Commits · 58578d90202a746199288d92313e9b8171c31389 · I2P Developers / i2p.i2p

Jul 26, 2014

Console: · 58578d90

zzz authored 10 years ago

XSSFilter patch from str4d:
XSSFilter and XSSRequestWrapper were from http://ricardozuasti.com/2012/stronger-anti-cross-site-scripting-xss-filter-for-java-web-apps/
No provided license, but it is clearly intended for public consumption.
But most of it is boilerplate provided by the Servlet Filter system.
In fact, now that I have stripped out his JS-specific patterns and replaced it with the whitelist,
it is effectively identical to what I would have written from scratch.

58578d90

* Console: · af575d6c

zzz authored 10 years ago

  - Fix several XSS issues (thx Aaron Portnoy of Exodus Intel)
  - Add Content-Security-Policy and X-XSS-Protection headers
  - Disable changing news feed URL from UI
  - Disable plugin install from UI
  - Disable setting unsigned update URL from UI
  - Disable /configadvanced
* DataHelper: Disallow \r in storeProps() (thx joernchen of Phenoelit)
* ExecNamingService: Disable (thx joernchen of Phenoelit)
* Startup: Add susimail.config to migrated files

af575d6c

Updated Eclipse settings · e9c8748c
str4d authored 10 years ago

e9c8748c

Jul 23, 2014
- translation updates from Transifex · 08409d01
  kytv authored 10 years ago
  
  08409d01
- geoip database updates · 42bfbfc6
  kytv authored 10 years ago
  
  42bfbfc6
- fix poupdate target · c7c087d9
  kytv authored 10 years ago
  
  c7c087d9
Jul 22, 2014
- Added new reseed host, thanks to Backup. · bd45d548
  meeh authored 10 years ago
  
  Notes: Only HTTPS and SU3 (v2) support.
  bd45d548
Jul 21, 2014
- better logging of reseed su3 errors · ce4874d8
  zzz authored 10 years ago
  
  ce4874d8
- Adding Matt's SU3 reseed key. · 9b408b67
  meeh authored 10 years ago
  
  9b408b67
- readme_fr.html thx hummingbird · c3bf1000
  zzz authored 10 years ago
  
  c3bf1000
- increment error count on exception · b282ccd8
  zzz authored 10 years ago
  
  b282ccd8
- Adding sindu's reseed key. ( i2p-netdb.innovatio.no ) · f38b7418
  meeh authored 10 years ago
  
  f38b7418
Jul 19, 2014
- Don't grab the ClientApp if we don't need to · 3a899d52
  str4d authored 10 years ago
  
  3a899d52
- * SusiMail: Better error message on decode fail · a2567b0e
  zzz authored 10 years ago
  
  http://forum.i2p/viewtopic.php?t=11469
  a2567b0e
- * SAM: Add support for RAW on the bridge socket in v3 (ticket #1334) · 4b0019c7
  zzz authored 10 years ago
  
  log fixes
  4b0019c7
- * i2psnark: Don't prefer leeches during end game, to · 5d217384
  zzz authored 10 years ago
  
  prevent slowdowns or stalls
  5d217384
- javadoc · df81006b
  zzz authored 10 years ago
  
  df81006b
- Streaming; Disable fail-fast for now. It's failing on leaseset lookup · 2c7006e9
  zzz authored 10 years ago
  
  far too often. Need to fix that first.
  2c7006e9
Jul 15, 2014
- fix URL in initialNews: It's i2p-projekt not i2p-project · b1caa8d5
  kytv authored 10 years ago
  
  (thanks to SeekingFor for the heads-up)
  b1caa8d5
- - fix test · 8b2ffada
  zzz authored 10 years ago
  
  - final - last week's history
  8b2ffada
- Updated history · 0998738e
  str4d authored 10 years ago
  
  0998738e
- Forgot to update @since · c04062bb
  str4d authored 10 years ago
  
  c04062bb
- Stubs for I2CP connections over Unix domain sockets · 0c7a3a3a
  str4d authored 10 years ago
  
  0c7a3a3a
Jul 14, 2014
- mtn.i2p-projekt.i2p · f364a83f
  zzz authored 10 years ago
  
  f364a83f
Jul 13, 2014

* SU3File: Disable the X.509 CN checking of local certs on Android, · 9dabc758

zzz authored 10 years ago

   as the javax.naming classes are not available.
   Any issues with local certs will be discovered in non-Android testing.

9dabc758

Jul 11, 2014

* Datagrams: · 2c185ea7

zzz authored 10 years ago

  - Redefine the repliable datagram signature for non-DSA_SHA1 sig types;
    was the sig of the SHA-256 of the payload, now the sig of the payload itself.
    This is an incompatible change but nobody is yet using the new
    sig types for datagram applications.
  - Don't pollute the hash cache with hashes of payloads
  - Check for too-big datagrams
  - Remove assertion check
  - Cleanups

2c185ea7

javadoc · 39e859c3
zzz authored 10 years ago

39e859c3

Jul 09, 2014

signing key type check · dfbe3c4e
zzz authored 10 years ago

dfbe3c4e
add reseed cert · b8170a54
zzz authored 10 years ago

b8170a54
Removing certificate + added it to delete list · 4e7f92ec
meeh authored 10 years ago

4e7f92ec

Thanks for the past support in reseeding pkol! · 29268326

meeh authored 10 years ago

Removing reseed host after request.

From: pkol <pkol@mail.i2p>
To: Meeh <meeh@mail.i2p>
Subject: Reseed server shutdown
X-Mailer: smtp.postman.i2p - Official I2P Mailer

Hi meeh,

I wanted to announce the discontinuation of my reseed server
(reseed.pkol.de) at the end of July/beginning of August.

Thanks for your support during the initial setup.

Cheers
pkol

29268326

Jul 05, 2014
- BFNS: Trim whitespace from hosts.txt when importing · dc14abd4
  zzz authored 10 years ago
  
  DataStructureImpl: Throw unique exception on bad base 64
  dc14abd4
- hosts.txt: Remove trailing whitespace causing test failure · dd782f08
  zzz authored 10 years ago
  
  dd782f08
- * Reseed: Check su3 version as date code · d57dc9a8
  zzz authored 10 years ago
  
  d57dc9a8
- * Reseed: Send If-Modified-Since in fetches · 4e463d57
  zzz authored 10 years ago
  
  * EepGet: Fixes for adding etag or lastmod headers before fetch
  4e463d57
- Avoid publishing null IP when using forced address config · e0c0cc8b
  zzz authored 10 years ago
  
  e0c0cc8b
- log warning on very low MTU · cc50d473
  zzz authored 10 years ago
  
  cc50d473
- * Reseed: · 4da7548c
  zzz authored 10 years ago
  
  - Fix URLs without trailing / - Cleanups of su3 code
  4da7548c
- public constructors for SKM · 91a676cb
  zzz authored 10 years ago
  
  91a676cb
- spacing · 48a32fb3
  zzz authored 10 years ago
  
  48a32fb3