Commit graph

14 commits

Author SHA1 Message Date
Calvin Montgomery 637bcad816 camo: include subdomains of whitelisted domains in whitelist 2017-07-08 20:46:42 -07:00
Calvin Montgomery 486ce04a3e camo: support URL encoding option 2017-07-08 19:21:14 -07:00
Calvin Montgomery 7ebf3c18ab Add knex AliasesDB 2017-06-28 22:58:40 -07:00
Calvin Montgomery 6633e23aa3 Add characterization test for sanitize-html
At various times in the past, upgrades in the sanitize-html library that
changed behavior of HTML filtering have caused things like emotes to
break unexpectedly.  This commit adds a basic test to sanitize
non-alphanumeric characters found in channels' emote codes so that if
the library changes, the test will break and give a heads up that
something changed.
2017-06-17 09:47:22 -07:00
Calvin Montgomery b23a858a8c Integrate socket.io ban check with GlobalBanDB 2017-06-05 23:14:45 -07:00
Calvin Montgomery d0712d007e Work on refactoring global IP ban database calls 2017-05-31 22:46:15 -07:00
Calvin Montgomery 22a9acfc90 Support proxying chat images via camo
Camo: https://github.com/atmos/camo.  This has a couple advantages over
just allowing images to be dumped as-is:

  - Prevents mixed-content warnings by allowing the server to proxy HTTP
    images to an HTTPS camo instance
  - Protects users' privacy by not exposing their browser directly to
    the image host
  - Allows the camo proxy to intercept and reject bad image sources
    (URLs that are not actually images, gigapixel-sized images likely to
    DoS users' browsers, etc.)

Whitelisting specific domains is supported for cases where the source is
known to be trustworthy.
2017-05-28 19:38:43 -07:00
Calvin Montgomery 7595faf11d Fix voteskip issue when there are no videos left 2017-03-21 20:04:06 -07:00
Calvin Montgomery 0613083eb0 Handle the case where no socket.io ack exists 2017-03-20 22:09:16 -07:00
Calvin Montgomery 9dc82ad444 Enforce stricter validation on polls 2017-03-20 21:37:32 -07:00
Calvin Montgomery 27e168ba8b Integrate new tab completion methods
There is now an option to choose which tab completion method to use.
Also, emotes can be tab completed.
2017-01-10 22:26:46 -08:00
Calvin Montgomery 5321996c64 Implement tab cycle style completion (not used anywhere yet) 2017-01-07 10:55:59 -08:00
Calvin Montgomery dfdc07cbfa Start working on better tab completion
Code is not used anywhere yet, but the end goal is:
* Replace the bash-style algorithm with a less kludgy one
* Add the ability to customize tab completion method (will also
  include default zsh-style completion)
* Abstract tab completion so it can be shared for chat and emote names
  as available options
2017-01-06 20:10:33 -08:00
Calvin Montgomery 6e61a13354 Add tests missed in last commit 2017-01-05 21:04:15 -08:00