echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,307 Commits 1 Branch 167 Tags
6c2799fe53529a11f13b4853a58d4bccd24fa7be
Commit Graph

4606 Commits

Author SHA1 Message Date
str4d
fdb54c315b propagate from branch 'i2p.i2p' (head b8f5da367cf5d16bc1d91aa2097830c350c9ef8a) 
to branch 'i2p.i2p.str4d.eddsa' (head 6fcc5b5019abb36251e28fe0f7723fd1a046a8e9)
 2014-08-10 11:41:45 +00:00
zzz
22a7757461 Console: Show share options below 30% (ticket #1329) 2014-08-09 18:08:00 +00:00
zzz
fbdc535287 * i2psnark: Fix more escaped messages 2014-08-08 20:05:42 +00:00
zzz
506419964b Plugins: SU3 support in form, type checking, 
don't require DSA key in SU3
 2014-08-07 19:27:53 +00:00
zzz
35bb8c5348 Plugins: partial SU3 support 2014-08-07 19:06:41 +00:00
zzz
79fe799aeb Plugins: Stub out SU3 support 2014-08-07 18:45:04 +00:00
zzz
d4722e0d2c * i2psnark: Fix excaped message 2014-08-07 13:39:24 +00:00
zzz
7187f6f714 * Console: Display full path to config file 
* i2ptunnel: More escaping
 2014-08-06 13:40:25 +00:00
zzz
0e9ceba057 * i2ptunnel: Fix filtering of custom options 2014-08-05 21:26:48 +00:00
zzz
fe3059f0ab * Plugins: Enforce signing key matches that in plugin.config 2014-08-05 21:23:48 +00:00
zzz
b28eb708a4 * Console: 
- Fix update buttons
   - Don't filter parameter names starting with "nofilter_"
   - Re-allow configadvanced, news URL, and unsigned update URL if routerconsole.advanced=true
   - Re-allow plugin install if routerconsole.advanced=true or routerconsole.enablePluginInstall=true
   - Only allow whitelisted plugin signers, unless routerconsole.allowUntrustedPlugins=true
   - Re-allow clients.config changes if routerconsole.advanced=true or routerconsole.enableClientChange=true
   - More escaping
 * i2psnark: Fix add torrent form
 2014-08-03 13:58:51 +00:00
zzz
8673c232b6 Whitelist of known plugin public keys 
Compiled by kytv from plugins.i2p
todo: implementation
 2014-07-31 14:51:02 +00:00
zzz
d6b0b1b93c refresh tweaks 
another escape html
 2014-07-26 20:14:01 +00:00
zzz
1e0c970c95 remove add client button 2014-07-26 19:31:36 +00:00
zzz
db9f49c7d4 updates after review: 
Disable clients.config editing in UI
Strip single quotes too
Fix double-escaping in susimail folder page
 2014-07-26 18:58:58 +00:00
zzz
1603353ae8 Susimail escaping from psi plus some more 2014-07-26 16:50:58 +00:00
zzz
6753d23309 Add filtering for getParameterMap() 
Don't return null entries in getParameterValues() array
Log in getParameterValues() too
static
 2014-07-26 15:09:40 +00:00
zzz
2c8223274d filter pattern tweaks 2014-07-26 13:43:52 +00:00
zzz
f0dd09cf9c filter logging 2014-07-26 12:18:35 +00:00
zzz
4746d9eb80 Fix CSP to allow inline style and refresh 
Add filter to all webapps
 2014-07-26 11:01:16 +00:00
zzz
58578d9020 Console: 
XSSFilter patch from str4d:
  XSSFilter and XSSRequestWrapper were from http://ricardozuasti.com/2012/stronger-anti-cross-site-scripting-xss-filter-for-java-web-apps/
  No provided license, but it is clearly intended for public consumption.
  But most of it is boilerplate provided by the Servlet Filter system.
  In fact, now that I have stripped out his JS-specific patterns and replaced it with the whitelist,
  it is effectively identical to what I would have written from scratch.
 2014-07-26 09:39:31 +00:00
zzz
af575d6c95 * Console: 
- Fix several XSS issues (thx Aaron Portnoy of Exodus Intel)
  - Add Content-Security-Policy and X-XSS-Protection headers
  - Disable changing news feed URL from UI
  - Disable plugin install from UI
  - Disable setting unsigned update URL from UI
  - Disable /configadvanced
* DataHelper: Disallow \r in storeProps() (thx joernchen of Phenoelit)
* ExecNamingService: Disable (thx joernchen of Phenoelit)
* Startup: Add susimail.config to migrated files
 2014-07-26 09:32:26 +00:00
str4d
e9c8748c0b Updated Eclipse settings 2014-07-26 02:48:49 +00:00
kytv
08409d016b translation updates from Transifex 2014-07-23 13:55:58 +00:00
zzz
89764c12e7 bob finals, synch 2014-07-23 13:12:32 +00:00
zzz
328d7d0008 SAM: 
- Don't spawn a thread for each transmitted datagram
 - Set protocol field for raw and signed datagrams
 - Enforce a 60s timeout for HELLO
 - Use naming service cache to reduce Destination object churn
 - Get Log object from the log manager
 - Log spelling fixes
 2014-07-22 14:52:08 +00:00
str4d
3a899d52d1 Don't grab the ClientApp if we don't need to 2014-07-19 23:55:43 +00:00
zzz
a2567b0ee2 * SusiMail: Better error message on decode fail 
http://forum.i2p/viewtopic.php?t=11469
 2014-07-19 16:31:59 +00:00
zzz
4b0019c732 * SAM: Add support for RAW on the bridge socket in v3 (ticket #1334) 
log fixes
 2014-07-19 15:43:51 +00:00
zzz
5d21738410 * i2psnark: Don't prefer leeches during end game, to 
prevent slowdowns or stalls
 2014-07-19 12:48:16 +00:00
zzz
2c7006e9bd Streaming; Disable fail-fast for now. It's failing on leaseset lookup 
far too often. Need to fix that first.
 2014-07-19 12:39:37 +00:00
str4d
2cfe5e678a propagate from branch 'i2p.i2p' (head e02e6d733a703970e20e732e5156cbabc394e88e) 
to branch 'i2p.i2p.str4d.eddsa' (head 3910d01bed7c5a216f52bfd1d9fd96b59f058745)
 2014-07-10 09:29:34 +00:00
zzz
7b7a620999 * Console: Add event log viewer (ticket #1117) 2014-07-03 13:13:57 +00:00
zzz
82217d5ebc increase default refresh on graphs page 2014-07-03 13:08:24 +00:00
zzz
b95ec70d7d Console: Check wrapper version before calling WrapperManager.getProperties() 2014-07-03 13:07:41 +00:00
zzz
fef591412e SAM: Cherrypick from patch in ticket #1318: 
- Add SIGNATURE_TYPE support to GENERATE and CREATE
   - Don't NPE checking dest+privkeys
   - Simplify HELLO checking
   - Don't require two params in HELLO message
   - Make MIN parameter optional too
   - Version checking fixes
   - Bump version to 3.1, only visible if requested
   - Cleanups, javadocs
 2014-06-28 14:14:39 +00:00
zzz
3379432e5f SAM: Cherrypick from patch in ticket #1318: 
- Check for extra bytes in private key string
   - checkPrivateDestination() returns boolean instead of throws
 2014-06-27 21:05:54 +00:00
zzz
bb9129b61b SAM: Cherrypick from patch in ticket #1318: 
- Fix empty properties check
   - Overrides
   - Statics
 2014-06-27 20:53:01 +00:00
zzz
0fc3029aaa SAM: 
Version handling (ticket #1318)
   - MAX param now optional
   - 1-digit versions now accepted for MIN and MAX
   - Use VersionComparator for version tests
   - Don't require a minor version of 0
   - Fix empty properties check
   - Overrides
   - Prep for version 3.1
  Throw exception on null option key (ticket #1325)
 2014-06-27 20:36:34 +00:00
zzz
d8c8586ccf SAM: No synch needed for finals; 
Move fields to top
 2014-06-27 16:53:05 +00:00
zzz
38a4728283 SAM: Use SAMHandler.writeString() where possible, 
Use DataHelper.getASCII() for byte conversion
 2014-06-27 16:46:57 +00:00
zzz
7888705b01 final 2014-06-27 16:31:24 +00:00
zzz
31938f49d6 SAM: Fix checkPrivateDestination() for key certs (ticket #1318) 2014-06-27 16:19:07 +00:00
zzz
c95ed2ea96 SAM: Rename exceptions, make serialVersionUID private, 
add new SAMException constructor
 2014-06-27 16:15:22 +00:00
zzz
b5ed247a53 SAM: more Log conditionals, javadocs 2014-06-27 15:55:12 +00:00
zzz
22aff49747 SAM: Log conditionals, javadocs 2014-06-27 15:53:16 +00:00
zzz
e4430f05e4 2 more pkg private 2014-06-27 15:32:56 +00:00
zzz
1047691c64 SAM: Make all classes package private except the SAMBridge entry point 2014-06-27 15:26:44 +00:00
zzz
f3180b3f6f SAM client logging cleanup 2014-06-27 15:14:21 +00:00
zzz
616866cc9e Build: Move remaining jars to Java 6, as we will require 
API 9 in the next Android release.
 2014-06-27 13:57:43 +00:00