alihan/gotify-server
1
0
Fork 0
mirror of https://github.com/gotify/server.git synced 2024-01-28 15:20:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
588 Commits 6 Branches 57 Tags
master
Commit Graph

84 Commits

Author SHA1 Message Date
Eng Zer Jun
0bfa5ca4d9 perf: avoid allocations with (*regexp.Regexp).MatchString (#604) 
We should use `(*regexp.Regexp).MatchString` instead of
`(*regexp.Regexp).Match([]byte(...))` when matching string to avoid
unnecessary `[]byte` conversions and reduce allocations.

Example benchmark:

var allowedOrigin = regexp.MustCompile(".*.example.com")

func BenchmarkMatch(b *testing.B) {
	for i := 0; i < b.N; i++ {
		if match := allowedOrigin.Match([]byte("www.example.com")); !match {
			b.Fail()
		}
	}
}

func BenchmarkMatchString(b *testing.B) {
	for i := 0; i < b.N; i++ {
		if match := allowedOrigin.MatchString("wwww.example.com"); !match {
			b.Fail()
		}
	}
}

goos: linux
goarch: amd64
pkg: github.com/gotify/server/v2/api/stream
cpu: AMD Ryzen 7 PRO 4750U with Radeon Graphics
BenchmarkMatch-16          	 2076819	       647.7 ns/op	      16 B/op	       1 allocs/op
BenchmarkMatchString-16    	 2536326	       442.0 ns/op	       0 B/op	       0 allocs/op
PASS
ok  	github.com/gotify/server/v2/api/stream	3.552s

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2023-10-23 15:57:15 +00:00
Jannis Mattheis
dec762f9ed fix: remove unused code 2023-09-16 21:06:54 +02:00
Jannis Mattheis
9592cc95c9 fix: update go-swagger 2023-09-16 21:06:54 +02:00
Jannis Mattheis
a3ce298729 Fix stream_test flakiness 2023-08-06 12:30:22 +02:00
eternal-flame-AD
7bf80ee6f1 Add last used to client & application 2023-08-06 12:30:22 +02:00
Jannis Mattheis
835adeec79 Fix test assertions 2023-07-30 15:39:19 +02:00
Jannis Mattheis
bda27946da Update deps 2023-07-30 15:39:15 +02:00
chrispruitt
72bd8c8ba6 Add default message priority for applications 
Co-authored-by: Jannis Mattheis <contact@jmattheis.de>
 2023-07-19 18:15:01 +00:00
Helmut K. C. Tessarek
5cd2d5411f Add delete application image endpoint 2023-05-28 13:59:49 +00:00
mateuscelio
f3d121bd61 Adds ClientParams strcut to handle creation and update params 2023-04-28 16:11:40 +02:00
Jannis Mattheis
33d86e41c2 Only serve image files on ./image 
This is an addition to the existing XSS fix in the previous commit.
 2022-12-29 12:46:41 +01:00
Jannis Mattheis
925fb7e2c9 Fix file upload XSS 
The application image file upload allowed authenticated users to upload
malious .html files. Opening such a file like

https://push.gotify.net/image/ViaxrjzNowdgL-xnEfVV-Ggv5.html

would allow the attacker to execute client side scripts.

The application image upload will now only allow the upload of files
with the following extensions: .gif, .png, .jpg and .jpeg.
 2022-12-28 20:13:35 +01:00
mateuscelio
0fb584d7f7 Update docs 2022-12-03 10:45:07 +01:00
Jannis Mattheis
fcd9b88bb7 Fix required mismatch in update & create user 
This shouldn't break the api.
 2022-09-10 16:47:22 +02:00
mateuscelio
f16ce59e6c Prevent setting id while inserting / updating applications 2022-07-24 08:48:14 +00:00
pigpig
c172590b92 Add registration 
Can be enabled via the registration config flag. (disabled per default)

Fixes gotify/server#395

Co-authored-by: pigpig <pigpig@pig.pig>
Co-authored-by: Karmanyaah Malhotra <32671690+karmanyaahm@users.noreply.github.com>
Co-authored-by: Jannis Mattheis <contact@jmattheis.de>
 2021-08-04 19:39:43 +02:00
Jannis Mattheis
3454dcd602 Use golangci-lint 2020-11-01 10:47:02 +01:00
Jannis Mattheis
909eeff406 Make keepalive period configurable 2020-09-10 16:22:04 +00:00
Richard Szolár
923030cf44 Update "github.com/go-yaml/yaml" import path to "gopkg.in/yaml.v2" as recommended per the project's documentation 2020-08-20 20:25:37 +02:00
Jannis Mattheis
d45e0da6a8 Allow delete for > uint32 ids 
For ids uint is used, this is platform specific and either uint32
or uint64. The parsing for parameters in the api expected the ids to
have 32bit size.

I thought about changing all our ids to int64 but we sadly have one uint
usage in the plugin api:
b0e2eca8e3/plugin.go (L13-L14)
 2020-07-01 19:44:06 +02:00
Jannis Mattheis
757fa17d26 Use int64 as input 2020-06-24 18:32:35 +02:00
Jannis Mattheis
a9249bbd28 Don't use id provided from POST /message api 2020-06-23 18:39:43 +02:00
Jannis Mattheis
7b90b8a8f5 Use v2 in package path 2020-05-08 10:43:17 +02:00
Jannis Mattheis
0a7a5cd619 Add logging to websocket errors 2019-11-28 21:39:47 +01:00
Jannis Mattheis
81c4a73df3 Add health api 2019-08-16 09:28:57 +02:00
饺子w
67493c643e Return 500 server error on database failures (#191) 2019-05-25 08:37:24 +02:00
GianOrtiz
e32359ed15 Add update client api and dialog (#164) 2019-03-16 11:18:51 +01:00
饺子w
efcf4ad13d Use crypto/rand for token generation (#161) 2019-03-16 11:10:28 +01:00
饺子w
178c76f410 Fix websocket allowed origin (#150) 2019-03-14 18:16:24 +01:00
Jannis Mattheis
5c5965f2fd Log web socket errors 2019-03-07 18:29:46 +01:00
饺子w
2fa395cb84 Prevent removing last admin (#130) 2019-02-26 18:46:42 +01:00
饺子w
ec5b1f8c30 Support reverse proxy with path rewrite (#127) 2019-02-13 18:47:48 +01:00
Jannis Mattheis
a1204a57f8 Fix id in plugins 2019-02-09 13:26:02 +01:00
eternal-flame-AD
e5b24f4c92 Add plugin feature 
Fixed database migration
Added a plugin system based on the go plugin package
 2019-02-09 12:52:01 +01:00
eternal-flame-AD
de09aae987 add extras to message model 2019-02-02 13:06:30 +01:00
Jannis Mattheis
68b160997d Format all go files 2019-01-01 23:34:42 +01:00
Eugene Gavrilov
b5b2f19dc2 [#23] Fix check same origin function 2018-12-12 21:30:59 +01:00
Jannis Mattheis
ec2c3da9d4 Add summary for updateApp and uploadImg api 2018-11-24 11:31:32 +01:00
Jannis Mattheis
76ca344b77 Make security more compact 2018-11-24 11:31:32 +01:00
Jannis Mattheis
9e7859c36c Add missing bad request / not found definitions 2018-11-24 11:31:32 +01:00
Jannis Mattheis
dfb71dabbc Make produce/consumes more compact 2018-11-24 11:31:32 +01:00
Jannis Mattheis
c841e1cd24 Move swagger comments to api 2018-11-24 11:31:32 +01:00
Eugene Gavrilov
4a6863eda2 [#69] add end-point for update application name and description 2018-11-23 21:39:07 +01:00
Jannis Mattheis
ee723918f9 Add once test 2018-11-22 20:59:29 +01:00
Jannis Mattheis
79e1dc9c9a Prevent deadlock on stream.Close() 
GR = goroutine
[GR#1] http server gets closed
[GR#2] client.NotifyClose() will be executed
[GR#2] client.once.Do will be executed (lock's client.once.m)
[GR#1] stream.Close will be executed (lock's stream.lock)
[GR#1] client.Close will be executed (waits for client.once.m)
[GR#2] stream.remove will be executed (waits for stream.lock)

GR#1 holds lock stream.lock and waits for client.once.m
GR#2 holds lock client.once.m and waits for stream.lock

We prevent the deadlock with releasing the client.once.m lock earlier.
 2018-11-22 20:59:29 +01:00
Jannis Mattheis
a992bc1506 Prevent possible race condition on SetPingHandler 
conn.ReadMessage and conn.SetPingHandler are executed
in different goroutines.
 2018-11-22 20:59:29 +01:00
Eugene Gavrilov
0ca18b817c [#71] Make title in message not necessary field 2018-11-14 20:05:24 +01:00
Jannis Mattheis
80eec6ae3a Remove monkey dependency 2018-11-06 21:38:15 +01:00
Jannis Mattheis
39a3d46607 [#34] Adjust message api to be paged 2018-04-13 18:56:11 +02:00
Jannis Mattheis
1262f43846 Close web socket connection on delete user 2018-04-02 12:35:16 +02:00