Commit graph

1670 commits

Author SHA1 Message Date
Calvin Montgomery 12f3161f50 XSS: Glob attributes data-*, aria-* 2015-01-08 20:07:01 -06:00
Calvin Montgomery 1c3a669279 Replace XSS filter with sanitize-html 2015-01-08 20:07:01 -06:00
calzoneman 654573af68 Migrate old MOTDs and don't replace \n with <br> after 2015-01-08 20:06:41 -06:00
calzoneman 8630c5972c deps: upgrade socket.io to 1.2.1 2015-01-08 17:57:44 -06:00
Erik 4135ec0bf8 Kick/Mute immunity should only be if globalRank is strictly greater 2015-01-08 09:58:44 -05:00
Calvin Montgomery 032f600746 Kick/Mute immunity should only be if globalRank is strictly greater 2015-01-08 08:48:00 -05:00
Calvin Montgomery ef7ee067f2 Merge branch '3.0' of github.com:calzoneman/sync into 3.0 2015-01-07 15:59:52 -05:00
Calvin Montgomery c1ef0848cd Add CSS classes for muted users (#426)
- If a user is muted, the `userlist_muted` class is added to the
  corresponding `.userlist_item`.
- If the user is shadowmuted, the `userlist_smuted` and `userlist_muted`
  classes are added.
- If the user is AFK, the `userlist_afk` class is added.
2015-01-07 15:58:36 -05:00
Calvin Montgomery 21756d7cb2 sanitize-html: replace github link with npm
The change I made to sanitize-html was merged and published to npm, so
there's no reason to depend on my fork anymore.
2015-01-07 10:47:46 -05:00
Erik Little 7dab3276a6 Merge pull request #425 from calzoneman/muteadmin
site admins should be immune from kick/mute
2015-01-06 23:00:14 -05:00
Erik 5d843358d2 site admins should be immune from kick/mute 2015-01-06 22:55:14 -05:00
Calvin Montgomery b56809138c deps: update cytubefilters commit hash 2015-01-06 22:40:49 -05:00
Calvin Montgomery aabff5d0cc deps: update cytubefilters commit hash 2015-01-06 22:40:23 -05:00
Calvin Montgomery 6e053ae7f4 deps: update sanitize-html 2015-01-06 13:05:31 -05:00
Calvin Montgomery 03f58a7d7a XSS: Glob attributes data-*, aria-* 2015-01-06 13:00:36 -05:00
Calvin Montgomery df42a5e6a6 Replace XSS filter with sanitize-html 2015-01-06 12:20:48 -05:00
Calvin Montgomery cf35c92391 Apparently this happens a lot, don't put it in the logfile 2015-01-06 10:58:15 -05:00
Calvin Montgomery 414cbfdc5d Add more safeguards for socket errors 2015-01-06 10:54:14 -05:00
Calvin Montgomery cd22570c40 Hopefully fix youtube setPlaybackQuality once and for all 2015-01-04 16:46:40 -05:00
Calvin Montgomery 3423f43f2f https://www.youtube.com/watch?v=9u6Bfnq3aZk 2015-01-03 21:36:58 -05:00
Graham 4aa1df8837 Modern theme update 2015-01-03 19:46:02 -05:00
Graham 207ad43140 Update css 2015-01-03 18:21:33 -05:00
Graham fb1636552b Add modern theme 2015-01-03 18:21:07 -05:00
Calvin Montgomery bf70d2760b Log when a video is added 2015-01-03 16:03:15 -05:00
Graham 32c58a9628 Minify slate and cleanup. 2015-01-03 15:32:15 -05:00
Graham e4de90c38b Move color CSS rules into their own files. minify bootstrap 2015-01-03 15:27:15 -05:00
Calvin Montgomery 829cc090fa Use graceful-fs to maybe prevent EMFILE 2015-01-02 23:22:48 -05:00
Calvin Montgomery 4013779750 Remove license banner from index.js (see LICENSE file) 2014-12-31 12:07:43 -05:00
Calvin Montgomery 0c23b8a4c5 Update Copyright year; remove old junk 2014-12-31 12:06:29 -05:00
Calvin Montgomery c5582865a5 Merge pull request #422 from calzoneman/cytubefilters
Switch to PCRE-based C++ chat filters
2014-12-28 20:40:29 -06:00
Calvin Montgomery 4319111f47 Remove console.log 2014-12-28 19:09:41 -05:00
Calvin Montgomery 058b24323d Add cytubefilters to package.json 2014-12-28 19:07:39 -05:00
Calvin Montgomery 25eba6ab2b Improve filter handling code 2014-12-28 11:12:37 -05:00
Calvin Montgomery aa5e50f1d2 Cytubefilters, part 1 2014-12-27 01:39:30 -05:00
Calvin Montgomery 709724efd4 Warn moderators when a channel exceeds size limit
When the chandump is saved, the size of the file is checked.  If it is over the limit, moderators are displayed a message indicating that the channel is too large and they should remove extra playlist items, filters, and/or emotes.

This is a partial solution for #421.
2014-12-26 11:19:19 -05:00
Calvin Montgomery 3689aafe3b Fix all video adds getting stuck when one fails
Whenever a urlRetrieve() fails due to an unexpected error (ENOTFOUND, ETIMEDOUT, Socket hang up, etc.), the domain handler and the global exception handler would detect this and not crash the server, however the dirty internal state would somehow prevent future HTTP requests from completing successfully.

Removed domain usage since that feature is marked "unstable" and is rumored to be marked for deprecation in future versions of node.  Using the "error" event of the request object itself, which means errors are local in scope and won't pollute global state.  This should have been the solution originally, but when urlRetrieve() was written, I was not as familiar with node.
2014-12-26 10:39:47 -05:00
Calvin Montgomery db7d1a22c8 Resolve #420 2014-12-19 14:39:10 -05:00
Calvin Montgomery c39c394f36 Add auto DB conversion for utf8mb4 2014-12-14 21:53:25 -05:00
Calvin Montgomery 9deff9bdb1 Change charset for certain fields to utf8mb4
The underlying cause of #419 is the default utf8 collation in MySQL/MariaDB, which only supports the base plane of Unicode (\u0000-\uffff).  By changing the collation to utf8mb4_general_ci, stuff like ban reasons and profile text may have emoji and other non-base-plane Unicode.

The charset for playlist titles is NOT changed, and non-base-plane characters are replaced by question marks.  This is because switching to utf8mb4 would make the primary key too long.
2014-12-14 21:53:25 -05:00
Calvin Montgomery 4b8681c2a4 Don't break if the profile is corrupt 2014-12-14 21:53:25 -05:00
calzoneman e8a2753e19 Don't log HTTP 413, just send it to the client and be done 2014-12-12 17:35:57 -06:00
calzoneman a3a9fa074e Improve behavior of custom embed w.r.t. https
Instead of silently failing when browser policy blocks HTTP embeds over HTTPS, pre-fill the video div with an error message and attempt to salvage the link with s/http/https/g.
2014-12-10 23:56:17 -06:00
calzoneman db56a8869d Fix #417 2014-12-07 13:42:18 -06:00
calzoneman 2b800f2a9a Hopefully fix typecheckedOn bug 2014-12-07 00:08:53 -06:00
calzoneman cf60994895 Dailymotion is a completely functional site programmed by competent people 2014-12-04 15:55:15 -06:00
calzoneman 918b865a9b Slight tweak to urlRetrieve error handler 2014-12-04 00:42:25 -06:00
calzoneman 5cbdb47eb1 Merge branch '3.0' of github.com:calzoneman/sync into 3.0 2014-12-02 22:24:52 -06:00
calzoneman b587da6701 Several fixes
- User playlists should now list correctly (fixed a race condition)
  - Livestream types can autoplay (no longer stuck at currentTime = -3)
  - Playlist items with NaN duration do not break user playlist saving
  - ffmpeg support can handle live media (e.g. icecast)
  - Invalid volume is sanitized and an error message is added
  - JWPlayer displays correctly for both HTML5 and Flash
  - JWPlayer volume synchronization is fixed
  - <audio> and <video> tags are scaled correctly with .embed-responsive-item
2014-12-02 22:21:52 -06:00
Calvin Montgomery 33294278ad Gracefully handle elements with null duration during user playlist save 2014-11-27 08:53:03 -06:00
calzoneman b09346392e Slight tweak to nick hovers 2014-11-24 19:32:06 -06:00