Commit Graph

364 Commits

Author SHA1 Message Date
calzoneman 4f3adef1d3 Revert to git based sanitize-html for package.json 2015-01-16 19:27:41 -06:00
Calvin Montgomery 56d6eb8026 sanitize-html: replace github link with npm
The change I made to sanitize-html was merged and published to npm, so
there's no reason to depend on my fork anymore.
2015-01-08 20:07:02 -06:00
Calvin Montgomery eca8014369 deps: update sanitize-html 2015-01-08 20:07:02 -06:00
Calvin Montgomery 12f3161f50 XSS: Glob attributes data-*, aria-* 2015-01-08 20:07:01 -06:00
Calvin Montgomery 1c3a669279 Replace XSS filter with sanitize-html 2015-01-08 20:07:01 -06:00
calzoneman 8630c5972c deps: upgrade socket.io to 1.2.1 2015-01-08 17:57:44 -06:00
Calvin Montgomery b56809138c deps: update cytubefilters commit hash 2015-01-06 22:40:49 -05:00
Calvin Montgomery 829cc090fa Use graceful-fs to maybe prevent EMFILE 2015-01-02 23:22:48 -05:00
Calvin Montgomery 058b24323d Add cytubefilters to package.json 2014-12-28 19:07:39 -05:00
calzoneman da2d461941 Fix caching and add gzip 2014-11-16 21:06:10 -06:00
calzoneman 4c5d441931 Minor update 2014-10-24 10:30:23 -05:00
calzoneman 3f62cd7dfb Socket.io pls 2014-10-24 10:24:02 -05:00
calzoneman 6e0735f3fe Update to socket.io 1.0 2014-10-24 10:23:30 -05:00
calzoneman 088c547522 Update dependencies - execute npm update && npm rebuild after pulling 2014-08-19 22:27:59 -05:00
calzoneman 6dfeab9657 Update rest of dependencies 2014-08-19 00:46:30 -05:00
calzoneman 4eb81a84d9 Update nodemailer, yamljs, q 2014-08-19 00:36:31 -05:00
calzoneman c693e84a46 Update bcrypt and fix a deprecated reference in auth 2014-08-19 00:25:36 -05:00
calzoneman 020e2326b5 Replace own static and log functions with serve-static and morgan 2014-08-19 00:21:32 -05:00
calzoneman 5f7adc98ba Update express dependency 2014-08-19 00:07:24 -05:00
calzoneman 0f2b93e5c5 Increment version number 2014-08-15 11:41:09 -05:00
Calvin Montgomery b1709758fd Increment version number 2014-07-13 22:13:16 -07:00
Calvin Montgomery 0f11615a1f Increment version number 2014-07-10 19:52:16 -07:00
Calvin Montgomery 3dcdaf3045 Update version number 2014-06-25 20:13:03 -07:00
Calvin Montgomery f75ffe089c Toss out fluent-ffmpeg in favor of own parser 2014-06-08 21:03:29 -07:00
Calvin Montgomery ac10f05f21 Update ffmpeg loader to work with newer fluent-ffmpeg; fix playlists 2014-06-07 21:25:48 -07:00
Calvin Montgomery 02771e6623 Add raw video/audio playback with ffmpeg 2014-06-07 16:57:25 -07:00
Calvin Montgomery 9ea48f58cf Merge refactoring into 3.0 2014-05-20 19:30:14 -07:00
calzoneman 04dbb3444b Fix a few memory leaks; add /gc console command
3 memory leaks were fixed
  - ipThrottle (due to the periodic cleaner clearing the wrong object...)
  - ipCount (shouldn't have leaked very much, but removing obsolete data is good practice)
  - lastguestlogin (again, shouldn't leak much, but should be cleared periodically anyways)
A new console command (i.e. from the terminal running node) was added: /gc
  - If the process is invoked as node --expose-gc index.js, /gc allows you to manually invoke the garbage collector
2014-04-10 21:54:46 -05:00
calzoneman e973813718 Patch a memory leak caused by an earlier failsafe
A global object AllPlaylists was added back in v2 as a hardfix for an issue where playlists would continue to send updates after the channel was reloaded and the playlist object was obsolete.  This condition should no longer happen due to other fixes, so the only thing this object was doing was wasting memory.
2014-04-10 16:10:55 -05:00
Calvin Montgomery a2f2b1adc2 Add support for Vimeo's OAuth ("advanced") API
This allows for authenticated API requests.  Currently, the only reason
you would want to use this is to be able to add videos that are marked
private but still embeddable.
2014-04-04 20:06:16 -05:00
calzoneman 644437ea42 Directory cleanup 2014-02-18 22:00:56 -06:00
calzoneman 1cbb1c2a6a Add contact page 2014-02-13 18:15:22 -06:00
Calvin Montgomery 6fe31b9a3e Add configuration option to use express-minify for CSS and JS 2014-02-04 11:32:52 -06:00
calzoneman 5f3fa8922d Start working on event log 2014-01-27 18:37:48 -06:00
calzoneman 4a2366eb06 Switch config to YAML 2014-01-22 17:11:26 -06:00
calzoneman 0a2dd6cbbe Update package.json 2014-01-21 23:29:26 -06:00
calzoneman 760e14ca01 Fix package.json 2013-11-04 16:13:49 -06:00
calzoneman 4ad22308a0 Add module to block Tor IPs 2013-11-04 16:04:24 -06:00
calzoneman 2e77cb4499 Change channel dumping to a single interval rather than per-channel 2013-10-14 16:39:41 -05:00
calzoneman a23a55f6a2 Update changelog and version # 2013-10-01 23:02:31 -05:00
Calvin Montgomery dd0410eac7 Fix video lengths not showing in library 2013-08-23 21:06:29 -05:00
calzoneman 1294a7bd50 Fix banning guest names, add ban message to chat 2013-08-22 15:14:17 -05:00
calzoneman 1acf27d867 dev is now in final testing stages 2013-08-19 00:27:30 -05:00
calzoneman 8b3ae3b546 Merge dev into dbrefactor 2013-08-19 00:24:48 -05:00
calzoneman 40f3e875a8 2.3.3 - run update.js 2013-08-13 11:18:30 -04:00
calzoneman 44d5f42a36 Start switching to node-mysql 2013-08-12 10:34:57 -04:00
calzoneman e53a0eee4c Increment version number 2013-08-08 18:28:24 -04:00
calzoneman 2e79b01894 v2.3.1 (client only)
- Add a nice menu to userlist dropdowns for easily changing ranks
- Merge give/take leader into one button
- Move playlist lock button to the same button strip as voteskip/get playlist urls
- Add a volume slider for Soundcloud
2013-08-07 17:12:11 -04:00
calzoneman 22d5da5991 Update version number 2013-08-07 11:02:14 -04:00
calzoneman 15085fc6ae Minor fixes for v2.2
- If NO_WEBSOCKETS or USEROPTS.altsocket are true, don't use websockets
- Base resizing on an invisible div (some channels remove/hide #queue)
- Names are properly italicized when AFK
2013-08-04 11:44:48 -04:00
calzoneman 4937dca98e Ceil voteskip requirement instead of truncating 2013-08-01 16:11:11 -04:00
calzoneman a1b39833ed (Hopefully) fix voteskip problems 2013-08-01 09:39:10 -04:00
Calvin Montgomery 103e01042e Fix voteskip calculation 2013-08-01 00:03:56 -04:00
Calvin Montgomery 971cb18c9f Update version 2013-07-31 22:27:08 -04:00
calzoneman fe2985e8dd Save playlists with cached data 2013-07-30 09:07:30 -04:00
calzoneman 6899186600 Add cache TTL option; fixes 2013-07-28 17:10:35 -04:00
calzoneman 34e55d6fad Proper fix for path traversal 2013-07-27 11:06:49 -04:00
calzoneman be7ebf49d1 Fix #228 2013-07-27 10:13:30 -04:00
Calvin Montgomery e5d9a4c125 A few small improvements 2013-07-13 22:25:34 -04:00
calzoneman efc3cf35f4 Fix Ustream [#216] 2013-07-12 16:07:11 -04:00
calzoneman 7aac0a0f9f Fix a bug with IP forwarding 2013-07-06 13:00:02 -04:00
calzoneman 91a2fcb61d Better XSS prevention (NOTE: must run npm install validator on existing installs) 2013-07-02 15:42:26 -04:00
calzoneman c00b95feae Get x-forwarded-for IP address from cloudflare when it exists 2013-06-26 10:57:56 -04:00
calzoneman e620605458 Correct version number 2013-06-19 17:57:35 -04:00
calzoneman d5e03c10b6 Increment version number 2013-06-04 18:34:03 -04:00
calzoneman 52b88c0e40 Finish up 2013-05-30 14:34:54 -04:00
calzoneman 5205afb9cd Add password reset emailer 2013-05-30 14:07:29 -04:00
calzoneman e19f38f75b Remove debug print statement from channel.js 2013-05-27 15:23:47 -04:00
calzoneman 296bddefcd Fix #153 2013-05-27 14:35:24 -04:00
calzoneman a5c297365c Fixes; implement /clear command 2013-05-23 00:03:37 -04:00
calzoneman f8b0b06caf Add username bans, tweak ban interface 2013-05-21 12:17:01 -04:00
calzoneman 01fc746334 Implement #137 2013-05-19 12:56:13 -04:00
calzoneman 6dc0a33bda Separate ports for webserver and socketio
It came to my attention today that some firewalls block websocket traffic on port 80.  For this reason, I have split out the webserver and socket.io traffic to 2 different ports.
In config.js, IO_PORT is the socket.io port.  This should NOT be port 80.  WEBSERVER_PORT is the port that the built in webserver will bind to (can be port 80, but this requires root permissions).
You will connect to yourhostname:WEBSERVER_PORT, and use yourhostname:IO_PORT as IO_URL.
2013-05-17 18:39:49 -04:00
calzoneman 66fbbb77ce Add Justin.tv support 2013-05-17 14:39:58 -04:00
calzoneman 74bdffea58 Fix race condition which caused users to lose moderatorship 2013-05-17 11:02:45 -04:00
calzoneman a8d8f346d4 Add editors for CSS and JS 2013-05-15 11:34:27 -04:00
calzoneman c1c3e4c47f Add ustream support 2013-05-14 17:22:47 -04:00
calzoneman ce99233596 Reduce amount of data sent in media updates 2013-05-14 11:35:11 -04:00
calzoneman 4620fb2d56 Add unregistration for channel admins 2013-05-13 15:41:29 -04:00
calzoneman a6fff1c849 Fixes 2013-05-12 21:37:03 -04:00
calzoneman ebe48798fe Implement user profiles
Existing installations will have to apply the following SQL:
```sql
ALTER TABLE `registrations` ADD `profile_image` VARCHAR( 255 ) NOT NULL ,
ADD `profile_text` TEXT NOT NULL
```
2013-05-12 20:41:02 -04:00
calzoneman d9ed665540 Show page title in channel list 2013-05-12 11:46:19 -04:00
calzoneman 3af35cb268 Add links to playlist entries and the index page 2013-05-12 11:41:14 -04:00
calzoneman 161c8517b2 Change icons for next and temp, update help.html 2013-05-11 18:15:48 -04:00
calzoneman 5bb9ba7c61 Default filters apply to all channels (#97) 2013-05-09 10:11:25 -04:00
calzoneman f9efad01ea Improve/fix youtube search results 2013-05-05 18:52:16 -05:00
calzoneman 703ac3ce4f Add temporary videos 2013-05-04 17:54:28 -05:00
calzoneman 62e80cec63 Add password change (#88) 2013-05-04 13:01:04 -05:00
calzoneman 3600a3114a Transition channel page away from index.html 2013-05-01 13:39:01 -05:00
calzoneman f76b509430 Pressing enter on media URL queues next 2013-04-30 11:15:03 -05:00
calzoneman 9bc712c003 Mask user IPs for nonadmins 2013-04-29 20:01:46 -05:00
calzoneman d43f39caa1 Better channel bans 2013-04-29 18:59:51 -05:00
calzoneman e315407a48 Allow range IP bans 2013-04-29 17:06:39 -05:00
calzoneman 4b0e920dc6 Begin improving filters 2013-04-29 12:29:31 -05:00
calzoneman 9350ef6d75 Change some permissions to channel admins (#67) 2013-04-29 11:26:01 -05:00
calzoneman 7f7ae16138 Add JWPlayer support 2013-04-28 17:06:58 -05:00
calzoneman 406988aef1 Allow chaining for /m 2013-04-28 13:04:15 -05:00
calzoneman 3730ae0066 Add global bans 2013-04-28 01:30:18 -05:00
calzoneman 7003101828 Limit connections per IP 2013-04-28 01:06:58 -05:00
calzoneman 535b80153d Fix ip bans for like the 4th time 2013-04-27 23:10:48 -05:00
calzoneman 5e5ff5f414 Fix chat antiflood (#56) 2013-04-27 12:13:37 -05:00
calzoneman d5fc0bb03d Fix 'that username is already taken' login bug 2013-04-26 12:50:31 -05:00
calzoneman 84fb4214d7 Fix cross-domain issues 2013-04-25 23:57:46 -05:00
calzoneman 087f612b37 Bugfixes for last commit
- Fix race condition for login frame
- Fix guest logins
2013-04-25 23:04:51 -05:00
calzoneman 3a7acd0526 Implement new session system
I replaced the old login system with a more secure one.
Instead of storing cookies containing the username and plaintext password, the password
is submitted once to obtain a session hash, which is valid for a given length of time.
Registering and logging in is now done via an iframe, which prevents custom javascript from having access to the password field.
Site admins need to run the following SQL before updating, or else all of your logins/registrations will fail:

ALTER TABLE `registrations` ADD `session_hash` VARCHAR( 64 ) NOT NULL ,
ADD `expire` BIGINT NOT NULL
2013-04-25 22:50:12 -05:00
calzoneman a88088f2d6 Continue working on API 2013-04-25 16:16:53 -05:00
calzoneman 57475d5d3d Show name of who added something (Issue #50)
Hovering over a queue item will now show the name of the person who added it.
If it was added by a guest, or if it was added while the server was running a previous version, it will show up as "unknown".
2013-04-24 13:10:08 -05:00
calzoneman 0d7da77715 Add version update script 2013-04-23 16:16:43 -05:00
calzoneman ce34a3efe0 Tweak express instance to support /r/channel form
This means it is no longer necessary to perform a .htaccess hack if you want nice URLs.
By default, hostname:port/r/channel acts the same as hostname:port/index.html?channel=channel.
2013-04-22 14:42:39 -05:00
Calvin Montgomery bb019deeb7 Implement ACL for channel owners (Issue #42) 2013-04-22 22:28:40 +04:00
calzoneman 7b6bba3697 Fix version number 2013-04-20 20:21:03 -05:00
calzoneman 9338905519 Minor fix- greentext and escaping youtube queries 2013-04-17 23:24:37 -05:00
calzoneman a93e7fe3c2 Switch from connect to express 2013-04-17 13:42:29 -05:00
calzoneman e8dfb616ea Add package.json 2013-04-14 18:16:48 -05:00