0

414 Commits

Author SHA1 Message Date
Meisam
a8e93de134
Prevent remote image injection with /img/emoji/ in url (#1245)
* test remote img blocking with /img/emoji/ in url

* fix emoji filter

prevent injection of remote img with /img/emoji in url
2021-07-23 11:00:04 -07:00
Gabe Kangas
ae78283caf Remove extra log from displaying 2021-07-22 23:34:51 -07:00
Gabe Kangas
484098afda Some migration fixes and database optimizations 2021-07-22 23:30:25 -07:00
Meisam
c4c1ecfc7b
Allow alt and title tags in chat emojis (#1241)
* allow alt and title on chat imgs

* enforce non-empty alt&title tags for emojis
2021-07-22 22:22:33 -07:00
Gabe Kangas
3dc3ad75f6 Cleanup errors that are not fatal during filesystem cleanup 2021-07-22 16:50:30 -07:00
Gabe Kangas
c3e8e78dad Centralize chan closure to be done in the client, not the server. Set chan size to max message size. 2021-07-22 15:27:12 -07:00
Gabe Kangas
f782e82909 Fix potential concurrent access condition 2021-07-22 15:27:12 -07:00
Gabe Kangas
44d6a36b77 Cleanup linter warnings 2021-07-19 23:49:16 -07:00
Gabe Kangas
b6f68628c0
Chat refactor + persistent backing chat users (#1163)
* First pass at chat user registration and validation

* Disable chat if the user is disabled/blocked or the server hits max connections

* Handle dropping sockets if chat is disabled

* Fix origin in automated chat test

* Work for updated chat moderation

* Chat message markdown rendering and fix tests

* Put /api/chat behind a chat user access token. Closes #1085

* Reject blocked username changes

* More WIP moderation

* Defer configuring chat until we know if it is enabled. Closes #1135

* chat user blocking. Closes #1096

* Add tests around user access for #1096

* Add external integration chat message API + update integration auth middleware to pass along integration name. Closes #1092

* Delete old chat messages from db as to not hold on to excessive data. Closes #1152

* Add schema migration for messages. Closes #1155

* Commit updated API documentation

* Add chat load test

* Shared db mutex and db optimizations

* Simplify past display name handling

* Use a new test db for each test run

* Wire up the external messages actions + add tests for them

* Move access tokens to be actual users

* Run message pruning at launch + fix comparison

* Do not return API users in disabled users response

* Fix incorrect highlighting. Closes #1160

* Consolidate user table statements

* Set the max process connection limit to 70% of maximum

* Fix wrong old display name being returned in name change event

* Delete the old chat server files

* Wire back up the webhooks

* Remove unused

* Invalidate user cache on changes

* Do not send rendered body as RawBody

* Some cleanup

* Standardize names for external API users to ExternalAPIUser

* Do not log token

* Checkout branch when building admin for testing

* Bundle in dev admin for testing

* Some cleanup

* Cleanup js logs

* Cleanup and standardize event names

* Clean up some logging

* Update API spec. Closes #1133

* Commit updated API documentation

* Change paths to be better named

* Commit updated API documentation

* Update admin bundle

* Fix duplicate event name

* Rename scope var

* Update admin bundle

* Move connected clients controller into admin package

* Fix collecting usernames for autocomplete purposes

* No longer generate username when it is empty

* Sort clients and users by timestamp

* Move file to admin controller package

* Swap, so the comments stay correct

Co-authored-by: Jannik <jannik@outlook.com>

* Use explicit type alias

Co-authored-by: Jannik <jannik@outlook.com>

* Remove commented code.

Co-authored-by: Jannik <jannik@outlook.com>

* Cleanup test

* Remove some extra logging

* Add some clarity

* Update dev instance of admin for testing

* Consolidate lines

Co-authored-by: Jannik <jannik@outlook.com>

* Remove commented unused vars

Co-authored-by: Jannik <jannik@outlook.com>

* Until needed do not return IP address with client list

* Fix typo of wrong var

* Typo led to a bad test. Fix typo and fix test.

* Guard against the socket reconnecting on error if previously set to shutdown

* Do not log access tokens

* Return success message on enable/disable user

* Clean up some inactionable error messages. Sent ban message. Sort banned users.

* fix styling for when chat is completely disabled

* Unused

* guard against nil clients

* Update dev admin bundle

* Do not unhide messages when unblocking user just to be safe. Send removal action from the controller

* Add convinience function for getting active connections for a single user

* Lock db on these mutations

* Cleanup force disconnect using GetClientsForUser and capture client reference explicitly

* No longer re-showing banned user messages for safety. Removing this test.

* Remove no longer needed comment

* Tweaks to forbidden username handling.

- Standardize naming to not use "block" but "forbidden" instead.
- Pass array over the wire instead of string.
- Add API test
- Fix default list incorrectly being appended to custom list.

* Logging cleanup

* Update dev admin bundle

* Add an artificial delay in order to visually see message being hidden when testing

* Remove the user cache as it is a premature optimization

* When connected to chat let the user know their current user details to sync the username in the UI

* On connected send current display name back to client.
- Move name change out of chat component.
- Add additional event type constants.

* Fix broken workflow due to typo

* Troubleshoot workflow

* Bump htm from 3.0.4 to 3.1.0 in /build/javascript (#1181)

* Bump htm from 3.0.4 to 3.1.0 in /build/javascript

Bumps [htm](https://github.com/developit/htm) from 3.0.4 to 3.1.0.
- [Release notes](https://github.com/developit/htm/releases)
- [Commits](https://github.com/developit/htm/compare/3.0.4...3.1.0)

---
updated-dependencies:
- dependency-name: htm
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Run npm run build and update libraries

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabe Kangas <gabek@real-ity.com>

* Commit updated Javascript packages

* Re-send current user info when a rejected name change takes place

* All socket writes should be through the send chan and not directly

* Seed the random generator

* Add keys and indexes to users table

* a util to generate consistent emoji markup

* console clean up

* mod tidy

* Commit updated API documentation

* Handle the max payload size of a socket message.
- Only close socket if x2 greater than the max size.
- Send the user a message if a message is too large.
- Surface the max size in bytes in the config.

* Update admin bundle

* Force all events to be sent in their own socket message and do not concatinate in a single message

* Update chat embed to register for access token

* Use a different access token for embed chat

* Update the chat message bubble background color to be bolder

* add base tag to open links in new window, closes #1220

* Support text input of :emoji: in chat (#1190)

* Initial implementation of emoji injection

* fix bookkeeping with multiple emoji

* make the emoji lookup case-insensitive

* try another solution for Caretposition

* add title to emojis

minor refactoring

* bind moji injection to InputKeyUp

* simplify the code

replace all found emojis

* inject emoji if the modifer is released earlier

* more efficient emoji tag search

* use json emoji.emoji as url

* use createEmojiMarkup()

* move emojify() to chat.js

* emojify on paste

* cleanup emoji titles in paste

* update inputText in InputKeyup

* mark emoji titles with 2*zwnj

this way paste cleanup will not interfere with text which include zwnj

* emoji should not change the inputText

* Do not show join messages when chat is offline. Closes #1224
- Show stream starting/ending messages in chat.
- When stream starts show everyone the welcome message.

* Force scrolling chat to bottom after history is populated regardless of scroll position. Closes https://github.com/owncast/owncast/issues/1222

* use maxSocketPayloadSize to calculate total bytes of message payload (#1221)

* utilize maxSocketPayloadSize from config; update chatInput to calculate based on that value instead of text value; remove usage of inputText for counting

* add a buffer to account for entire websocket payload for message char counting; trim nbsp;'s from ends of messages when calculating count

Co-authored-by: Gabe Kangas <gabek@real-ity.com>

Co-authored-by: Owncast <owncast@owncast.online>
Co-authored-by: Jannik <jannik@outlook.com>
Co-authored-by: Ginger Wong <omqmail@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Meisam <39205857+MFTabriz@users.noreply.github.com>
2021-07-19 19:22:29 -07:00
Gabe Kangas
37fedb8ab8 Ignore some additional non-fatal errors 2021-07-18 13:10:08 -07:00
Meisam
7361578412
style fix for error checking (#1170)
+additional linting
2021-07-09 11:16:44 -07:00
Meisam
a13e1e75e2
proper cleanup and permission check for the hls directory (#1167)
* check error on hls cleanup

* rm HLS directories before creating new ones

* don't mask the variable

* mv cleanupDirectory() to utils

* add user-friendly error messages
2021-07-08 12:35:53 -07:00
Jannik
3f9f4a151c
refactor: use io.Pipe and ffmpeg's stdin (#1148)
This removes the usage of `syscall.Mkfifo` which was previously used and
won't work on Windows systems and opens the door for other processes on
the computer to interfere in the rtmp stream (dumping bad content in the
fifo, removing the file, blocking the file in offline status).
Instead, this patch introduces an `io.Pipe` which pipes the RTMP stream
to the ffmpeg command while staying in Owncast.

Further links:
* ffmpeg on using `pipe:0` as an input: https://ffmpeg.org/ffmpeg-protocols.html#pipe
2021-07-03 12:28:25 -07:00
Jannik
edc777ae1b
🐛 use currentBroadcast for playlist overwrites (#1149)
Fixes #1147 since it looks into currentBroadcast and does not use the configuration of the next stream.
2021-07-01 18:27:56 -07:00
Gabe Kangas
0802a20f4f Do not save invalid disconnect time 2021-06-29 11:38:13 -07:00
Gabe Kangas
12104978e8 Some linter cleanup 2021-06-29 10:21:00 -07:00
Gabe Kangas
ab3bbd59bf Cleanup the persisted disconnected time 2021-06-29 10:04:26 -07:00
Gabe Kangas
d28c4b96f3 Fix invalid nil time being returned 2021-06-28 13:59:23 -07:00
Gabe Kangas
1586d80a32 Wire up blocked chat username controller 2021-06-21 20:16:21 -07:00
Gabe Kangas
20c272ff3d Guard against invalid last disconnect time 2021-06-20 20:16:27 -07:00
Gabe Kangas
89dfcfb047 Fix buggy saving of lastDisconnectTime now used for #1111 2021-06-20 11:30:29 -07:00
Meisam
e991199735
updates to backups directory (#1099)
* read BackupDirectory from command line flag

* Change the default backup directory

* mkdir BackupDirectory

* use config for backup file path

* migrateDatabase to the backup directory

* use DoesFileExists

change permission on the directory to 0700

* declare err

* generate backupFile  where needed

* style fix

* more style fixes

* more style fixes
2021-06-13 15:28:59 -07:00
Gabe Kangas
306a0066d1 Fix concurrency crash. Closes #1067 2021-06-07 21:59:43 -07:00
Jannik
fae2c58259
Fix rtmp secret validation to allow / (#1069) (#1070)
* Fix rtmp secret validation to allow `/` (#1069)

* add negative test cases for stuff before /live/

* simplify since Url.Path is already stripping the host

This means that we can simplify the code and make it much clearer.
Removes the tests that checked for the host and stuff between the host and /live/.
2021-06-04 20:09:43 -07:00
Gabe Kangas
94136d4361 Demote log message 2021-05-24 21:43:13 -07:00
leuc
5ab901bb36
Fix #981 Use -webserverip to set http listen address (#1032)
* Fix #981 Use -webserverip to set http listen address

* use 0.0.0.0 as default http listen address

* add Admin REST API for setting http listen address

* full input validation of port and IP
2021-05-24 16:13:49 -07:00
Gabe Kangas
1a0beb1d0e Fix tests 2021-05-23 14:27:35 -07:00
Meisam
8b57ddcfb1
Remove config file migrator (#1045)
* rm migrator consts

* Delete migrator.go

* rm RunMigrations()
2021-05-23 13:36:34 -07:00
Fabian Fischer
d3696cd0aa
fix: avoid duplicate cache-control header (#1048) 2021-05-23 13:35:05 -07:00
Gabe Kangas
61e07bf945 API for setting a list of blocked usernames. For #782 2021-05-22 21:50:34 -07:00
Gabe Kangas
83ad6db394 If tag storage is an empty string return back an empty slice. Fixes #974 2021-05-22 21:32:56 -07:00
Gabe Kangas
381daaec9b Save owncast logs to log file. Closes #908 2021-05-22 19:25:54 -07:00
Gabe Kangas
36a15a97dd Handle the server summary data as auto-linked markdown. Closes #1010 2021-05-22 17:09:57 -07:00
tomleb
1504ea3509
Add -logdir flag (#1039)
This allow configuring the various logs that may be outputted
(transcoder and future logs)
2021-05-22 16:29:49 -07:00
Gabe Kangas
91f6dcd0f6
Active viewer PING controller. Closes #790 (#990) 2021-05-20 20:29:01 -07:00
Gabe Kangas
3810ce4f63 Do not try to copy logo if image does not exist on disk 2021-05-14 15:28:13 -07:00
Gabe Kangas
09da85090e Fix tests 2021-05-05 19:58:02 -07:00
Gabe Kangas
4f4cef97e2 Force an iframe every segment 2021-05-05 18:21:27 -07:00
Gabe Kangas
fc123ecda3 Fix tests 2021-05-05 17:31:19 -07:00
Gabe Kangas
6bcbe60c28 Update latency level values 2021-05-05 17:22:57 -07:00
Gabe Kangas
fa3a959dc5 update tests 2021-04-29 22:13:47 -07:00
Gabe Kangas
5324d235bf Force an i-frame every second for consistent segment lenghts with
minimum latency.
2021-04-29 22:06:39 -07:00
Gabe Kangas
4f73da30a8 Add additional stream + server info to stream started webhook. Closes #971 2021-04-29 17:04:33 -07:00
Gabe Kangas
eedc07fc94 Ignore warning about hls segment length 2021-04-24 14:00:35 -07:00
Gabe Kangas
34c4350597 Add some more va-api codec error mappings 2021-04-21 17:48:39 -07:00
Gabe Kangas
a06a9c58ea Add i965-va-driver-shader missing error 2021-04-15 22:25:28 -07:00
Gabe Kangas
543577c2e0 Create hls directories at transcoder start to account for stream output changes. Fixes #940 2021-04-15 21:36:14 -07:00
Gabe Kangas
5214d81264
Codec selection (#892)
* Query for installed codecs

* Start modeling out codecs

* Can now specify a codec and get the correct settings returned from the model

* Return codecs in admin/serverconfig

* Start handling transcoding errors and return messages to user

* filter available codecs against a whitelist

* Fix merge

* Codecs are working

* Switching between codecs work

* Add apis for setting a custom video codec

* Cleanup the logging of transcoder errors

* Add v4l codec

* Add fetching v4l

* Add support for per-codec presets

* Use updated nvenc encoding parameters

* Update log message

* Some more codec WIP

* Turn off v4l. It is a mess.

* Try to make the lowest latency level a bit more playable

* Use a human redable display name in console messages

* Turn on transcoder persistent connections

* Add more codec-related user-facing error messages

* Give the initial offline state transcoder an id

* Force a minimum segment count of 3

* Disable qsv for now. set x264 specific params in VariantFlags

* Close body in case

* Ignore vbv underflow message, it is not actionable

* Determine a dynamic gop value based on the length of segments

* Add codec-specific tests

* Cleanup

* Ignore goconst lint warnings in codec file

* Troubleshoot omx

* Add more codec tests

* Remove no longer accurate comment

* Bundle admin from codec branch

* Revert back to old setting

* Cleanup list of codecs a bit

* Remove old references to the encoder preset

* Commit updated API documentation

* Update admin bundle

* Commit updated API documentation

* Add codec setting to api spec

* Commit updated API documentation

Co-authored-by: Owncast <owncast@owncast.online>
2021-04-15 13:55:51 -07:00
Gabe Kangas
f216e781dd Reduce log level on data getters 2021-04-14 16:06:22 -07:00
Gabe Kangas
df7dff081f Set and get custom styling for web interface. For #718 2021-04-11 19:34:05 -07:00