qBittorrent

mirror of https://github.com/qbittorrent/qBittorrent.git synced 2025-01-09 08:37:27 +03:00

Author	SHA1	Message	Date
Chocobo1	5cdb3b6a2d	Load WebUI certificate & key from file path This allow users to update certificate & key more easily, i.e. without the need to import them into qbt. Closes #6675, #7547, #8315, #8564.	2019-01-28 16:33:48 +08:00
Vladimir Golovnev (Glassez)	b0446380c6	Separate URL components before percent-decoding Allow special characters in query string parameters. Closes #9116.	2019-01-27 15:33:19 +03:00
Chocobo1	7fd30fa90f	Enforce referrer-policy in WebUI This stops leaking private data to other websites via Referrer header.	2018-12-10 22:17:04 +08:00
thalieht	6b1d26d555	Convert all foreach() to range-based for()	2018-11-28 23:40:12 +02:00
thalieht	d668a4fe6d	Fix coding style for various things	2018-11-28 23:37:35 +02:00
Chocobo1	050b78f378	Send Cache-Control header in WebUI responses Tune the caching time to be shorter, in case there is a program update. Change the cacheability to private, as WebUI resources are not intended to be cached at proxy. For uncacheable responses, send out "no-store" explicitly to halt browser caching.	2018-06-04 20:50:08 +08:00
Chocobo1	c22e6b4502	Cleanup header include order Add missing header. Cleanup license.	2018-05-31 22:56:25 +08:00
Vladimir Golovnev (Glassez)	90f09e7570	Properly fill UploadedFile::filename field Closes #8928.	2018-05-16 20:13:55 +03:00
thalieht	20ca90800d	Fix coding style	2018-05-09 17:06:22 +03:00
Vladimir Golovnev	3a0e5e51df	Merge pull request #8761 from thalieht/nullptr Replace the zeroing of pointers with nullptr	2018-05-08 17:10:37 +03:00
Chocobo1	4dea03fc74	Remove unused constants	2018-04-17 20:29:43 +08:00
thalieht	3e4099fe5b	Replace the zeroing of pointers with nullptr	2018-04-15 13:06:31 +03:00
Chocobo1	423511765a	Fix typo	2018-03-14 23:37:08 +08:00
Vladimir Golovnev (Glassez)	1aca3b0adc	Parse URL query string at application level	2018-03-04 17:08:48 +03:00
Vladimir Golovnev (Glassez)	34295a78f2	Move ByteArray utils into Utils::ByteArray namespace	2018-03-02 17:23:21 +03:00
Chocobo1	f34dfca5e6	Enable Http/1.1 persistence connection This enables reusing existing TCP connection instead of opening a new connection for every request	2018-02-23 14:46:22 +08:00
Chocobo1	cec68c3fd7	Rewrite RequestParser * Add more checks and also more strict checks for invalid conditions * Add http version field * Raise max request size to 64 MB * Add author in license * Use Qt5 new connect syntax	2018-02-23 14:46:17 +08:00
Vladimir Golovnev (Glassez)	a0842a1e68	Don't convert POST parameter names to lower-case	2018-02-18 19:57:48 +03:00
Vladimir Golovnev (Glassez)	27d8dbf13b	Redesign Web API Normalize Web API method names. Allow to use alternative Web UI. Switch Web API version to standard form (i.e. "2.0"). Improve Web UI translation code. Retranslate changed files. Add Web API for RSS subsystem.	2018-01-28 19:16:24 +03:00
Vladimir Golovnev (Glassez)	bb683bd393	Switch built-in Web UI html to HTML5	2018-01-23 11:08:37 +03:00
Chocobo1	c1a282aa7b	Fix missing qbt logo on login page in webUI. Closes #7953 .	2017-12-02 14:31:48 +08:00
thalieht	525fdd6c2b	Coding style, use nullptr and other minor things	2017-10-08 10:20:54 +03:00
Chocobo1	0532d546d7	Implement HTTP host header filtering This filtering is required to defend against DNS rebinding attack.	2017-07-12 17:26:13 +03:00
sledgehammer999	d88f0f36e0	Merge pull request #6889 from Chocobo1/lowercase Convert all http header name constants to lowercase	2017-06-14 02:38:57 +03:00
Chocobo1	8419ca87f9	Fix KEEP_ALIVE_DURATION value I intended to specify 7 seconds, which should be 7000 milliseconds	2017-06-07 21:45:47 +08:00
Chocobo1	45c21f62f9	[WebAPI] Convert all header name constants to lowercase This save us another transition when some day we implements HTTP/2 (which all headers are in lowercase).	2017-06-02 21:55:16 +08:00
Chocobo1	087856d3d8	[WebUI]: Implement CSRF defense Bump API version	2017-06-01 19:37:57 +03:00
Chocobo1	0b5de9ff54	Temporary revert to the old behavior.	2017-04-20 22:26:35 +08:00
Chocobo1	302c8ba850	Revise Utils::Gzip::compress code Change signature Add ZLIB_CONST define to make z_stream.next_in const Cast to zlib defined type Bytef* Set memLevel to 9 in deflateInit2() for maximum performance Revise compression loop On returning false, free memory correctly by calling deflateEnd() Reserve space by the estimation of deflateBound()	2017-04-20 22:24:50 +08:00
Chocobo1	94b496354b	Rewrite rules for gzipping http response content	2017-04-20 22:22:17 +08:00
Chocobo1	4600e679d1	Implement robust acceptsGzipEncoding() Adhere more to http/1.1 standard	2017-04-20 22:22:17 +08:00
Chocobo1	129172453b	Fix "Content-Encoding" header is always created. Was side effect of operator[]	2017-04-20 22:22:17 +08:00
Chocobo1	7d36c81949	Cleanup Http::responseGenerator() Add CRLF definition Rewrite loop using iterator, slightly more efficient Rename variables	2017-04-20 22:22:17 +08:00
Chocobo1	6cb2f05a6c	Demote to helper function Rename function	2017-04-20 22:22:17 +08:00
Chocobo1	829e1399ca	Convert Qstring to char arrays Cleanup header Sort constants	2017-04-20 22:22:17 +08:00
Chocobo1	4b2266a8e2	Send Date http header It's not strict required but often expected. change class to namespace cleanup header	2017-04-20 22:22:17 +08:00
Chocobo1	9496b2a159	Always send Content-Length header. Because without it, HTTP/1.1 (with persistence connection) clients will keep waiting for more data.	2017-04-20 22:22:17 +08:00
Chocobo1	0b28fb6c6b	Implement http persistence connection Max simultaneous connection limit set to 500 This also release allocated memory of Connection instances at runtime instead of at program shutdown.	2017-04-20 22:22:14 +08:00
sledgehammer999	018574e546	Merge pull request #6475 from OpenGG/master [WebUI-API] Add "skip_checking" and "paused" to "/command/download" and "/command/upload"	2017-04-17 17:12:24 +03:00
Chocobo1	d1ee54f6ea	Refactor: move methods under the same #if section.	2017-04-11 23:16:16 +08:00
Chocobo1	7f346b49a7	Refactor: move the validation of certificates & key functions under Server class Rename method Add log messages	2017-04-10 21:18:59 +08:00
opengg	db3158c410	[WebUI] bugfix: `RequestParser::splitMultipartData` drop extra trailing newline.	2017-03-11 01:26:22 +08:00
Eugene Shalygin	e64bb1de8c	Drop Qt 4 support	2017-03-05 22:24:59 +01:00
Chocobo1	ea9d65f377	Fix incomplete type compile error with Qt4	2017-03-04 16:20:36 +08:00
Chocobo1	7756dd80f3	[WebUI]: add X-XSS-Protection, X-Content-Type-Options, CSP header	2017-03-03 21:28:28 +02:00
ngosang	f5ad04766f	[WebUI] Avoid clickjacking attacks	2017-03-03 21:28:27 +02:00
Chocobo1	f9c39e3dac	[WebUI]: exclude insecure ciphers	2017-03-03 21:28:26 +02:00
Chocobo1	84bc011df5	Code formatting Remove extra private keyword	2017-03-03 21:28:25 +02:00
Eugene Shalygin	be8eab4e54	Disable proxy in WebUI HTTP server. Closes #6349 . Due to a bug in Qt 5.8 (QTBUG-58706) QTcpServer tries to use HTTP proxy when it is set as default app proxy (for instance via "http_proxy" environment variable) and this breaks the server. So we disable any proxy in it.	2017-02-21 00:07:09 +01:00
Chocobo1	d84461c9b2	Remove unused header	2016-11-29 17:31:14 +08:00
borouhin	501a2d7c45	Don't request client SSL certificate (closes issue #3883 )	2016-09-21 02:42:51 +03:00
UnDifferential	f50a8d4f59	Support SSL certificate bundles. Issue #4896 .	2016-03-05 14:10:28 -05:00
sledgehammer999	3ddb1b98b3	Merge pull request #4833 from dsemi/master Do not try to parse request message when content-length is 0	2016-03-04 17:26:28 -06:00
Vladimir Golovnev (Glassez)	dd34663224	Implement Advanced Saving Management subsystem Closes #4696	2016-03-04 19:59:53 +03:00
Dan Seminara	d75564b885	Do not try to parse request message when content-length is 0	2016-02-29 15:57:34 -05:00
Naikel Aparicio	c9293dd2d1	Fixed bug when uploading several files and only the last one was considered.	2015-12-26 20:55:13 -04:30
Vladimir Golovnev (Glassez)	9db93e5d8f	Rename Core to Base (Closes #3733 ).	2015-12-06 14:27:00 +03:00

1 2 3

107 commits