- Added `helmet` middleware for enhanced security with CSP.
- Integrated `dotenv` for configuration management.
- Added validation and error handling for mnemonic and infoHash.
- Improved error handling in TURN credentials generation.
- Enhanced notification and progress feedback for file sharing.
- Added tracker server config validation and error handling.
- Updated dependencies to include `helmet` and `dotenv`.
These changes improve the app's security, robustness, and user experience.
Added line breaks to the torrent status display sections for better visual separation. This enhances readability and user experience by making the status information more scannable.
Added pushState to update the URL with the mnemonic after file upload, enhancing user experience by reflecting the unique file link in the address bar without reloading the page. This helps in easier sharing and bookmarking of the link.
- Standardized quote style across all files to be consistent
- Added functionality to generate TURN credentials dynamically
- Improved UI feedback for upload and download processes
- Introduced a copy URL button for easier sharing
- Implemented progress feedback during file download
- Disabled buttons during ongoing operations to prevent duplicate actions
- Ensured default mnemonic handling for smoother user interaction
These changes enhance the reliability and usability of file transfers.
Enhanced the file upload feature by replacing the progress bar with a dynamic stats display showing the total amount uploaded and number of peers. Also introduced better differentiation between upload and download sections, improving UI clarity. Added a utility function for generating peer ID hashes.
Refactoring ensures users can more easily monitor file sharing progress and understand network interactions.
Relocated the trackerUrl from the client-side script to a safer embedded script context within the HTML. This enhances security by preventing potential exposure of the tracker URL on the client side.
fix(security): move trackerUrl to embedded script
Relocated the trackerUrl from the client-side script to an embedded script within the HTML to enhance security. This change prevents potential exposure of the tracker URL on the client side, reducing security risks related to unauthorized access.
Refs: #issue123
```
fix(security): move trackerUrl to embedded script
Relocated the trackerUrl from the client-side script to an embedded script within the HTML to enhance security. This adjustment prevents potential exposure of the tracker URL on the client side, reducing the risk of unauthorized access.
- Extended .gitignore to exclude .env files containing sensitive info.
- Imported `crypto` module and added route to generate TURN credentials.
- Enhanced upload/download functionality to use STUN/TURN servers.
- Improved UI text for upload/download scenarios for clarity.
- Added fetching of TURN credentials in the client to enable P2P connections.
These changes improve file sharing reliability by providing fallbacks for network traversal.
Moved inline CSS from index.ejs to a new style.css file for cleaner structure and maintainability. Extracted embedded JavaScript to index.js to streamline HTML and enhance script manageability.
Benefits:
- Improved readability and organization of HTML
- Easier maintenance and updates for CSS and JS
- Potential for CSS and JS caching, improving load times
No functional changes were made. Refactors existing code for better practices.