Thomas Lynch
e87754f67e
reference #256 unique message per board/thread option
...
strips quote, so starting post with quote isnt considered unique
4 years ago
Thomas Lynch
4f25dada43
let log pages rebuild on board theme change close #270
4 years ago
Thomas Lynch
a2d34ac4af
close #265 global and board setting to disable .onion file posting
4 years ago
Thomas Lynch
f8862014f1
friendly error on gm image identify fail, because of a dumb issue with GM not handling animated webp close #266
4 years ago
Thomas Lynch
9558872c11
dont gif thumbnail static gifs
4 years ago
Thomas Lynch
35a6ef5ff7
ref #263 video thumbnail improvements and use ffmpeg
4 years ago
Thomas Lynch
6c0d4271ec
close #263 option to make >thumbSize gif images have animated thumbnails, smaller gifs always static
4 years ago
Thomas Lynch
6657f50e4d
add more options on the global manage boards list close #245
4 years ago
Thomas Lynch
e32cbae32c
Fix newline splitting in a few places and remove unnecessary hardcoded limit on global filters
4 years ago
Thomas Lynch
f9e15e23e8
option for boards to enforce unique files board wide or per thread
4 years ago
Thomas Lynch
f2df1aea4b
Global manage page for boards. Shows all boards including unlisted, and marks abandoned boards
4 years ago
Thomas Lynch
18240670cf
Let users self-delete their account, provided they dont hold any staff positions closes #240
4 years ago
Thomas Lynch
23b2858333
Make video thumbnail position work properly for webms, and make it configurable with new option videoThumbPercentage
4 years ago
Thomas Lynch
caade1698b
close #242
4 years ago
Thomas Lynch
18b58202e7
show last active date for accounts in globalnamage accounts page close #236
...
NOTE: based on last time session was refreshed and updated from db ~1h, or when a user logs in
4 years ago
Thomas Lynch
c19db93b83
little indent cleanup
4 years ago
Thomas Lynch
a8ede39f80
secureCookies only try to set secure:true when x-forwarded-proto is https closes #223
4 years ago
Thomas Lynch
24574862a2
Add file-type moodule to check file mime types strictly, with 2 optiosn in config about it
...
Update express-fileupload dependency to clean tempfiles on numFilesLimitHandler
Add a proper error message for max num files instead of allowing unlimited and limiting in board post method
4 years ago
Thomas Lynch
b20ca7cc20
Capcode input changes reference #222
...
If a user is board owner/mod, use higher capcode only if explicitly entered, else use board owner/mod capcode
Strip extra repititions
Default back to stafflevel for perm if theres a mismatch
4 years ago
Thomas Lynch
1399dda5fd
Json routes will hit backend & get 404'd there,
...
allows for pages with missing json that arent prebuilt to build when json route is hit,
without requiring html pageload first better for api
4 years ago
Thomas Lynch
5cecb13f22
Bugfix, when moderator has board transferred to them, they would hold both positions
4 years ago
Thomas Lynch
b597ac8159
ability to resign from a board you mod/own. previously you could not leave a mod position, and you could not leave owner position (unless you transfer) closes #196
4 years ago
Thomas Lynch
5aba64f743
yes, there is :^)
4 years ago
some random guy
6da100597e
use static/banner everywhere for banners
4 years ago
Thomas Lynch
211a3c860d
pluralise report text, small css prefix tweaks
4 years ago
Thomas Lynch
e99b884146
Use the proper country codes file in boarsettings
4 years ago
some random guy
5a093ce936
do not reroll dice when re-rendering markdown
4 years ago
Thomas Lynch
f192a0e09c
Captcha appearance and layout changes
4 years ago
Thomas Lynch
536aecffcc
Bug in RNG causing blocking, and make captcha show properly in modal for mobile
4 years ago
Thomas Lynch
14dc090e08
Migration, and a change that will make it not get completely destroyed by ddos over TOR
4 years ago
Thomas Lynch
60d36bbb6a
Make a bit more maintainable, support different captcha types with some config options
4 years ago
Thomas Lynch
28fdb8af81
small refactor, make captcha check separate. should be eaasier to add different captchas now
...
fix conditions for when to render bypass vs message page on failed captchas
use crypto timingsafeequal for comparing input to answer
4 years ago
Thomas Lynch
09e0bcb518
references #209 , add optional google recaptcha. implementation could use some polish, but it will work for now.
4 years ago
Thomas Lynch
f1db4f7317
Fix post history for tor user and remove manual addban form from non-global manage pages (for now)
4 years ago
Thomas Lynch
b0797f0418
Beta testing .onion support
...
***DO NOT USE***
This still has some issues and needs testing.
- needs updated nginx configs added, expects "TOR" in the x-country-code header under a separate vhost
- need to make sure bans work properly still
- need to implement system to prevent captcha ddos, since i cant just to IP ratelimit now
- im 99% sure post history of tor users is broken if viewed by non-global staff
- manual input ban form will also be broken for non-global staff
- could still use some improvement on the middleware having a little more complicated flor for tor users
But for the most part it works. Basically it will use the bypass id of a tor user as their "ip".
4 years ago
some_random_guy
0f20646833
use `redirect: false` in express.static
...
This prevents prolems like `/` giving 404 in devel mode (when
`static/html/index.html` is missing) or `/captcha` redirecting to
`/captcha/` (then breaking).
4 years ago
some random guy
cd789dba0c
remove unnecessary user object from session
...
It only had a single property, username.
4 years ago
some random guy
0190ae5a0b
less garbage is session store
...
authenticated: same as `user != null`
user.authLevel, user.ownedBoards, user.modBoards: refreshed by sessionrefresh on
each request anyways, so it doesn't make much sense to store them in the session
store too.
4 years ago
some random guy
6f1ab5292f
safer redirects with login/logout
...
* properly escape goto parameter
* do not redirect to anywhere, only to the same server, no query parameters
This should still allow valid targets, like `/account.html`,
`/boardname/manage/whatever` while disallow things like `https://othersite.com `.
4 years ago
Thomas Lynch
4e0fa3f092
apparently only one other place uses this hehe
4 years ago
Thomas Lynch
1f7e670c7c
modlog records for non-delete actions now link to posts closes #193
4 years ago
Thomas Lynch
8935ca5c28
Customisable header for IP and country code, and improve how country names are handled
4 years ago
Thomas Lynch
1b22fbb1de
no sticky posts on overboard #166
4 years ago
Thomas Lynch
36da8cc649
add a prefix just in case
4 years ago
Thomas Lynch
248b41081c
same shit for overboard
4 years ago
Thomas Lynch
a15b36c5b0
testing cache for board list #166
4 years ago
Thomas Lynch
ed5f8b7539
no sticky posts on overboard
4 years ago
Thomas Lynch
bf652855d0
no need to log that
4 years ago
Thomas Lynch
97ed9a91f0
seemsgood, closes #194
4 years ago
Thomas Lynch
fb5adeba06
remove debugging
4 years ago