PrivateCoffee/alltube
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1602 commits 1 branch 0 tags 4.5 MiB
Commit graph

316 commits

Author SHA1 Message Date
Kumi
2b40b1b786
fix: improve stability and type-safety in FrontController 
- Added assertion to ensure 'view' is an instance of Smarty to avoid potential type errors.
- Included plugin registration for 'filter_var' modifier to enhance view capabilities.
- Added a check for successful file_get_contents call to prevent potential errors when fetching thumbnails.
- Incorporated type assertion for 'projectDir' to enhance type safety and eliminate potential runtime errors.
 2024-09-20 13:52:12 +02:00
Kumi
0bd0f8f156
feat(download): add remux option for best audio quality 
Introduced a 'remux' option in the download functionality, enabling users to remux videos with the best available audio when selected. This enhances the audio quality of downloaded videos when the option is checked in the UI. Added corresponding checkbox in the template for user selection.
 2024-07-22 11:25:18 +02:00
Kumi
98a7e42c15
fix(csp): refine img-src policy to improve security 
Switched 'img-src' directive to only allow 'self', and removed the wildcard '*' and 'data:' source settings. This adjustment enhances security by restricting image sources to the same origin, preventing potential exploitation from arbitrary or data URLs.
 2024-07-21 11:44:19 +02:00
Kumi
ac44c0e6cc
feat: embed base64 thumbnails in video objects 
Embedded video thumbnails as base64 data URIs to enhance performance and ensure portability. Updated CSP to allow 'data:' sources for images, preventing CSP violations when rendering base64 images.

Addresses issues with missing thumbnails and enhances security settings.
 2024-07-21 09:47:21 +02:00
Pierre Rudloff
3e45f19682
Switch to yt-dlp (fixes #432) 
youtube-dl has no new release since 2021
 2023-03-30 21:41:08 +02:00
Pierre Rudloff
9564764633
ucfirst Smarty modifier is deprecated 
See https://github.com/smarty-php/smarty/issues/813
 2023-03-21 20:25:47 +01:00
Pierre Rudloff
71647158d3
Stronger typying now that we target PHP 7.4 2023-03-21 20:20:14 +01:00
Pierre Rudloff
7bfe55fff6
"git describe" needs to be non-interactive so we can get its output 2023-03-11 14:37:28 +01:00
Pierre Rudloff
f475fa2a47
Lint 2023-03-03 00:18:00 +01:00
Pierre Rudloff
1031ad152d Remove every reference to alltubedownload.net (#422) 2022-10-16 15:22:47 +02:00
Pierre Rudloff
e53393d670 Force port for canonical URL (#410) 2022-06-01 21:57:46 +02:00
Pierre Rudloff
e81b8c75a8 Add void return types 2022-05-28 23:44:34 +02:00
Pierre Rudloff
113b3d5e50 Some videos have no format 2022-03-06 22:55:33 +01:00
Pierre Rudloff
edaf6f82c0 fixup! LinkHeaderMiddleware should use the same URL as ViewFactory This way the X-Forwarded-Path header is used to generate the Link header 2022-02-27 23:47:19 +01:00
Pierre Rudloff
363bf9b08c fixup! Prevent SSRF requests By validating the provided URL before passing it to youtube-dl 2022-02-27 23:36:51 +01:00
Pierre Rudloff
732baccd63 Make the watch route generate a full YouTube URL (fixes #402) 2022-02-27 23:32:08 +01:00
Pierre Rudloff
7f28275fb0 Merge tag '3.0.2' into develop 
Fixed a SSRF vulnerability that could be used to send a request to an internal hostname
 2022-02-27 12:34:23 +01:00
Pierre Rudloff
3a4f09dda0 Prevent SSRF requests 
By validating the provided URL before passing it to youtube-dl
 2022-02-27 11:00:33 +01:00
Pierre Rudloff
bf4a761d3a Make UglyRouter compatible with routes with parameters (#399) 2022-02-23 21:30:58 +01:00
Pierre Rudloff
64ac180a53 Merge branch 'master' into develop 2022-02-20 14:07:21 +01:00
Pierre Rudloff
2afbfb4bf2 fixup! Don't redirect to REQUEST_URI when browsing to index.php Instead, we can make sure everything works correctly on index.php 2022-02-20 14:06:59 +01:00
Pierre Rudloff
9410d4b49b LinkHeaderMiddleware should use the same URL as ViewFactory 
This way the X-Forwarded-Path header is used to generate the Link header
 2022-02-20 13:55:44 +01:00
Pierre Rudloff
bfaea0e381 Merge tag '3.0.1' into develop 
Fixed an open redirect vulnerability that could be used to construct an URL redirecting to an arbitraty domain
 2022-02-20 13:34:53 +01:00
Pierre Rudloff
bc14b6e45c Don't redirect to REQUEST_URI when browsing to index.php 
Instead, we can make sure everything works correctly on index.php
 2022-02-20 13:28:57 +01:00
Pierre Rudloff
27439c7e14 Simplify overly complicated format selection template 2022-02-06 20:46:38 +01:00
Pierre Rudloff
b8c88aecf5 Improve typing 2022-02-03 20:52:18 +01:00
Pierre Rudloff
d46563f994 Simplify code 2022-02-03 20:21:04 +01:00
Pierre Rudloff
781b5c8bc2 phpcs does not like full namespaces 2022-02-03 20:03:55 +01:00
Pierre Rudloff
ffd9275500 Correct way to use interface constant 2022-02-03 20:01:56 +01:00
Pierre Rudloff
6fef87f58b Use HTML dumper for Smarty collector 2022-01-27 00:15:05 +01:00
Pierre Rudloff
5ed15afe1f Use constant for HTTP response code 2022-01-26 23:58:25 +01:00
Pierre Rudloff
d744ee557e Build Link header from an array 2021-10-19 23:14:38 +02:00
Pierre Rudloff
5d40523cf4 Don't hardcode class name 2021-10-18 13:16:28 +02:00
Pierre Rudloff
1e17dff21e Use the new root_path service to make some code more portable 2021-02-09 22:35:32 +01:00
Pierre Rudloff
f2be3a7e5b Use relative paths on debug error page 2021-02-09 22:31:41 +01:00
Pierre Rudloff
36ba147430 phpstan update 2021-02-07 12:42:03 +01:00
Pierre Rudloff
50fe879f16 Add route info to debug bar 2021-02-07 12:24:16 +01:00
Pierre Rudloff
9af922f3f1 Add Smarty collector to debug bar 2021-02-07 00:03:37 +01:00
Pierre Rudloff
bba5090ec3 We can't be sure of the class of the logger 2021-02-06 18:22:19 +01:00
Pierre Rudloff
5c0ed594f3 Debug bar 2021-02-06 15:35:09 +01:00
Pierre Rudloff
05311ac7b6 Add return types 2020-12-17 22:49:21 +01:00
Éric Gaspar
a5bda1d35e
Fix small typos (#333) 
* Fix small typos

- *Fix cap on YouTube, AllTube...*

* Fix YouTube cap
 2020-12-05 15:00:46 +01:00
Pierre Rudloff
f184bda59b Make sure locale is always set, even on first request 2020-11-21 14:20:01 +01:00
Pierre Rudloff
2d1d69a1f1 Refactor some Robo code 2020-11-16 20:45:49 +01:00
Pierre Rudloff
c0b2acf33e Don't restrict forms in CSP (#327) 2020-11-04 23:03:39 +01:00
Pierre Rudloff
7ad0040f60 Move container creation to a new App class 2020-10-22 23:11:29 +02:00
Pierre Rudloff
3d2b518cb4 Create a test container that we can use in any test 2020-10-22 22:48:47 +02:00
Pierre Rudloff
d83774ae7d Cleaner way to get the domain 2020-10-22 21:40:20 +02:00
Pierre Rudloff
e1d7ad44e0 Make the bookmarklet compatible with ugly URLs 2020-10-22 01:36:00 +02:00
Pierre Rudloff
d97b824a44 Cleaner way to build ugly URLs 2020-10-22 01:26:17 +02:00