0

393 Commits

Author SHA1 Message Date
Gabe Kangas
e3b0af1b67 Expand upon flood detection and chat rate limiting. Closes #1349 2021-08-27 14:43:09 -07:00
Gabe Kangas
1a1e2a3738 Revert "Update test to reflect the newline -> br tag change"
This reverts commit 3d09698355c5a1bcaada276fe9d4c92ea205df89.
2021-08-18 18:08:17 -07:00
Gabe Kangas
e5735b8d6d Remove adding <br> tags to newlines 2021-08-18 18:08:07 -07:00
Gabe Kangas
3d09698355 Update test to reflect the newline -> br tag change 2021-08-18 17:51:33 -07:00
Gabe Kangas
3618a28240 Re-enable unsafe tags as they are needed for emoji 2021-08-18 17:00:52 -07:00
Gabe Kangas
8907566ed1 Fixing chat message formatting in #1315 2021-08-18 16:11:00 -07:00
Gabe Kangas
04bb97bffc Fix build error on FreeBSD. Closes #1243 2021-08-13 15:34:00 -07:00
Gabe Kangas
4ea416fdbe Update the user object name change time when changing name. Closes #1277 2021-08-13 00:05:22 -07:00
Gabe Kangas
6f57f570d2 Restore GeoIP support to now support chat users. Closes #1304 2021-08-13 08:52:36 +02:00
Gabe Kangas
6fb383d04b Only ignore messages 5min after disconnect. Part of fixing #1268 2021-08-12 22:40:10 -07:00
Gabe Kangas
f87d4f960a Add formatting 2021-08-12 22:39:12 -07:00
Gabe Kangas
cf87f53da3 Do not send empty type when its not apropriate 2021-08-12 21:20:06 -07:00
Gabe Kangas
9d0ae44c3c Give stream status webhooks an id and timestamp 2021-08-12 20:02:17 -07:00
Gabe Kangas
53d0e8653e Remove old unused function 2021-08-12 17:23:28 -07:00
Gabe Kangas
b966d32d77 Incorrect webhook event type is being sent on user joined. Fixes #1302 2021-08-12 13:19:09 -07:00
Gabe Kangas
dcc7a7c5c3 Support assigning nil as time instead of setting time as invalid. Fix typo that led to incorrect disconnect time. Maybe addresses #1268? 2021-08-03 17:47:16 -07:00
Meisam
41a7e8b896
check the return value of os.Rename (#1288) 2021-07-31 14:59:02 -07:00
Gabe Kangas
12cbe529de Fix incorrect handling of messages array. Closes #1287 2021-07-31 12:48:42 -07:00
Christian
cb7a9b89ea
safely generate the thumbnail.jpg & preview.gif (#1279) 2021-07-28 14:21:02 -07:00
Gabe Kangas
031a848b7a No need to publicly log this 2021-07-28 12:37:26 -07:00
Meisam
109d2669ab
better chat message sanitization (#1266)
* strip <p> in chat sanitization, keep the content

* update sanitization tests

* update tests

* rm <p></p> comparison for empty messages
2021-07-27 15:26:27 -07:00
Meisam
44f406caf0
reject user messages when offline (#1269) 2021-07-27 10:42:05 -07:00
Gabe Kangas
fac06257ad Add in the optimization where multiple websocket events can exist within a single message 2021-07-26 19:23:15 -07:00
Gabe Kangas
8b2747e4d7 Add some sqlite optimizations 2021-07-26 17:35:23 -07:00
Gabe Kangas
f20aa4478d Add a simple caching of chat history as an optimization 2021-07-26 17:35:04 -07:00
Gabe Kangas
f85b54cfeb Pass along just the client id instead a reference to the entire client when unregistering the client 2021-07-26 17:34:50 -07:00
Meisam
f07c9e2e00
consider <p></p> as an empty message (#1264) 2021-07-26 09:21:48 -07:00
Christian Muehlhaeuser
35a0c6fa14
Improve performance of retrieving chat history by avoiding double-sort and outer join (#1261) 2021-07-25 09:54:24 -07:00
Meisam
e1c4b452e6
test emoji title and alt tag sanitization (#1244) 2021-07-23 11:01:30 -07:00
Meisam
a8e93de134
Prevent remote image injection with /img/emoji/ in url (#1245)
* test remote img blocking with /img/emoji/ in url

* fix emoji filter

prevent injection of remote img with /img/emoji in url
2021-07-23 11:00:04 -07:00
Gabe Kangas
ae78283caf Remove extra log from displaying 2021-07-22 23:34:51 -07:00
Gabe Kangas
484098afda Some migration fixes and database optimizations 2021-07-22 23:30:25 -07:00
Meisam
c4c1ecfc7b
Allow alt and title tags in chat emojis (#1241)
* allow alt and title on chat imgs

* enforce non-empty alt&title tags for emojis
2021-07-22 22:22:33 -07:00
Gabe Kangas
3dc3ad75f6 Cleanup errors that are not fatal during filesystem cleanup 2021-07-22 16:50:30 -07:00
Gabe Kangas
c3e8e78dad Centralize chan closure to be done in the client, not the server. Set chan size to max message size. 2021-07-22 15:27:12 -07:00
Gabe Kangas
f782e82909 Fix potential concurrent access condition 2021-07-22 15:27:12 -07:00
Gabe Kangas
44d6a36b77 Cleanup linter warnings 2021-07-19 23:49:16 -07:00
Gabe Kangas
b6f68628c0
Chat refactor + persistent backing chat users (#1163)
* First pass at chat user registration and validation

* Disable chat if the user is disabled/blocked or the server hits max connections

* Handle dropping sockets if chat is disabled

* Fix origin in automated chat test

* Work for updated chat moderation

* Chat message markdown rendering and fix tests

* Put /api/chat behind a chat user access token. Closes #1085

* Reject blocked username changes

* More WIP moderation

* Defer configuring chat until we know if it is enabled. Closes #1135

* chat user blocking. Closes #1096

* Add tests around user access for #1096

* Add external integration chat message API + update integration auth middleware to pass along integration name. Closes #1092

* Delete old chat messages from db as to not hold on to excessive data. Closes #1152

* Add schema migration for messages. Closes #1155

* Commit updated API documentation

* Add chat load test

* Shared db mutex and db optimizations

* Simplify past display name handling

* Use a new test db for each test run

* Wire up the external messages actions + add tests for them

* Move access tokens to be actual users

* Run message pruning at launch + fix comparison

* Do not return API users in disabled users response

* Fix incorrect highlighting. Closes #1160

* Consolidate user table statements

* Set the max process connection limit to 70% of maximum

* Fix wrong old display name being returned in name change event

* Delete the old chat server files

* Wire back up the webhooks

* Remove unused

* Invalidate user cache on changes

* Do not send rendered body as RawBody

* Some cleanup

* Standardize names for external API users to ExternalAPIUser

* Do not log token

* Checkout branch when building admin for testing

* Bundle in dev admin for testing

* Some cleanup

* Cleanup js logs

* Cleanup and standardize event names

* Clean up some logging

* Update API spec. Closes #1133

* Commit updated API documentation

* Change paths to be better named

* Commit updated API documentation

* Update admin bundle

* Fix duplicate event name

* Rename scope var

* Update admin bundle

* Move connected clients controller into admin package

* Fix collecting usernames for autocomplete purposes

* No longer generate username when it is empty

* Sort clients and users by timestamp

* Move file to admin controller package

* Swap, so the comments stay correct

Co-authored-by: Jannik <jannik@outlook.com>

* Use explicit type alias

Co-authored-by: Jannik <jannik@outlook.com>

* Remove commented code.

Co-authored-by: Jannik <jannik@outlook.com>

* Cleanup test

* Remove some extra logging

* Add some clarity

* Update dev instance of admin for testing

* Consolidate lines

Co-authored-by: Jannik <jannik@outlook.com>

* Remove commented unused vars

Co-authored-by: Jannik <jannik@outlook.com>

* Until needed do not return IP address with client list

* Fix typo of wrong var

* Typo led to a bad test. Fix typo and fix test.

* Guard against the socket reconnecting on error if previously set to shutdown

* Do not log access tokens

* Return success message on enable/disable user

* Clean up some inactionable error messages. Sent ban message. Sort banned users.

* fix styling for when chat is completely disabled

* Unused

* guard against nil clients

* Update dev admin bundle

* Do not unhide messages when unblocking user just to be safe. Send removal action from the controller

* Add convinience function for getting active connections for a single user

* Lock db on these mutations

* Cleanup force disconnect using GetClientsForUser and capture client reference explicitly

* No longer re-showing banned user messages for safety. Removing this test.

* Remove no longer needed comment

* Tweaks to forbidden username handling.

- Standardize naming to not use "block" but "forbidden" instead.
- Pass array over the wire instead of string.
- Add API test
- Fix default list incorrectly being appended to custom list.

* Logging cleanup

* Update dev admin bundle

* Add an artificial delay in order to visually see message being hidden when testing

* Remove the user cache as it is a premature optimization

* When connected to chat let the user know their current user details to sync the username in the UI

* On connected send current display name back to client.
- Move name change out of chat component.
- Add additional event type constants.

* Fix broken workflow due to typo

* Troubleshoot workflow

* Bump htm from 3.0.4 to 3.1.0 in /build/javascript (#1181)

* Bump htm from 3.0.4 to 3.1.0 in /build/javascript

Bumps [htm](https://github.com/developit/htm) from 3.0.4 to 3.1.0.
- [Release notes](https://github.com/developit/htm/releases)
- [Commits](https://github.com/developit/htm/compare/3.0.4...3.1.0)

---
updated-dependencies:
- dependency-name: htm
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Run npm run build and update libraries

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabe Kangas <gabek@real-ity.com>

* Commit updated Javascript packages

* Re-send current user info when a rejected name change takes place

* All socket writes should be through the send chan and not directly

* Seed the random generator

* Add keys and indexes to users table

* a util to generate consistent emoji markup

* console clean up

* mod tidy

* Commit updated API documentation

* Handle the max payload size of a socket message.
- Only close socket if x2 greater than the max size.
- Send the user a message if a message is too large.
- Surface the max size in bytes in the config.

* Update admin bundle

* Force all events to be sent in their own socket message and do not concatinate in a single message

* Update chat embed to register for access token

* Use a different access token for embed chat

* Update the chat message bubble background color to be bolder

* add base tag to open links in new window, closes #1220

* Support text input of :emoji: in chat (#1190)

* Initial implementation of emoji injection

* fix bookkeeping with multiple emoji

* make the emoji lookup case-insensitive

* try another solution for Caretposition

* add title to emojis

minor refactoring

* bind moji injection to InputKeyUp

* simplify the code

replace all found emojis

* inject emoji if the modifer is released earlier

* more efficient emoji tag search

* use json emoji.emoji as url

* use createEmojiMarkup()

* move emojify() to chat.js

* emojify on paste

* cleanup emoji titles in paste

* update inputText in InputKeyup

* mark emoji titles with 2*zwnj

this way paste cleanup will not interfere with text which include zwnj

* emoji should not change the inputText

* Do not show join messages when chat is offline. Closes #1224
- Show stream starting/ending messages in chat.
- When stream starts show everyone the welcome message.

* Force scrolling chat to bottom after history is populated regardless of scroll position. Closes https://github.com/owncast/owncast/issues/1222

* use maxSocketPayloadSize to calculate total bytes of message payload (#1221)

* utilize maxSocketPayloadSize from config; update chatInput to calculate based on that value instead of text value; remove usage of inputText for counting

* add a buffer to account for entire websocket payload for message char counting; trim nbsp;'s from ends of messages when calculating count

Co-authored-by: Gabe Kangas <gabek@real-ity.com>

Co-authored-by: Owncast <owncast@owncast.online>
Co-authored-by: Jannik <jannik@outlook.com>
Co-authored-by: Ginger Wong <omqmail@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Meisam <39205857+MFTabriz@users.noreply.github.com>
2021-07-19 19:22:29 -07:00
Gabe Kangas
37fedb8ab8 Ignore some additional non-fatal errors 2021-07-18 13:10:08 -07:00
Meisam
7361578412
style fix for error checking (#1170)
+additional linting
2021-07-09 11:16:44 -07:00
Meisam
a13e1e75e2
proper cleanup and permission check for the hls directory (#1167)
* check error on hls cleanup

* rm HLS directories before creating new ones

* don't mask the variable

* mv cleanupDirectory() to utils

* add user-friendly error messages
2021-07-08 12:35:53 -07:00
Jannik
3f9f4a151c
refactor: use io.Pipe and ffmpeg's stdin (#1148)
This removes the usage of `syscall.Mkfifo` which was previously used and
won't work on Windows systems and opens the door for other processes on
the computer to interfere in the rtmp stream (dumping bad content in the
fifo, removing the file, blocking the file in offline status).
Instead, this patch introduces an `io.Pipe` which pipes the RTMP stream
to the ffmpeg command while staying in Owncast.

Further links:
* ffmpeg on using `pipe:0` as an input: https://ffmpeg.org/ffmpeg-protocols.html#pipe
2021-07-03 12:28:25 -07:00
Jannik
edc777ae1b
🐛 use currentBroadcast for playlist overwrites (#1149)
Fixes #1147 since it looks into currentBroadcast and does not use the configuration of the next stream.
2021-07-01 18:27:56 -07:00
Gabe Kangas
0802a20f4f Do not save invalid disconnect time 2021-06-29 11:38:13 -07:00
Gabe Kangas
12104978e8 Some linter cleanup 2021-06-29 10:21:00 -07:00
Gabe Kangas
ab3bbd59bf Cleanup the persisted disconnected time 2021-06-29 10:04:26 -07:00
Gabe Kangas
d28c4b96f3 Fix invalid nil time being returned 2021-06-28 13:59:23 -07:00
Gabe Kangas
1586d80a32 Wire up blocked chat username controller 2021-06-21 20:16:21 -07:00
Gabe Kangas
20c272ff3d Guard against invalid last disconnect time 2021-06-20 20:16:27 -07:00
Gabe Kangas
89dfcfb047 Fix buggy saving of lastDisconnectTime now used for #1111 2021-06-20 11:30:29 -07:00