luisgulo/photoprism
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
8485 commits 22 branches 65 tags 324 MiB
Commit graph

14 commits

Author SHA1 Message Date
Michael Mayer
3946e2a16f API: Refactor "404 Not Found" response handler #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 20:56:43 +01:00
Michael Mayer
abfea6354c Config: Allow CORS for fonts and CSS when using a CDN #3931 
see https://www.w3.org/TR/css-fonts-3/#font-fetching-requirements

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 20:04:36 +01:00
Michael Mayer
da10b30fdf API: Add auth token to vary header for caching proxies and CDNs #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 16:42:21 +01:00
Michael Mayer
c3b9b73d1d API: Only allow CDNs to cache GET, HEAD, and OPTIONS requests #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 16:17:16 +01:00
Michael Mayer
239708f00f Config: Add options to configure CORS origin, headers and methods #3931 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-16 12:14:06 +01:00
Michael Mayer
c5f6a28448 Config: Add PHOTOPRISM_HTTP_CORS option for CDN users #3931 #3940 
In addition, the Access-Control-Allow-Origin header is set to the same
URL if an Origin header is found in the request (experimental).

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-15 13:06:27 +01:00
Michael Mayer
f8e0615cc8 Auth: Ensure backwards compatibility for existing API clients #808 #3943 
These changes ensure that the new (SHA256) session ID is returned in the
"session_id" field, so that developers have time to update their client
implementations to use the new "access_token" field.

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2024-01-07 12:25:56 +01:00
Michael Mayer
dc39fc44d2 Security: Add "header" package for setting common response headers #98 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2022-10-09 17:16:49 +02:00
Michael Mayer
f5a8c5a45d Auth: Session and ACL enhancements #98 #1746 
Signed-off-by: Michael Mayer <michael@photoprism.app>
 2022-09-28 09:01:17 +02:00
Michael Mayer
e739dd3e89 Auth: Add support for config and routing extensions (WIP) #782 #2478 
Enables developers to extend the existing config and API. Initial proof
of concept and work in progress. Implementation details may change.
Feedback welcome!

Signed-off-by: Michael Mayer <michael@photoprism.app>
 2022-07-05 23:13:34 +02:00
Michael Mayer
92e6c4fe1e Download: Add Disabled, Originals, MediaRaw & MediaSidecar Flags #2234 
Extends DownloadSettings with 4 additional options:
- Name: File name pattern for downloaded files (existed)
- Disabled: Disables downloads
- Originals: Only download files stored in "originals" folder
- MediaRaw: Include RAW image files
- MediaSidecar: Include metadata sidecar files (JSON, XMP, YAML)
 2022-04-15 09:42:07 +02:00
Michael Mayer
0f0c0aaa0b API: Improve path and filename parameter sanitation #1814 2021-12-14 20:01:39 +01:00
Michael Mayer
9a8144c046 Log4j: Sanitize user input in logs like filenames and album titles #1814 2021-12-14 17:07:38 +01:00
Michael Mayer
2ddb1d6daa Backend: Add HTTP security middleware 2021-10-17 16:48:53 +02:00