Commit Graph

2167 Commits

Author SHA1 Message Date
Allan Nordhøy
75fc7db50d Update Romanian translation 2020-04-20 16:12:05 -05:00
Sylke Vicious
96da04576e Update Italian translation 2020-04-20 16:12:05 -05:00
bongo bongo
001ec3663e Add Serbian (cyrillic) translation 2020-04-20 16:12:02 -05:00
Tamas Cservenak
21a00b77bd Add Hungarian translation (#1111) 2020-04-20 16:05:28 -05:00
Omar Roth
408f3852ec Hide playlist widget when user has no playlists 2020-04-15 16:30:02 -05:00
Omar Roth
61150c74d2 Move privacy type into playlists.sql 2020-04-14 18:09:48 -05:00
Omar Roth
7bb7003c9d Fix authorThumbnails in /api/v1/channels 2020-04-10 11:49:51 -05:00
Omar Roth
920463f2ff Fix playlist_ajax 2020-04-10 11:49:18 -05:00
Omar Roth
ca1185d0be Fix warnings in latest version of Crystal 2020-04-09 12:18:09 -05:00
Omar Roth
be655ee328 Bump dependencies 2020-04-09 11:14:21 -05:00
Omar Roth
02d4186b11 Fix player matching 2020-04-09 10:55:50 -05:00
Omar Roth
3f97bebd69 Support adding video to playlist from watch page 2020-04-09 10:55:32 -05:00
Omar Roth
2e378da922 Add support for Swedish locale 2020-04-04 15:57:29 -05:00
Omar Roth
b37f51bd7f Fix /c/ redirect 2020-04-04 15:31:24 -05:00
Olle Jonsson
eb8b0f72cc Add Swedish translation (#1078)
Co-authored-by: Daniel Lublin <daniel@lublin.se>
2020-04-02 16:26:54 -05:00
Olle Jonsson
d8fe9a4d29 nb-NO: Translate "subscription" correctly (#1089)
Co-authored-by: Oskar Gewalli <gewalli@gmail.com>
2020-04-02 16:16:27 -05:00
Omar Roth
c97cdf551e Refactor extract_plid 2020-03-30 14:27:07 -05:00
Omar Roth
80fc60b5e2 Add spec for extract_plid 2020-03-30 14:23:51 -05:00
Omar Roth
3b2e142542 Fix JSON serialization 2020-03-29 18:04:44 -04:00
Omar Roth
0e58d99f4e Fix player mouseover events 2020-03-27 09:47:46 -05:00
Omar Roth
92798abb5d Add manifest-src to CSP 2020-03-19 13:41:08 -05:00
Omar Roth
bd7950b757 Add toggle_parent to dynamic handlers 2020-03-15 18:52:49 -04:00
Omar Roth
59a15ceef6 Remove VarInt class 2020-03-15 17:47:16 -04:00
Omar Roth
4011a113cc Strip invalid characters from referer URLs 2020-03-15 17:47:16 -04:00
leonklingele
70cbe91776 Migrate to a good Content Security Policy (#1023)
So attacks such as XSS (see [0]) will no longer be of an issue.

[0]: https://github.com/omarroth/invidious/issues/1022
2020-03-15 16:46:08 -05:00
Omar Roth
f92027c44b Escape 'sort_by' 2020-03-10 11:25:32 -04:00
Omar Roth
1443335315 Switch textcaptcha to HTTPS 2020-03-10 11:12:11 -04:00
Omar Roth
6ff2229a09 Bump dependencies 2020-03-06 13:59:42 -05:00
Omar Roth
bb72672dd9 Replace static asset requests with QUIC 2020-03-06 13:53:35 -05:00
Omar Roth
d96dee3aa6 Add debug info to videoplayback 2020-03-06 13:50:00 -05:00
Omar Roth
bd0aaa343b Prevent storyboards from hanging 2020-03-05 13:49:06 -05:00
Omar Roth
3126e1ac94 docker: allow to configure Invidious by env var (#1030)
Invidious gained support to read its configuration from an env var
instead of config file in e3c10d779d.

Unfortunately, Docker doesn't allow newline characters in env var
values (see [0]) which means we can only provide a proper YAML config
by using the inlined configuration in docker-compose.yml which,
unfortunately, is tracked by Git. Once support for multiline env var
values has been added to Docker, we should migrate and read the config
from a .env file instead (which is not tracked by Git).

[0]: https://github.com/docker/compose/issues/3527
2020-03-04 12:33:13 -06:00
Omar Roth
a117d87f33 Skip validation checks for videoplayback, ggpht 2020-03-04 13:06:17 -05:00
Omar Roth
9dc4f8a1aa Escape item titles in search page 2020-03-04 13:03:14 -05:00
leonklingele
0d536d11e3 Verify token signature in constant time, Run cheap checks first in token validation process (#1032)
* Verify token signature in constant time

To prevent timing side channel attacks

* Run cheap checks first in token validation process

Expensive checks such as the nonce lookup on the database or the
signature check can be run after cheap/fast checks.
2020-03-02 10:04:36 -06:00
B͈̤̖̪̪̱ͅl̯̯̮̼͎̬͚̳̩̖̲u̜̼͉͈̠b͙̬̘̙̱̗̲͙b͍̞̬̬͓̼l̰̪͖̯̼̟̟͈̖͕̜̱̜ͅl̻̗͔̝̭̰͚͇̯̥
72a4962fd0 add lapisTube (#1027) 2020-03-02 09:35:28 -06:00
Kyle Copperfield
a3045a3953 Use a MediaQueryListener to toggle on demand. Tested on OSX. (#925)
Closes #867.
2020-03-02 09:33:47 -06:00
Tommy Miland
c620a22017 Add logfile to logrotate (#892) 2020-03-02 09:19:07 -06:00
Leon Klingele
e3593fe197 js: add support to detect media keys in keydown handler
See [0] for all the relevant codes.

[0]: https://developer.mozilla.org/en-US/docs/Web/API/KeyboardEvent/key/Key_Values#Multimedia_keys

Fixes a regression introduced in e6b4e12689.
Fixes https://github.com/omarroth/invidious/issues/712.
2020-03-01 17:43:19 +01:00
Omar Roth
856ec03cc7 Revert "Add HOST_AUTH_METHOD=trust to docker compose (see docker-library/postgres#681)"
This reverts commit ef70668a77.
2020-03-01 11:07:37 -05:00
leonklingele
c80c5631f0 docker: do not require password for PostgreSQL superuser, docker,kubernetes: create "privacy" type before using it, travis: do not run "docker-compose up" in detached mode (#1042)
* docker: do not require password for PostgreSQL superuser

A password is now required by the postgres Docker image which makes
initial setup (and our CI build) fail with the following error:

    postgres_1   | Error: Database is uninitialized and superuser password is not specified.
    postgres_1   |        You must specify POSTGRES_PASSWORD for the superuser. Use
    postgres_1   |        "-e POSTGRES_PASSWORD=password" to set it in "docker run".
    postgres_1   |
    postgres_1   |        You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections
    postgres_1   |        without a password. This is *not* recommended. See PostgreSQL
    postgres_1   |        documentation about "trust":
    postgres_1   |        https://www.postgresql.org/docs/current/auth-trust.html

See https://github.com/docker-library/postgres/issues/681.

* docker,kubernetes: create PostgreSQL "privacy" type before using it

Fixes the following error when setting up the database:

    postgres_1   | 2020-02-21 01:01:22.371 UTC [172] ERROR:  type "privacy" does not exist at character 200
    postgres_1   | 2020-02-21 01:01:22.371 UTC [172] STATEMENT:  CREATE TABLE public.playlists
    postgres_1   | 	(
    postgres_1   | 	    title text,
    postgres_1   | 	    id text primary key,
    postgres_1   | 	    author text,
    postgres_1   | 	    description text,
    postgres_1   | 	    video_count integer,
    postgres_1   | 	    created timestamptz,
    postgres_1   | 	    updated timestamptz,
    postgres_1   | 	    privacy privacy,
    postgres_1   | 	    index int8[]
    postgres_1   | 	);
    postgres_1   | ERROR:  type "privacy" does not exist
    postgres_1   | LINE 10:     privacy privacy,

* travis: do not run "docker-compose up" in detached mode

Rather, allow database to finish its setup procedure and grant
Invidious time to launch.
2020-03-01 10:06:45 -06:00
Omar Roth
ef70668a77 Add HOST_AUTH_METHOD=trust to docker compose (see docker-library/postgres#681) 2020-03-01 10:51:17 -05:00
Karol Kosek
ebd4691462 Update Polish translation 2020-03-01 16:31:32 +01:00
Tymofij Lytvynenko
28554235be Update Ukrainian translation 2020-03-01 16:31:32 +01:00
Deleted User
efbbb6fd20 Update German translation 2020-03-01 16:31:32 +01:00
Omar Roth
9de57021a3 Update postgres setup 2020-03-01 10:30:55 -05:00
Omar Roth
e21f770485 Fix status check for channel page 2020-02-28 15:57:45 -05:00
Omar Roth
697c00dccf Sanitize PLID 2020-02-28 14:10:01 -05:00
Omar Roth
1caf6a3298 Fix deadlock when updating notifications 2020-02-28 13:13:48 -05:00
Omar Roth
02fd02d482 Remove DB array concatenation 2020-02-28 12:14:29 -05:00