Commit graph

1563 commits

Author SHA1 Message Date
Dmitry Sandalov 5d8de5fde2
Allow user to subscribe to playlist (#17) 2020-05-17 14:28:00 +03:00
Omar Roth 750ef296c6
Update captcha handler 2020-05-13 16:09:39 -05:00
Omar Roth 454ae8656a
Cleanup request headers 2020-05-08 09:00:53 -05:00
Omar Roth 75450dcdbc
Update signature param 2020-05-08 08:59:09 -05:00
mendel5 9d23cf33fd
Consistent IDs for info section (#1133) 2020-04-30 15:01:29 -05:00
Omar Roth 97eb01a28d
Merge weblate 2020-04-20 16:46:00 -05:00
Omar Roth 408f3852ec
Hide playlist widget when user has no playlists 2020-04-15 16:30:02 -05:00
Omar Roth 7bb7003c9d
Fix authorThumbnails in /api/v1/channels 2020-04-10 11:49:51 -05:00
Omar Roth 920463f2ff
Fix playlist_ajax 2020-04-10 11:49:18 -05:00
Omar Roth ca1185d0be
Fix warnings in latest version of Crystal 2020-04-09 12:18:09 -05:00
Omar Roth 02d4186b11
Fix player matching 2020-04-09 10:55:50 -05:00
Omar Roth 3f97bebd69
Support adding video to playlist from watch page 2020-04-09 10:55:32 -05:00
Omar Roth 2e378da922
Add support for Swedish locale 2020-04-04 15:57:29 -05:00
Omar Roth b37f51bd7f
Fix /c/ redirect 2020-04-04 15:31:24 -05:00
Omar Roth c97cdf551e
Refactor extract_plid 2020-03-30 14:27:07 -05:00
Omar Roth 3b2e142542
Fix JSON serialization 2020-03-29 18:04:44 -04:00
Omar Roth 92798abb5d Add manifest-src to CSP 2020-03-19 13:41:08 -05:00
Omar Roth 59a15ceef6
Remove VarInt class 2020-03-15 17:47:16 -04:00
Omar Roth 4011a113cc
Strip invalid characters from referer URLs 2020-03-15 17:47:16 -04:00
leonklingele 70cbe91776
Migrate to a good Content Security Policy (#1023)
So attacks such as XSS (see [0]) will no longer be of an issue.

[0]: https://github.com/omarroth/invidious/issues/1022
2020-03-15 16:46:08 -05:00
Omar Roth f92027c44b
Escape 'sort_by' 2020-03-10 11:25:32 -04:00
Omar Roth 1443335315
Switch textcaptcha to HTTPS 2020-03-10 11:12:11 -04:00
Omar Roth bb72672dd9
Replace static asset requests with QUIC 2020-03-06 13:53:35 -05:00
Omar Roth d96dee3aa6
Add debug info to videoplayback 2020-03-06 13:50:00 -05:00
Omar Roth bd0aaa343b
Prevent storyboards from hanging 2020-03-05 13:49:06 -05:00
Omar Roth a117d87f33
Skip validation checks for videoplayback, ggpht 2020-03-04 13:06:17 -05:00
Omar Roth 9dc4f8a1aa
Escape item titles in search page 2020-03-04 13:03:14 -05:00
leonklingele 0d536d11e3
Verify token signature in constant time, Run cheap checks first in token validation process (#1032)
* Verify token signature in constant time

To prevent timing side channel attacks

* Run cheap checks first in token validation process

Expensive checks such as the nonce lookup on the database or the
signature check can be run after cheap/fast checks.
2020-03-02 10:04:36 -06:00
Omar Roth e21f770485
Fix status check for channel page 2020-02-28 15:57:45 -05:00
Omar Roth 697c00dccf
Sanitize PLID 2020-02-28 14:10:01 -05:00
Omar Roth 1caf6a3298
Fix deadlock when updating notifications 2020-02-28 13:13:48 -05:00
Omar Roth 02fd02d482
Remove DB array concatenation 2020-02-28 12:14:29 -05:00
Pedro Lucas Porcellis 239fb0db94
Remove duplicated Github logo on footer (#986)
* Remove duplicated Github logo on footer
2020-02-20 18:50:54 -05:00
Omar Roth 43da06a354
Remove temp fix for crystal/crystal-lang#7383 2020-02-20 18:30:46 -05:00
Omar Roth fea6b67067
Remove 'type' attribute from community embed 2020-02-20 18:30:46 -05:00
Leon Klingele bc9dc3bf1e
Update code formatting for Crystal 0.33.0
Crystal 0.33.0 introduced some changes to to the code formatter.
Run "crystal tool format" so CI doesn't fail anymore.
2020-02-15 19:52:28 +01:00
Leon Klingele e3c10d779d
Add support to read config from environment variable
Try to read app config from the "INVIDIOUS_CONFIG" environment variable.
If the variable is undefined, read config from config.yml file as before.

Required by https://github.com/omarroth/invidious/pull/1015 et al.
2020-02-04 15:53:46 +01:00
Omar Roth 9841f74adc
Add handling for comments with no content 2020-02-01 12:14:37 -05:00
Omar Roth b56e493d92
Remove frameborder from community embeds 2020-02-01 11:23:12 -05:00
Omar Roth a2c5211b20
Check /browse_ajax for channel blocks 2020-02-01 11:23:12 -05:00
Omar Roth 648cc0f006
Refactor signature extraction 2020-01-24 17:02:28 -05:00
Omar Roth 7baced75e5
Fix channel redirect 2020-01-14 08:21:17 -05:00
Omar Roth 7b88d0efe3
Minor refactor 2020-01-08 20:27:21 -05:00
Omar Roth 4aada65dae
Fix channel playlists for genre channels 2020-01-08 20:26:47 -05:00
Omar Roth 88a538e71b
Minor refactor for channel playlists 2019-12-05 15:47:35 -05:00
Omar Roth 513363504f
Add better error message for fetch_channel 2019-12-05 15:46:21 -05:00
Omar Roth 0e844edacb
Add support for pt-BR 2019-12-05 15:26:35 -05:00
Omar Roth 1499ce43bf
Add support for Romanian locale 2019-12-03 19:41:58 -05:00
Omar Roth 823603650f
Add support for /sorry/index CAPTCHA 2019-12-03 19:14:11 -05:00
Omar Roth 062867a38d
Strip domain from caption URLs 2019-12-01 17:52:39 -05:00