groove/audiobookshelf
1
0
Fork 0
mirror of https://github.com/advplyr/audiobookshelf.git synced 2025-12-20 02:39:38 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
6254 commits 83 branches 156 tags 81 MiB
Commit graph

291 commits

Author SHA1 Message Date
Paul Bütof
2b4dfd419f
Handle redirect loops and maximum redirect limits 
The implementation of the experimental DNS resolution was vulnerable to infinite redirect loops.
This change enforces the maximum number of redirects per web request and detects redirect loops early by tracking visited URLs in a chain of redirects.
 2025-12-02 21:59:36 +01:00
Paul Bütof
bcfcc74531
Use experimental DNS resolution on redirects 
This change disables axios' built-in redirect handling and instead handles redirects manually. This ensures that the experimental DNS resolution works on redirects too, and not just on the initial request.
 2025-12-02 18:38:05 +01:00
Paul Bütof
2985f279c6
Implement experimental DNS pre-resolution 
Add custom axios interceptor to resolve DNS manually before requests.
This avoids problems with axios' built-in DNS resolution in cases of
partial resolution failures.
 2025-12-02 18:16:26 +01:00
advplyr
03da194953 Update for nextjs client, pass all remaining requests through to nextjs
Some checks failed
CodeQL / Analyze (push) Has been cancelled
Details
Build and Push Docker Image / build (push) Has been cancelled
Details
Integration Test / build and test (push) Has been cancelled
Details
Run Unit Tests / Run Unit Tests (push) Has been cancelled
Details
2025-09-28 09:41:15 -05:00
advplyr
138bb563b8 Update ipv6 server listening log 2025-08-20 17:42:22 -05:00
renesat
553ffd1934
Fix listening url log with ipv6 host 2025-08-16 18:24:31 +02:00
advplyr
99a3867ce9 Update callback url check 
Co-authored-by: Denis Arnst <git@sapd.eu>
 2025-08-10 17:08:25 -05:00
Vito0912
6a52d2a968
CORS 2025-08-03 13:52:58 +02:00
advplyr
6c63e2131c Update AllowCors to apply to every request #4497
Some checks are pending
CodeQL / Analyze (push) Waiting to run
Details
Build and Push Docker Image / build (push) Waiting to run
Details
Integration Test / build and test (push) Waiting to run
Details
Run Unit Tests / Run Unit Tests (push) Waiting to run
Details
2025-07-15 16:28:41 -05:00
advplyr
8775e55762 Update jwt secret handling
Some checks are pending
Run Component Tests / Run Component Tests (push) Waiting to run
Details
Integration Test / build and test (push) Waiting to run
Details
Run Unit Tests / Run Unit Tests (push) Waiting to run
Details
2025-07-08 16:39:50 -05:00
advplyr
4ff7355262 Fix hashPassword 2025-07-08 09:14:07 -05:00
advplyr
8dbe1e4e5d Fix express.json position
Some checks are pending
Integration Test / build and test (push) Waiting to run
Details
Run Unit Tests / Run Unit Tests (push) Waiting to run
Details
2025-07-04 16:49:45 -05:00
advplyr
f127a7beb5 Update router for internal-api routes
Some checks are pending
Integration Test / build and test (push) Waiting to run
Details
Run Unit Tests / Run Unit Tests (push) Waiting to run
Details
2025-07-03 17:31:38 -05:00
advplyr
a992400d6a Add ENV REACT_CLIENT_PATH to target a Nextjs frontend instead of Nuxt 2025-06-23 16:56:08 -05:00
advplyr
8e01859075 Cast PODCAST_DOWNLOAD_TIMEOUT and MAX_FAILED_EPISODE_CHECKS env vars to numbers 2025-06-05 14:31:12 -05:00
Vito0912
84c9c6cb50
move to global 2025-06-05 14:07:35 +02:00
advplyr
cae874ef05 Update max allowed json request size #4250 2025-05-20 17:44:13 -05:00
advplyr
241b56ad45
Merge pull request #4166 from balki/patch-1 
Support listening on unix socket
 2025-05-16 16:19:47 -05:00
advplyr
635c384952 Handle undefined Host and make chmod async 2025-05-16 16:14:13 -05:00
advplyr
1f7b181b7b Update HLS stream endpoints to not include user token 2025-05-06 17:28:19 -05:00
Balki
13fac2d5bc Support http server listening on unix socket 2025-03-25 19:36:19 -04:00
sbyrx
e64302f1d4
Merge branch 'advplyr:master' into master 2025-01-04 20:15:59 -05:00
sbyrx
0d8d0a650b Adds a configuration for podcast feed and episode download timeout 2025-01-01 19:41:19 +00:00
advplyr
f3918a47e1 Auto formatting 2025-01-01 12:48:58 -06:00
maxlajoie99
d7830f4bfc Experimental proxy support by manually following redirects 2024-12-27 20:26:55 -05:00
advplyr
331c7c011c Support SSRF_REQUEST_FILTER_WHITELIST as a comma separated string of hostnames to pass through the ssrf request filter #3742 2024-12-23 17:18:08 -06:00
advplyr
4c68ad46f4 Refactor RssFeedManager to use new model when closing feeds, fix close series feed when series is removed, update RssFeedManager to singleton 2024-12-15 12:37:01 -06:00
advplyr
57906540fe Add:Server setting to allow iframe & update UI to differentiate web client settings #3684 2024-12-08 08:57:45 -06:00
mikiher
a8ab8badd5 always set req.originalHostPrefix 2024-12-08 09:23:39 +02:00
mikiher
9b8e059efe Remove serverAddress from Feeds and FeedEpisodes URLs 2024-12-07 19:27:37 +02:00
advplyr
3b4a5b8785 Support ALLOW_IFRAME env variable to not include frame-ancestors header #3684 2024-12-06 17:17:32 -06:00
mikiher
843dd0b1b2 Keep original socket.io server for non-subdir clients 2024-11-29 04:13:00 +02:00
advplyr
f9aaeb3a34 Update:Set Content-Security-Policy header to disallow iframes 2024-11-23 11:17:13 -06:00
advplyr
850ed48955 Fix:Podcast episodes duplicated when a scan runs while the episode is downloading #2785 2024-11-07 17:26:51 -06:00
advplyr
a5ebd89817 Update FolderWatcher to singleton 2024-11-07 16:32:05 -06:00
mikiher
4224b8a486 No auth and req.user for cover images 2024-11-02 15:17:11 +02:00
mikiher
cbca560f92 server.js: add base path to all non-base-path requests 2024-10-15 06:40:14 +03:00
advplyr
7cd8d7f44d Update NotificationManager to singleton 2024-09-27 17:33:23 -05:00
mikiher
d796849d74 Small change to logging of unhandled rejections 2024-09-18 18:44:16 +03:00
advplyr
1326d29fad
Merge pull request #3332 from itzexor/memorystore-2 
memorystore: simplify, refactor, re-enable
 2024-08-27 16:56:07 -05:00
advplyr
38edcdca4b Updates to use new Library model 2024-08-23 16:59:51 -05:00
James Ross
ec197b2e13 memorystore: simplify, refactor, re-enable 
Removes a lot of unused (in ABS) functionality, refactors to ES6
style class, and re-enables this custom implementation with check
period and ttl of 1 day, and 1000 max entries.

The class now only implments the required (as per express-session docs)
methods and removes optional methods, except touch() which allows the
TTL of an entry to be refreshed without affecting its LRU recency.

There is no longer a way to stop the prune timer, but I don't belive
the function was ever being called beforehand. The session store's
lifetime is the same as the application's, and since it is unref()'d
should not cause any shutdown issues.
 2024-08-22 03:55:51 +00:00
Nicholas W
27b3a44147
Add: Backup notification (#3225) 
* Formatting updates

* Add: backup completion notification

* Fix: comment for backup

* Add: backup size units to notification

* Add: failed backup notification

* Add: calls to failed backup notification

* Update: notification OpenAPI spec

* Update notifications to first check if any are active for an event, update JS docs

---------

Co-authored-by: advplyr <advplyr@protonmail.com>
 2024-08-18 14:32:05 -05:00
advplyr
2472b86284 Update:Express middleware sets req.user to new data model, openid permissions functions moved to new data model 2024-08-11 16:07:29 -05:00
advplyr
202ceb02b5 Update:Auth to use new user model 
- Express requests include userNew to start migrating API controllers to new user model
 2024-08-10 15:46:04 -05:00
advplyr
59370cae81 Update:Docker source skip binary manager check #3266 2024-08-10 12:37:41 -05:00
advplyr
7e442ecb3d Revert MemoryStore used in expressSession 2024-08-08 16:54:48 -05:00
advplyr
8ff7b6b6e6 Add server log for process.platform and process.arch #3231 2024-08-04 17:08:55 -05:00
advplyr
4d3b3d1740 Update:Replace default express-session MemoryStore with stable MemoryStore #2538 2024-08-04 12:00:10 -05:00
advplyr
164b4525c4 Replace function for cleaning up user seriesHideFromContinueListening to not use old model 2024-08-03 15:08:03 -05:00