Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added back SRI check for javascript files #2

Open
wants to merge 20 commits into
base: main
Choose a base branch
from
Open

Added back SRI check for javascript files #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
2c65dc9
added more SRI hashes to support sha384, sha256 and sha512
swagliquido Jul 30, 2024
13eb23f
Merge branch 'main'
swagliquido Jul 30, 2024
c3807b0
add back languageswitcher
swagliquido Jul 30, 2024
f5c19df
remove inline language switcher from html pages
swagliquido Jul 30, 2024
49760f8
Implemented content security policy
swagliquido Jul 30, 2024
9e3deb9
refined CSP header and added more security headers
swagliquido Jul 31, 2024
73cedb4
refined CSP header and added more security headers
swagliquido Jul 31, 2024
f237245
work on tor browser
swagliquido Jul 31, 2024
a91d178
automatically enable https for docker container
swagliquido Jul 31, 2024
f947375
automatically enable https for docker container
swagliquido Jul 31, 2024
bbb7abb
remove unused certs
swagliquido Jul 31, 2024
b7efe51
Merge branch 'umutcamliyurt:main' into main
swagliquido Jul 31, 2024
9352b6f
fix csp for some browsers like tor and defer scripts execution
swagliquido Aug 1, 2024
475c644
fix csp for some browsers like tor and defer scripts execution
swagliquido Aug 1, 2024
fb1fdc8
Merge branch 'main' of https://github.com/swagliquido/Anon-File-Upload
swagliquido Aug 1, 2024
103c9cc
fix csp for tor browser
swagliquido Aug 1, 2024
24db056
update readme to support https in quickstart
swagliquido Aug 1, 2024
37e1f02
code cleaning and better re-utilization
swagliquido Aug 1, 2024
3a18e36
better upload error handling and display
swagliquido Aug 1, 2024
768c026
reset the download-link card href on each upload
swagliquido Aug 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,9 @@ Anonymous file upload offers several key benefits. Primarily, it ensures user pr
git clone https://github.com/umutcamliyurt/Anon-File-Upload
cd Anon-File-Upload/
docker build -t anon_file_upload .
docker run -d -p 80:80 -v .:/var/www/html --name anon_file_upload anon_file_upload
docker run -d -p 443:443 -v .:/var/www/html --name anon_file_upload anon_file_upload
```
- Open [http://localhost/](http://localhost/)
- Open [https://localhost/](https://localhost/)

## Technical details:

Expand Down
10 changes: 10 additions & 0 deletions dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,19 @@
# Use the official PHP image with Apache
FROM php:8.3-apache

# Necessary to set headers using php such as the CSP header
RUN a2enmod headers

# Copy your PHP files to the container
COPY . /var/www/html/

# create certificates and enable https
RUN set -eux; \
apt-get update; \
apt-get install ssl-cert; \
a2enmod ssl; \
a2ensite default-ssl

# Change working directory to the document root
WORKDIR /var/www/html

Expand Down
96 changes: 0 additions & 96 deletions download.html
View file
Open in desktop

This file was deleted.

44 changes: 44 additions & 0 deletions downloader.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
<?php
require 'set_headers.php';

$jsFilePaths = [
'./js/download.js',
'./mdui/mdui.global.js'
];

$cssFilePaths = [
'./styles/download.css',
'./mdui/mdui.css',
'./mdui/material-icons.css'
];

$elements = setSecurityHeadersAndGenerateElements($jsFilePaths, $cssFilePaths);
?>

<!DOCTYPE html>
<html lang="en">

<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Download and Decrypt File</title>
<?php insertElementsIntoHead($elements); ?>
</head>

<body>
<div class="container">
<h2><img src="logo.svg" alt="Logo">Download and Decrypt File</h2>
<mdui-card variant="filled" id="message" class="message">Decrypting file...</mdui-card>

<div class="footer-links">
<mdui-button href="mailto:[email protected]" variant="outlined">Report Abuse</mdui-button>
<mdui-button href="https://github.com/umutcamliyurt/Anon-File-Upload" target="_blank"
variant="outlined">Source Code</mdui-button>
<mdui-button href="/privacy-policy.php" variant="outlined">Privacy Policy</mdui-button>
<mdui-button href="/terms-of-use.php" variant="outlined">Terms of Use</mdui-button>
</div>
</div>

</body>

</html>
183 changes: 0 additions & 183 deletions index.html
View file
Open in desktop

This file was deleted.

Loading