dandri/i2p.i2p
1
0
Fork 0
mirror of https://github.com/i2p/i2p.i2p.git synced 2026-05-24 08:05:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,413 Commits 1 Branch 306 Tags
a0f92b2e286ae94de3a1257adf4fba21db892f80
Commit Graph

253 Commits

Author SHA1 Message Date
zzz 33d56f5f2e Build: Update to Tomcat 9.0.88 2024-04-17 07:45:40 -04:00
zzz 3a18721c52 Susimail: Fix 413 error forwarding email with attachments 
Was actually an ISE in FileBuffer via getOutputStream().flush(), but XSSFilter converted it to a 413
Add logging in XSSFilter to make it easier to find next time
Javadoc fix
 2024-04-04 13:59:09 -04:00
zzz c54ec4d458 Build: Update gradle to 8.5 2024-01-28 12:09:10 +00:00
zzz 3d1cc888fa Console: Change all DOCTYPEs to standard html (Gitlab #426) 2023-09-23 16:11:37 -04:00
zzz be5a10194a Build: Fix list of changed files in manifests 
Broken in move from mtn to git
Fix some places that were broken even with mtn
 2023-01-22 10:08:53 -05:00
zzz 0cbbe6297e i2psnark: Rename search param to bypass the XSS filter 
Fix encode/decode search param
Copy CSS to non-default themes, not tweaked yet
Add support for shorter nf_ prefix to XSS filter
Remove unneeded float_right, reported by drzed
 2023-01-18 12:21:29 -05:00
zzz 5cbdb7d806 Tomcat 9.0.62 2022-05-02 11:31:45 -04:00
idk c4cfe420a6 disable any chance of JNDI lookups in log4j.properties file by setting %m{nolookups}. I don't think we're actually vulnerable to CVE-2021-44228 if I'm understanding correctly, by default it doesn't seem like we actually use log4j for much of anything and we don't do much logging of arbitrarily crafted remote inputs, but also it seems like this JNDI lookups thing is way more trouble than it could possibly be worth to us. Maybe it's a good idea to make sure it's turned off by default. 2021-12-10 21:01:37 -05:00
zzz 6b823e6381 Tomcat 9.0.54 2021-10-11 10:46:26 -04:00
zzz af97381461 Jetty 9.3.30.v20211001 
Remove patched SslConnection.java for Jetty #6072, fix included in this release
 2021-10-10 12:09:12 -04:00
zzz 877b1f5f56 Build: Add resources to dependencies 
remove unused systray icons
 2021-07-30 10:35:12 -04:00
zzz 8710aa0065 Fix package for new "filter" 2021-07-13 08:23:32 -04:00
idk 1911132f11 Adds an X-I2P-Location header filter to the default I2P site 2021-07-12 14:21:23 +00:00
zzz e5186b0f7b Improve error handling on sort 2021-06-20 09:39:12 -04:00
zzz fd6219356d Jetty: Case-insensitive sort on directory listing, put directories first 2021-06-20 09:28:10 -04:00
zzz cb7dcda57f Fix dup patched/unpatched jetty classes 2021-05-18 08:47:18 -04:00
Zlatin Balevsky 8532103e64 reproducible builds with Gradle 2021-05-11 17:50:14 +00:00
zzz 3d362814df Console: Update bug report URLs 2021-05-02 09:37:26 -04:00
zzz 28ea0e9025 Tomcat 9.0.45 2021-04-25 10:53:47 -04:00
zzz 78168be85c Jetty: Add patch for CVE-2021-28165 - Jetty #6072 - 
Jetty server high CPU when client send data length > 17408

This affects SSL connections only, which is not part of our default setup.
Adapted from workaround at:
https://github.com/eclipse/jetty.project/security/advisories/GHSA-26vr-8j45-3r4w
Put the new checks directly in the unwrap() method,
rather than subclassing SslConnection, as that would require config file changes.
 2021-04-24 16:04:33 -04:00
zzz 41e46448d5 Jetty: SslConnection.java unmodified from 9.3.29.v20201019 
Patch to follow in next commit
 2021-04-24 15:56:51 -04:00
zzz b55fbbf099 Boolean.valueOf() -> Boolean.parseBoolean() 2021-03-20 12:27:46 -04:00
zzz 7f3f46c8ba Jetty: Fix detection of SSL connector for registration with PortMapper 2021-02-24 10:13:37 -05:00
zzz 6e2292354a Build: More prep for different release and API versions 
Use API version as manifest Specification-Version
Use API version in I2CP
Reduce sybil penalty for version and banlist
 2021-02-23 10:43:32 -05:00
zzz 6e3b483c03 Util: Store multiple eepsite ports in PortMapper 
Jetty: Register all servers with PortMapper
Console: List all Jetty servers in sidebar
 2021-02-21 09:17:31 -05:00
zzz 1dfdf79d15 Console: Spelling fixes all over, from pospelchek 2021-01-27 11:03:57 -05:00
zzz 5f3c41244b Jetty: Fix URI in request logs 
Use standard getRequestURI() instead of Jetty internal getHttpURI(),
which apparently changed somewhere along the way

Hide Jetty ClosedChannelException from I2P logs
 2021-01-13 08:54:46 -05:00
zzz d2a79e8837 Build: Add version where missing from jar manifests 2020-12-28 08:07:50 -05:00
Zlatin Balevsky 183280871f get gradle assemble to work 2020-12-11 20:12:27 +00:00
zzz 7e5dc6ad64 Tomcat 9.0.40 2020-11-20 14:11:59 +00:00
zzz c9e6bef825 Jetty: Patch to fix console not starting on Java 11.0.9.1 
Backport JavaVersion.java from Jetty 9.4.34
Jetty does not plan to fix in 9.3.x
ref:
https://github.com/eclipse/jetty.project/issues/5682
https://github.com/eclipse/jetty.project/issues/2284
http://zzz.i2p/topics/2991
 2020-11-17 15:50:10 +00:00
zzz 0f002b9b69 Jetty 9.3.29.v20201019/ 2020-11-17 15:39:08 +00:00
zzz a9a5d13e06 Build: Set javac release property (ticket #2775) 
Ant version 1.9.8 or higher now required
Drop support for Xenial package build
Fix up BOB build configuration
Fix i2psnark standalone build
 2020-10-07 13:33:41 +00:00
zzz 2af7066074 Jetty: Switch from jetty to tomcat jar for servlet-api 
to get the 4.0 dtds
Put servlet version on the logs page
 2020-06-07 16:22:21 +00:00
zzz edfbc4081b Tomcat 9.0.35 (Servlet 4.0) 
Switch Bionic to 9.x
Disco+ already on 9.x
Xenial remains on 8.x
Update dependencies doc
 2020-05-31 15:35:18 +00:00
zzz 03b1a4dfc0 Installer: Require Java 8 (ticket #2511) 
Jetty 9.3.28 (ticket #2098)
This breaks Debian builds, fixes to follow
 2020-05-27 16:08:54 +00:00
zzz 25a80c78b5 Build: Manifests for test, source, and javadoc jars 2020-04-21 12:52:23 +00:00
zzz 5976d4952f Jetty: Add GzipHandler for eepsites on Jetty 9.3/9.4 (ticket #2599) 
by adding jetty-gzip.xml. JettyStart will copy the file
and add it to the configuration list automatically.
This does not affect standard installs which are still on 9.2;
it's only for Debian installs.
See also ticket #2098.
Partial backport from branch i2p.i2p.zzz.jetty93
 2020-04-10 18:10:48 +00:00
zzz ea05af42fa Jetty 9.2.29.v20191105, Tomcat 8.5.50 2020-01-08 14:16:16 +00:00
zzz fa9f60bcd9 Console, webapps: CSP improvements 
i2ptunnel, susidns: Add headers.jsi
Console: Remove onload and use nonce for inline scripts where able
Version remaining js links
 2019-12-25 12:18:00 +00:00
zzz b2aa649c2a Build: Add encoding to all javac targets 2019-12-19 11:19:52 +00:00
zzz 320569ef7f Tomcat 8.5.46 2019-09-21 14:30:57 +00:00
zzz 64ba43c007 Jetty: Log stack trace if 2nd arg is a Throwable (ticket #2592) 2019-08-18 14:53:32 +00:00
str4d cf4298f759 Jetty: Fix Gradle build 2019-08-10 16:10:07 +00:00
zzz eff2bdbf87 Build: Fix Debian (ticket #2517) 2019-06-02 10:17:59 +00:00
zzz e174a46801 javadoc fixes 2019-05-12 20:45:17 +00:00
zzz adb1c6f58e Jetty: Fix webapps in eepsite (ticket #2477) 2019-05-12 18:14:55 +00:00
str4d e70a2c765b Update Jetty and Tomcat versions in Gradle build scripts 2019-04-21 16:37:28 +00:00
zzz 8d00774b5e Tomcat 8.5.40 2019-04-15 11:45:52 +00:00
zzz 6237fc89ad Jetty: Hide sizes and dates of directories in listings 2019-04-10 18:25:20 +00:00