colin
/
sharded-gotify
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
552 Commits 1 Branch 0 Tags 4.4 MiB
Go 65.1%
TypeScript 30.7%
JavaScript 1.6%
Makefile 1%
Shell 0.8%
Other 0.8%
Go to file
Jannis Mattheis 925fb7e2c9 Fix file upload XSS 
The application image file upload allowed authenticated users to upload
malious .html files. Opening such a file like

https://push.gotify.net/image/ViaxrjzNowdgL-xnEfVV-Ggv5.html

would allow the attacker to execute client side scripts.

The application image upload will now only allow the upload of files
with the following extensions: .gif, .png, .jpg and .jpeg.
 		2022-12-28 20:13:35 +01:00
.github Update golang ci action 2022-12-03 11:42:19 +01:00
api Fix file upload XSS 2022-12-28 20:13:35 +01:00
auth Update docs 2022-12-03 10:45:07 +01:00
config Add registration 2021-08-04 19:39:43 +02:00
database Update linter 2022-05-29 19:45:45 +02:00
docker Add linux/riscv64 project support 2022-11-09 19:01:20 +01:00
docs Update docs 2022-12-03 10:45:07 +01:00
error Update gin-gonic 2020-05-08 15:16:43 +02:00
hack/packr Update packr/v2 2020-03-07 20:15:25 +01:00
mode Use golangci-lint 2020-11-01 10:47:02 +01:00
model Fix required mismatch in update & create user 2022-09-10 16:47:22 +02:00
plugin Log loaded plugins 2022-09-11 17:29:31 +02:00
router Mask token in log 2021-09-27 17:46:12 +02:00
runner Fix redirect to https with default http port 2022-12-03 11:42:19 +01:00
test Fix file upload XSS 2022-12-28 20:13:35 +01:00
ui Add priority colors 2022-10-21 20:39:50 +02:00
.editorconfig Add .editorconfig file. 2020-02-11 17:27:22 +01:00
.gitignore Change default folder & db path to data/* 2018-05-10 12:34:35 +02:00
.golangci.yml Update linter 2022-05-29 19:45:45 +02:00
CODEOWNERS Add code owners 2019-03-16 14:28:09 +01:00
CODE_OF_CONDUCT.md Add code of conduct 2018-03-02 21:04:51 +01:00
CONTRIBUTING.md improve CONTRIBUTING.md (#181) 2019-04-04 23:03:21 +08:00
GO_VERSION Update to go1.19 2022-09-10 16:47:22 +02:00
LICENSE Use logo from gotify/logo. 2019-03-08 16:03:34 +01:00
Makefile Add linux/riscv64 project support 2022-11-09 19:01:20 +01:00
README.md Migrate to github actions 2021-01-06 14:27:55 +00:00
SECURITY.md Create SECURITY.md 2021-09-26 20:46:58 +00:00
app.go Update linter 2022-05-29 19:45:45 +02:00
config.example.yml Fix keep alive setting comment 2021-09-07 21:29:11 +02:00
go.mod Update other go deps 2022-09-10 16:50:01 +02:00
go.sum Update other go deps 2022-09-10 16:50:01 +02:00
ui.png [ImgBot] Optimize images 2019-01-20 12:00:36 +01:00

README.md

gotify/server

Build Status codecov Go Report Card Matrix Docker Pulls latest release

Intro

We wanted a simple server for sending and receiving messages (in real time per WebSocket). For this, not many open source projects existed and most of the existing ones were abandoned. Also, a requirement was that it can be self-hosted. We know there are many free and commercial push services out there.

Features

Gotify UI screenshot
  • send messages via REST-API
  • receive messages via WebSocket
  • manage users, clients and applications
  • Plugins
  • Web-UI -> ./ui
  • CLI for sending messages -> gotify/cli
  • Android-App -> gotify/android

Get it on Google Play Get it on F-Droid

(Google Play and the Google Play logo are trademarks of Google LLC.)

Documentation

InstallConfigurationREST-APISetup Dev Environment

Contributing

We welcome all kinds of contribution, including bug reports, feature requests, documentation improvements, UI refinements, etc. Check out CONTRIBUTING.md for guidelines.

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

License

This project is licensed under the MIT License - see the LICENSE file for details