JSON checks.
|
|
Added JSON checks.
New jsonContainsObject() method added to CurlJsonRequest.
|
|
JSON checks in callback.
|
|
More JSON checks in callbacks.
|
|
JSON checks.
|
|
JSON checks added.
|
|
Adding more JSON checks there.
|
|
More JSON checks there.
|
|
Box's, Google Drive's and OneDrive's token refreshing requests have more
JSON checks now.
|
|
|
|
A few possible memory leaks about `_contentStream` there.
|
|
It now uses both CURLOPT_PROGRESSFUNCTION and CURLOPT_XFERINFOFUNCTION.
The latter is available in new libcurl (>= 7.32.0) only, thus the former
is added for older versions support.
|
|
|
|
The following constants must be defined if ENABLE_RELEASE is:
* RELEASE_DROPBOX_KEY,
* RELEASE_DROPBOX_SECRET,
* RELEASE_ONEDRIVE_KEY,
* RELEASE_ONEDRIVE_SECRET,
* RELEASE_GOOGLE_DRIVE_KEY,
* RELEASE_GOOGLE_DRIVE_SECRET,
* RELEASE_BOX_KEY,
* RELEASE_BOX_SECRET.
|
|
Commit adds kFeatureClipboardSupport. hasTextInClipboard() and
getTextFromClipboard().
OSystem_SDL has this feature if SDL2 is used.
EditableWidget and StorageWizardDialog use g_system to access clipboard
now.
|
|
Added prefixes, used debug(9).
|
|
|
|
Lots of checks to avoid JSON-related segfaults added.
|
|
|
|
|
|
|
|
It now uses special CurlJsonRequest static methods to check whether JSON
is an object, has a string or integer parameter.
|
|
It now checks for all keys in JSON to avoid segfaults and prints
warnings if passed keys are missing or have wrong types.
|
|
|
|
|
|
|
|
We need a way to reopen DumpFile if we want DownloadRequest to support
restarting.
|
|
|
|
"No Storage connected!" error message is passed to the error callback
now when there is no Storage connected to the CloudManager.
|
|
|
|
|
|
|
|
Now it's not hardcoded based on USE_SDL_NET, but one or another value is
used depending on currently selected LocalWebserver's port.
|
|
I knew there were some, but I wanted to fix them once, instead of doing
it all the time.
|
|
|
