colin
/
sharded-gotify
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
726 Commits 1 Branch 0 Tags 4.4 MiB
Commit Graph

21 Commits

Author SHA1 Message Date
Laurence Jones 71e38b9824
Add file type restriction to image upload input using accept attribute (#872) 
* Add file type restriction to image upload input using accept attribute

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

---------

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
Co-authored-by: eternal-flame-AD <yume@yumechi.jp>
 2025-11-05 21:03:06 +00:00
Jannis Mattheis 9592cc95c9 fix: update go-swagger 2023-09-16 21:06:54 +02:00
chrispruitt 72bd8c8ba6
Add default message priority for applications 
Co-authored-by: Jannis Mattheis <contact@jmattheis.de>
 2023-07-19 18:15:01 +00:00
Helmut K. C. Tessarek 5cd2d5411f
Add delete application image endpoint 2023-05-28 13:59:49 +00:00
Jannis Mattheis 33d86e41c2 Only serve image files on ./image 
This is an addition to the existing XSS fix in the previous commit.
 2022-12-29 12:46:41 +01:00
Jannis Mattheis 925fb7e2c9 Fix file upload XSS 
The application image file upload allowed authenticated users to upload
malious .html files. Opening such a file like

https://push.gotify.net/image/ViaxrjzNowdgL-xnEfVV-Ggv5.html

would allow the attacker to execute client side scripts.

The application image upload will now only allow the upload of files
with the following extensions: .gif, .png, .jpg and .jpeg.
 2022-12-28 20:13:35 +01:00
mateuscelio 0fb584d7f7 Update docs 2022-12-03 10:45:07 +01:00
mateuscelio f16ce59e6c
Prevent setting id while inserting / updating applications 2022-07-24 08:48:14 +00:00
Jannis Mattheis 3454dcd602 Use golangci-lint 2020-11-01 10:47:02 +01:00
Jannis Mattheis 757fa17d26 Use int64 as input 2020-06-24 18:32:35 +02:00
Jannis Mattheis 7b90b8a8f5 Use v2 in package path 2020-05-08 10:43:17 +02:00
饺子w 67493c643e Return 500 server error on database failures (#191) 2019-05-25 08:37:24 +02:00
饺子w efcf4ad13d Use crypto/rand for token generation (#161) 2019-03-16 11:10:28 +01:00
饺子w ec5b1f8c30 Support reverse proxy with path rewrite (#127) 2019-02-13 18:47:48 +01:00
eternal-flame-AD e5b24f4c92 Add plugin feature 
Fixed database migration
Added a plugin system based on the go plugin package
 2019-02-09 12:52:01 +01:00
Jannis Mattheis ec2c3da9d4 Add summary for updateApp and uploadImg api 2018-11-24 11:31:32 +01:00
Jannis Mattheis 76ca344b77 Make security more compact 2018-11-24 11:31:32 +01:00
Jannis Mattheis 9e7859c36c Add missing bad request / not found definitions 2018-11-24 11:31:32 +01:00
Jannis Mattheis dfb71dabbc Make produce/consumes more compact 2018-11-24 11:31:32 +01:00
Jannis Mattheis c841e1cd24 Move swagger comments to api 2018-11-24 11:31:32 +01:00
Eugene Gavrilov 4a6863eda2 [#69] add end-point for update application name and description 2018-11-23 21:39:07 +01:00