summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2020-07-28Allow single VT match on specific resultsJon Bergli Heier1-1/+3
By including a result name in the VIRUSTOTAL_SINGULAR_MATCHES setting we can override VIRUSTOTAL_MINIMUM_POSITIVES. This is useful for some matches that's usually only matched by a few engines, such as phishing.
2019-12-08filesystem: Fix error on max file sizeJon Bergli Heier1-3/+2
Move the chmod call into the try block so we always call this when add_file succeeds, otherwise new_file might not be set yet and we will get an UnboundLocalError.
2019-12-07s3: Delete file if add_file raises an exceptionJon Bergli Heier1-1/+5
2019-12-07Add max file size configurationJon Bergli Heier4-3/+19
This allows configuring max file sizes for both registered and anonymous users. For registered users the USER_FILE_SIZE_LIMIT is used, and ANONYMOUS_FILE_SIZE_LIMIT for anonymous users. If the size is not specified or None, the limit is not enforced. Setting the limit to 0 effectively disables uploads.
2019-12-06Default Storage.get_file thumb to FalseJon Bergli Heier1-1/+1
Usually we want the file data, not the thumbnail.
2019-12-06Change bootstrap-filestyle name on drop or pasteJon Bergli Heier1-0/+2
This makes sure the upload form is visually updated when dropping or pasting a file.
2019-12-06Fix displaying total file sizeJon Bergli Heier1-3/+3
Wrap the call to get_size() in a generator so we don't have to look up the files (if needed) twice.
2019-12-06Flash oauth error when server returns an error fieldJon Bergli Heier1-0/+3
2019-12-06login: Add missing commit when updating sessionJon Bergli Heier1-0/+1
2019-12-05s3: Fix typosJon Bergli Heier1-2/+2
2019-08-17Fetch and store thumbnails via storage modulesJon Bergli Heier4-28/+80
This will allow us to remotely store thumbnails in case of S3. For S3 the thumb bucket is configurable to allow these to be stored separately. The S3 key for thumbnails does not conflict with files, so these can be stored in the same bucket if needed.
2019-08-17file_storage.filesystem: Set file mode if configuredJon Bergli Heier1-0/+3
Regression since b72ecc321c315bafe40cc7406e87e088564ab8a9. This is needed eg. when using X-Sendfile so that the web server can access the files.
2019-08-14Allow specifying minimum positives for virustotal resultsJon Bergli Heier1-1/+1
2019-07-24fbin-scanner: Default STORAGE_MODULE to fbin.file_storage.filesystemJon Bergli Heier1-1/+1
2019-07-24Add Docker configJon Bergli Heier3-0/+38
2019-07-24fbin-scanner: Add support for file storage modulesJon Bergli Heier1-17/+20
2019-07-24gitignore: Add *.sqliteJon Bergli Heier1-0/+1
2019-07-24Add file storage modulesJon Bergli Heier5-41/+174
Allows for storing files other places than the local file system. Currently the local filesystem and S3 are supported.
2019-07-23Make no file uploads message use all five columnsJon Bergli Heier1-1/+1
2019-04-08fbin-scanner: Fix size limitJon Bergli Heier1-1/+1
2019-04-02fbin-scanner: Remove debug filterJon Bergli Heier1-1/+1
2019-04-02fbin-scanner: Remove debug breakJon Bergli Heier1-1/+0
2019-04-02Add support for blocking filesJon Bergli Heier3-2/+131
Files are blocked if blocked_reason is non-NULL. This value is currently not exposed publicly, instead a 404 will be returned. Files are scanned using virustotal.com's public API if scanned is False. Scans are performed by the fbin-scanner.py script. If a match is found, blocked_reason is set to the payload received. Files that are not in VT's database will be automatically submitted and the script will wait for the scan to complete before continuing.
2019-03-27Return 404 if physical file does not existJon Bergli Heier1-1/+1
2018-08-06Add video list and video thumbnailsJon Bergli Heier4-11/+35
Add a separate video page for listing uploaded videos. The thumbnail endpoint now supports generating video thumbnails using ffmpegthumbnailer.
2018-07-18Fix writing thumbnails from transparent imagesJon Bergli Heier1-1/+1
JPEG does not support alpha channels, so remove RGBA from the list of valid modes.
2018-02-15Add support for pasting files.Jon Bergli Heier1-0/+6
2017-08-16Added drag and drop support to the upload form.Jon Bergli Heier2-1/+51
2017-08-16Run debug app with threads to avoid hanging.Jon Bergli Heier1-1/+1
For some reason chrome sometimes does two requests on redirect, where the first in unused, causing the second to hang because we only process one request at a time.
2017-04-22Added upload API.Jon Bergli Heier7-48/+205
Also updated the API (previously help) page.
2017-04-09Fixed renaming files.Jon Bergli Heier1-1/+2
2017-04-09Major rewrite to use jab/oauth.Jon Bergli Heier44-966/+1342
Highlights: - Uses the oauth branch of jab. - Changed design to use bootstrap. - Some minor changes to functionality in file uploading and listing. - API is currently disabled and incomplete.
2017-02-11Fixed uploading small files.Jon Bergli Heier1-2/+4
For small files the file attribute is a StringIO object instead of a NamedTemporaryFile. For cStringIO we're not allowed to set the delete attribute, so check wether the object already has a delete attribute before attempting to set it.
2016-04-03Delete thumbnails when deleting files.Jon Bergli Heier1-0/+3
2016-03-28Auto-delete temporary files by default.Jon Bergli Heier1-3/+2
This fixes multipart upload where temporary files are created for all fields. Instead we explicitly set the uploaded file itself to not be auto-deleted. This doesn't work on Windows (see NamedTemporaryFile for more details).
2016-03-27Fixed formatting in API 'Unknown method' message.Jon Bergli Heier1-1/+1
2016-03-27Added the test_token API method.Jon Bergli Heier1-0/+8
This API method checks whether the provided token is valid or not.
2016-03-26Fixed error handling on image thumbnails.Jon Bergli Heier4-12/+19
Replaced jquery-lazyload with jquery.lazy which provides an onError event handler.
2014-02-10Use jab id instead of username as user key.Jon Bergli Heier2-35/+24
2014-02-09Return rendered templates as lists.Jon Bergli Heier1-17/+17
2014-02-08Updated help page.Jon Bergli Heier1-4/+10
2014-02-08Login using single signon via jab web, cleanup old stuff.Jon Bergli Heier2-140/+80
2014-02-07Added support for authentication via jab.Jon Bergli Heier3-106/+92
2014-02-04Added lazy load to image page.jablessJon Bergli Heier6-7/+22
2013-10-01Added options for persistent login.Jon Bergli Heier2-6/+32
2013-10-01Fixed uploading when anonymous uploads are disabled while logged in.Jon Bergli Heier1-1/+1
2013-08-31Return 404 if file hash does not exist.Jon Bergli Heier1-2/+2
2013-08-30Added settings for registrations and uploads.Jon Bergli Heier10-57/+113
* create_active_users: Controls whether new user accounts are created as 'active'; accounts that are not marked as active will not be able to log in, and will be automatically logged out if they're already logged in. * allow_registration: Allow or disallow creation of new user accounts. Any attempts to access the registration page will result in an error message. * allow_anonymous_uploads: Allow or disallow uploading of files by anonymous (not logged in) users. Combined with either allow_registration or create_active_users, this will effectively create a private filebin where the admin must explicitly create or activate new users.
2013-08-30Properly return favicon.ico if it exists.Jon Bergli Heier1-2/+8
2013-08-30Added ip and accessed to the 'files' table.Jon Bergli Heier2-7/+17
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 11:17:57 +0200