Commit Graph

539 Commits

Author SHA1 Message Date
Calvin Montgomery bbd03e4e0f Log aliases when someone logs in 2015-01-26 12:20:19 -06:00
calzoneman 50bf876010 Add hitbox support 2015-01-22 23:21:31 -06:00
calzoneman 5cde74cbd4 Fix potential cause for playlist timer problem 2015-01-22 16:53:36 -06:00
calzoneman 7d2015620a socket.io: upgrade to 1.3 2015-01-19 17:43:22 -06:00
calzoneman 9fc1cbd81c Whitelist <s> tags for filters 2015-01-19 01:26:46 -06:00
Calvin Montgomery d7ef0d1893 Merge pull request #428 from calzoneman/sanitize-html
Merge sanitize-html into 3.0 #yolo
2015-01-14 13:23:01 -06:00
calzoneman 139825168f Fix for private, but embeddable soundcloud tracks 2015-01-11 12:10:09 -06:00
calzoneman 80c4c90bcf Migrate old MOTDs and don't replace \n with <br> after 2015-01-08 20:07:02 -06:00
Calvin Montgomery 12f3161f50 XSS: Glob attributes data-*, aria-* 2015-01-08 20:07:01 -06:00
Calvin Montgomery 1c3a669279 Replace XSS filter with sanitize-html 2015-01-08 20:07:01 -06:00
calzoneman 8630c5972c deps: upgrade socket.io to 1.2.1 2015-01-08 17:57:44 -06:00
Erik 4135ec0bf8 Kick/Mute immunity should only be if globalRank is strictly greater 2015-01-08 09:58:44 -05:00
Calvin Montgomery 032f600746 Kick/Mute immunity should only be if globalRank is strictly greater 2015-01-08 08:48:00 -05:00
Erik 5d843358d2 site admins should be immune from kick/mute 2015-01-06 22:55:14 -05:00
Calvin Montgomery cf35c92391 Apparently this happens a lot, don't put it in the logfile 2015-01-06 10:58:15 -05:00
Calvin Montgomery 414cbfdc5d Add more safeguards for socket errors 2015-01-06 10:54:14 -05:00
Calvin Montgomery bf70d2760b Log when a video is added 2015-01-03 16:03:15 -05:00
Calvin Montgomery 829cc090fa Use graceful-fs to maybe prevent EMFILE 2015-01-02 23:22:48 -05:00
Calvin Montgomery 0c23b8a4c5 Update Copyright year; remove old junk 2014-12-31 12:06:29 -05:00
Calvin Montgomery 25eba6ab2b Improve filter handling code 2014-12-28 11:12:37 -05:00
Calvin Montgomery aa5e50f1d2 Cytubefilters, part 1 2014-12-27 01:39:30 -05:00
Calvin Montgomery 709724efd4 Warn moderators when a channel exceeds size limit
When the chandump is saved, the size of the file is checked.  If it is over the limit, moderators are displayed a message indicating that the channel is too large and they should remove extra playlist items, filters, and/or emotes.

This is a partial solution for #421.
2014-12-26 11:19:19 -05:00
Calvin Montgomery 3689aafe3b Fix all video adds getting stuck when one fails
Whenever a urlRetrieve() fails due to an unexpected error (ENOTFOUND, ETIMEDOUT, Socket hang up, etc.), the domain handler and the global exception handler would detect this and not crash the server, however the dirty internal state would somehow prevent future HTTP requests from completing successfully.

Removed domain usage since that feature is marked "unstable" and is rumored to be marked for deprecation in future versions of node.  Using the "error" event of the request object itself, which means errors are local in scope and won't pollute global state.  This should have been the solution originally, but when urlRetrieve() was written, I was not as familiar with node.
2014-12-26 10:39:47 -05:00
Calvin Montgomery c39c394f36 Add auto DB conversion for utf8mb4 2014-12-14 21:53:25 -05:00
Calvin Montgomery 9deff9bdb1 Change charset for certain fields to utf8mb4
The underlying cause of #419 is the default utf8 collation in MySQL/MariaDB, which only supports the base plane of Unicode (\u0000-\uffff).  By changing the collation to utf8mb4_general_ci, stuff like ban reasons and profile text may have emoji and other non-base-plane Unicode.

The charset for playlist titles is NOT changed, and non-base-plane characters are replaced by question marks.  This is because switching to utf8mb4 would make the primary key too long.
2014-12-14 21:53:25 -05:00
Calvin Montgomery 4b8681c2a4 Don't break if the profile is corrupt 2014-12-14 21:53:25 -05:00
calzoneman e8a2753e19 Don't log HTTP 413, just send it to the client and be done 2014-12-12 17:35:57 -06:00
calzoneman a3a9fa074e Improve behavior of custom embed w.r.t. https
Instead of silently failing when browser policy blocks HTTP embeds over HTTPS, pre-fill the video div with an error message and attempt to salvage the link with s/http/https/g.
2014-12-10 23:56:17 -06:00
calzoneman 2b800f2a9a Hopefully fix typecheckedOn bug 2014-12-07 00:08:53 -06:00
calzoneman 918b865a9b Slight tweak to urlRetrieve error handler 2014-12-04 00:42:25 -06:00
calzoneman b587da6701 Several fixes
- User playlists should now list correctly (fixed a race condition)
  - Livestream types can autoplay (no longer stuck at currentTime = -3)
  - Playlist items with NaN duration do not break user playlist saving
  - ffmpeg support can handle live media (e.g. icecast)
  - Invalid volume is sanitized and an error message is added
  - JWPlayer displays correctly for both HTML5 and Flash
  - JWPlayer volume synchronization is fixed
  - <audio> and <video> tags are scaled correctly with .embed-responsive-item
2014-12-02 22:21:52 -06:00
calzoneman 2f2ed8aaf9 Fix Twitch not working on HTTPS and allow HTTPS channel page 2014-11-24 19:24:47 -06:00
calzoneman da2d461941 Fix caching and add gzip 2014-11-16 21:06:10 -06:00
calzoneman 4514151ad2 Add a better error message for google drive 1hr 2014-11-13 20:08:01 -06:00
calzoneman 681fc717c3 Fix google+ 2014-11-03 12:56:15 -06:00
calzoneman 318a924b6d Extend blacklist to PMs 2014-10-29 15:07:57 -05:00
calzoneman 575b762ba1 Fix kick behavior 2014-10-25 22:49:22 -05:00
calzoneman 4967e46343 Fix socket.io issue; fix ACP announcements 2014-10-24 10:24:02 -05:00
calzoneman 289807535a Typo 2014-10-24 10:24:02 -05:00
calzoneman b4bcb7637b Reject sockets with no IP 2014-10-24 10:24:02 -05:00
calzoneman 50dd0982a4 Fix IP extraction for socket.io 2014-10-24 10:24:02 -05:00
calzoneman 6e0735f3fe Update to socket.io 1.0 2014-10-24 10:23:30 -05:00
calzoneman 029fa62af2 Don't log errors for bad http requests 2014-10-12 11:36:54 -05:00
calzoneman fa85030524 Fix borrow-rank 2014-10-09 20:46:16 -05:00
calzoneman 4505ca19da Auto unpause after leader is removed 2014-10-07 23:01:36 -05:00
calzoneman e13e695077 Allow limiting # items per user 2014-10-06 11:32:25 -05:00
calzoneman 309e5d8b46 Doing it live 2014-09-13 00:01:54 -05:00
calzoneman d2027d2e5a Fix /unmute with empty name 2014-09-12 11:49:30 -05:00
calzoneman 731ab3f9a5 Ok this should actually fix it 2014-09-11 19:00:27 -05:00
calzoneman 2ea9dbcb75 Fix IP address race condition for logging 2014-09-11 18:56:33 -05:00
calzoneman 2b60ab8e10 Add permission for #402; fix a strange jwplayer issue 2014-09-06 22:59:28 -05:00
calzoneman 71114b0060 Fix: don't search channel library if rank < seeplaylist 2014-09-04 20:53:18 -05:00
calzoneman ea9fa0a95a Fix /smute with 0 args throwing error 2014-09-02 16:46:53 -05:00
calzoneman 12447ce5dc Give up early if username is invalid for rank change 2014-09-01 20:33:11 -05:00
calzoneman 66865f718c Fix Error: Requested Range Not Satisfiable 2014-09-01 14:36:24 -05:00
calzoneman 91c24518c5 Conditionally allow ASCII characters (for Xaekai) 2014-08-29 16:38:57 -05:00
calzoneman 7002874bbb Minor fix for messages with spaces only 2014-08-29 15:49:32 -05:00
calzoneman 484b695965 Disallow ASCII control characters in messages 2014-08-29 15:47:56 -05:00
calzoneman 7b00ba10b9 Fixes at Xaekai's request 2014-08-27 18:45:11 -05:00
calzoneman c8684d58ed Fix handling of /mute with no name 2014-08-22 10:52:15 -05:00
calzoneman b3c3ee93ce Hopefully fix an error case
I have no idea why it's possible for sock.handshake to be defined and then undefined
2014-08-21 14:37:40 -05:00
calzoneman edac89b204 Fix x-forwarded-for resolution in http logging 2014-08-20 10:56:36 -05:00
calzoneman 088c547522 Update dependencies - execute npm update && npm rebuild after pulling 2014-08-19 22:27:59 -05:00
calzoneman ae42ac9c56 Remove ghost httpaccess.log file 2014-08-19 00:52:50 -05:00
calzoneman 6dfeab9657 Update rest of dependencies 2014-08-19 00:46:30 -05:00
calzoneman 4eb81a84d9 Update nodemailer, yamljs, q 2014-08-19 00:36:31 -05:00
calzoneman c693e84a46 Update bcrypt and fix a deprecated reference in auth 2014-08-19 00:25:36 -05:00
calzoneman 020e2326b5 Replace own static and log functions with serve-static and morgan 2014-08-19 00:21:32 -05:00
calzoneman 5f7adc98ba Update express dependency 2014-08-19 00:07:24 -05:00
calzoneman c2ba55ac0f Fail /kick, /ban if the target name is blank 2014-08-18 22:00:51 -05:00
Calvin Montgomery 5d624fa49f Merge pull request #396 from calzoneman/ipcloak
Change IP masking
2014-08-15 11:43:56 -05:00
calzoneman 0f2b93e5c5 Increment version number 2014-08-15 11:41:09 -05:00
calzoneman 3446eb5357 Add Google Docs checks for missing duration/title 2014-08-15 00:27:51 -05:00
calzoneman b82583a79c Remove IP leak from ban log message 2014-08-14 22:07:06 -05:00
calzoneman c255133a2b Fix wrong argument being passed 2014-08-14 22:02:58 -05:00
calzoneman 25ab4b62e5 Update cloaking function so the banlist looks right 2014-08-14 21:57:38 -05:00
calzoneman 722c55e0da Remove reference to maskIP 2014-08-14 21:50:34 -05:00
calzoneman c5a52d2ce5 Fix wrong scope on ipList 2014-08-14 21:45:25 -05:00
calzoneman 6b9968a489 Remove torblocker dependency 2014-08-14 21:44:33 -05:00
calzoneman 8fddbc3e6e Add IP cloaking; make tor bans channel specific 2014-08-14 21:42:13 -05:00
calzoneman ecca806a58 Fix an issue with quality selection 2014-08-14 16:28:44 -05:00
calzoneman dc3efd94c8 Remove JustinTV support as it is no longer in service 2014-08-13 13:51:09 -05:00
calzoneman fae1609a50 Apparently redirector is https sometimes 2014-08-12 18:34:37 -05:00
calzoneman b88f1931c6 Prevent vimeo from logging errors when videos become private/removed 2014-08-11 11:58:03 -05:00
Erik ef921b1f96 Fix logging of customizations 2014-08-09 14:41:12 -04:00
Calvin Montgomery ea79b7d6b1 Remove unused file 2014-08-08 23:29:07 -07:00
Calvin Montgomery 9ff23622a0 Fix a minor matching issue for google docs 2014-08-08 23:27:54 -07:00
Calvin Montgomery 4f7ec228d3 Fix regular expression for google docs parsing 2014-08-07 23:19:07 -07:00
Calvin Montgomery 4a3645e3ed Prevent invalid URI escapes from logging errors 2014-08-07 19:25:34 -07:00
Calvin Montgomery b7edfc31f9 Fix for google docs changing their video player: 2014-08-06 20:12:57 -07:00
Calvin Montgomery d94c596063 Require auth for read-only requests too 2014-08-04 18:01:57 -07:00
Calvin Montgomery 59dd733219 Fix null reference bug 2014-08-02 19:15:49 -07:00
Calvin Montgomery 84a07030d0 Disallow cloning playlist if user doesn't have seeplaylist permission 2014-08-02 19:12:09 -07:00
Calvin Montgomery d9f5c551e3 Fix TypeError due to race condition 2014-07-20 19:36:29 -07:00
Calvin Montgomery 79bb6a96cd Fix exception 2014-07-14 21:13:45 -07:00
Calvin Montgomery 89de33031c Merge pull request #386 from calzoneman/plusvideo
Google+ video support
2014-07-13 22:16:00 -07:00
Calvin Montgomery 35c6a68e5e Remove redundant RegExp constructor 2014-07-13 22:14:37 -07:00
Calvin Montgomery b1709758fd Increment version number 2014-07-13 22:13:16 -07:00
Calvin Montgomery 565e490078 Fix setFlag/waitFlag edge case that was causing duplicate joins 2014-07-13 12:23:04 -07:00
Calvin Montgomery e6d6e3391e Don't log gdocs 'exceeded quota' errors to error.log 2014-07-13 11:33:10 -07:00