Commit graph

1137 commits

Author SHA1 Message Date
Andrew Zhao
295e5c9731 show how long ago stream started 2021-02-24 23:08:04 -05:00
Andrew Zhao
9b79e35d52 do not preload captions 2021-02-24 01:02:55 -05:00
237100da18 Use UTC for published date 2021-02-21 12:35:21 +01:00
1e33c0c288 Fix comment replies count 2021-02-21 00:09:04 +01:00
saltycrys
2bf445e165 Fix playlists with Various Artists author 2021-02-10 01:04:27 +01:00
Andrew Zhao
148f3002ec use large thumbnail for channels in search 2021-02-04 18:20:49 -05:00
Perflyst
ec82c1f957
Merge pull request #1730 from notpushkin/patch-1
Add link[rel="alternate"] pointing to YouTube version
2021-02-04 07:55:39 +01:00
saltycrys
5f03a583d1 Update code for Crystal 0.36.0
Rename `HTTPClient@socket` to `HTTPClient@io`, see
https://github.com/crystal-lang/crystal/pull/9543.

Rename `URI#full_path` to `URI#request_target`, see
https://github.com/crystal-lang/crystal/pull/10099.
2021-02-02 20:01:02 +01:00
saltycrys
991a04dc2a Adjust routes
Simple routes have been moved into a single `Misc` file.

Embed routes have been moved into a single `Embed` file.

The preferences route has been renamed to be more consistent with other parts
of the codebase.
2021-02-02 06:18:16 +01:00
Perflyst
82da5cfd01
Merge pull request #1712 from tenpura-shrimp/bumpvideojs
Bump videojs and fix webworker
2021-01-31 12:18:40 +01:00
saltycrys
909285ea46
Merge pull request #1732 from saltycrys/unrequire-logger
Unrequire `logger`
2021-01-31 03:48:29 +01:00
saltycrys
a0bc0641c7 Unrequire logger
Crystal's `Logger` was required but never used in Invidious. Crystal 0.36.0
removed `Logger` in favor of `Log`.
2021-01-31 03:33:38 +01:00
Alexander Pushkov
e7ada61881
Add link[rel="alternate"] pointing to YouTube version 2021-01-30 23:45:55 +00:00
Andre Borie
79e99908de Allow providing 12-Factor-style Database URL in config 2021-01-30 19:33:58 +00:00
saltycrys
c9a316ad35
Merge pull request #1702 from saltycrys/config
Config improvements
2021-01-30 14:46:10 +01:00
Andrew Zhao
4a0b10984a Bump videojs and fix webworker 2021-01-29 19:08:28 -05:00
Andrew Zhao
d0dbbd1cb1 remove https from channel thumbnail in search 2021-01-28 00:51:14 -05:00
saltycrys
b45f371911 Make config a constant
Instead of passing around `config` there is now the global `CONFIG`.
2021-01-23 19:39:04 +01:00
saltycrys
f1a7ee997b Add config environment variables
The config file can now be specified with `INVIDIOUS_CONFIG_FILE`.
A YAML formatted string can still be passed with `INVIDIOUS_CONFIG`, replacing
the config file.

Additionally all options can now be specified as environment variables.
The syntax for variable names is `INVIDIOUS_` followed by the option name in
upper case. The values are parsed as YAML.

These new env vars only update the provided main configuration, but it is
possible to point the config file at the example config and then use env vars
for all config options:
```
INVIDIOUS_CONFIG_FILE=./config/config.example.yml \
INVIDIOUS_CHANNEL_THREADS=10 \
./invidious
```
2021-01-23 18:58:13 +01:00
Andrew Zhao
15ba3325d9 add ui for searching 2021-01-17 14:33:49 -05:00
HackerNCoder
606dd11b4f
Remove admin_email. Use repos url for captcha ID and reddit header. Add note about not updating changelog 2021-01-07 21:09:24 +01:00
HackerNCoder
4d512d908d
Remove some mentions of omarroth 2021-01-07 19:01:13 +01:00
saltycrys
df9e7f284c Adjust log verbosity
The default log level has been changed from `debug` to `info`.
The `debug` log level is now more verbose. `debug` now gives a general overview
of what is happening (where implemented) while `trace` gives all available
details.
2021-01-05 20:51:18 +01:00
saltycrys
6365ee7487 Make logger a constant
Instead of passing around `logger` there is now the global `LOGGER`.
2021-01-05 20:43:19 +01:00
saltycrys
7a8620a570 Add CLI arguments to config file
The log level can now be set with `log_level` (accepts ints and strings).
The log file can now be set with `output` (also accepts `STDOUT`).
2021-01-05 20:35:59 +01:00
Perflyst
2c24bf3222
Merge pull request #1389 from vhuynh3000/decrypt_on_demand
add config to decrypt on demand instead of polling
2021-01-05 19:32:22 +01:00
saltycrys
36e9fb9d68 Fix watch_videos endpoint
Playlists created by `watch_videos` do not have an author which caused a crash
previously.
2021-01-04 05:35:59 +01:00
saltycrys
8b56a038b7 Set content type for HTML error helpers
This fixes `Unexpected char '<' at 1:1` errors caused by content type mismatch.
2021-01-04 05:24:08 +01:00
vhuynh3000
3a2bd4e928 add config to decrypt on demand instead of polling 2021-01-03 20:50:52 +01:00
Perflyst
28dac81a90
Merge pull request #999 from notpushkin/patch-1
Add audio mode link to items
2021-01-03 13:58:23 +01:00
Perflyst
c89632d2a8
Merge pull request #1608 from saltycrys/add-subscription-traces
Add Subscription Traces
2020-12-31 11:30:04 +01:00
TheFrenchGhosty
82c8f3b556
Merge pull request #1600 from jksladjflkjsadflkjsadf/closeclients
Close http clients after use
2020-12-30 01:14:31 +00:00
608b9e66f4 fix channel/ID/community endpoint
fixes https://github.com/iv-org/invidious/issues/1611
2020-12-30 01:09:39 +01:00
saltycrys
dfd5e30015 Fix Video Mode Button
The query params that get edited for `embed_params` are now deep copied instead
of shallow copied, preventing the originals from being changed.
2020-12-29 01:22:56 +01:00
Perflyst
b19524d56a
Merge pull request #1609 from saltycrys/add-popular-enabled-option
Add `popular-enabled` option
2020-12-28 11:30:55 +01:00
Andrew Zhao
e0d25ff887 Close http clients after using
The crystal http client maintains a keepalive connection to the other
server which stays alive for some time. This should be closed if the
client instance is not used again to avoid hogging resources
2020-12-27 19:40:58 -05:00
saltycrys
198dfffaeb Add popular-enabled option
This is similar to the removed `top-enabled` option but for the Popular feed.
The instance needs to be restarted if the feed was enabled.

Editing admin options on the preferences page is also fixed.

The handling of the feed pages now only happens in a single place.

Instead of redirecting:
  - The Top feed now displays a message that it was removed from Invidious.
  - The Popular feed now displays a message that it was disabled if it was.
2020-12-27 06:12:43 +01:00
saltycrys
c4ef055248 Add RefreshChannelsJob traces
Traces can be enabled with `-l trace`.

The problem with subscriptions is that sometimes requests to YouTube never
finish. As soon as that happens `channel-threads` times subscriptions stop
being refreshed. This is most likely a problem with the lsquick bindings.
2020-12-27 05:20:33 +01:00
saltycrys
420ceffbb0 Rename threads to fibers
The config and command line options haven't been changed.
2020-12-27 05:14:33 +01:00
Perflyst
eeeecf9763
Merge pull request #1572 from saltycrys/add-dash-quality-preference
Add DASH quality preference
2020-12-23 20:36:13 +01:00
Perflyst
8df591e8d4
Merge pull request #1595 from saltycrys/improve-storyboards
Improve storyboards
2020-12-23 14:30:10 +01:00
saltycrys
75c6844b66 Improve storyboards
Instead of limiting the width of storyboards through CSS it is now done in the
VTT directly.
2020-12-21 17:02:36 +01:00
saltycrys
b39f01dcdf Improve logging
Everything that gets logged now has a log level associated with it.

The log level can be set with the new `-l` or `--log-level` arguments.

The defaul log level is `debug` for now. There aren't many things that get
logged but if the logs get spammed in the future it can be set down to `info`.
2020-12-21 16:32:34 +01:00
saltycrys
ef96a50cea Remove "Top" feed option from preferences
The Top feed used to be a feed based on YouTube ratings. Once YouTube removed
publicly available ratings the Top feed was removed from Invidious but the
option to display a link to it remained.
2020-12-19 19:30:42 +01:00
saltycrys
eed78c960d Improve DASH quality preference
Besides `auto`, `best` and `worst` it is now possible to select a target height.
If the target height is not available the closest lower height is selected.
2020-12-19 18:37:41 +01:00
saltycrys
eea7ca9b72 Add DASH quality preference
The options are `auto` (the current and default behavior), `best` and `worst`.

The UI is only updated once playback starts.
2020-12-19 18:37:30 +01:00
Matthew McGarvey
fb06482916 Extract out User Preferences endpoints 2020-12-15 18:54:30 -06:00
TheFrenchGhosty
2349a6ab0c Actually fix the icons of #1564 but for real this time 2020-12-09 20:21:42 +01:00
TheFrenchGhosty
70eaf41acb Actually fix the icons of #1564 by using an icon that exist in ionicons v4 2020-12-09 20:14:06 +01:00
TheFrenchGhosty
912091981e Fix the icons of #1564 and remove a useless line 2020-12-09 20:04:59 +01:00
TheFrenchGhosty
aca42ff6a5
Update the cryptocurrency addresses and replace the Liberapay link with a link to the documentation (#1564)
* Update the cryptocurrency address with newly created one

* Replace the icon used for the donation address and link

* Replace the word Monero with the word XMR

* Replace the Liberapay placeholder with a link to the documentation
2020-12-09 19:43:45 +01:00
Matthew McGarvey
2dacdf0210 Extract login/signout routes from global file 2020-12-08 20:50:39 -06:00
TheFrenchGhosty
5e8856e65b
Merge pull request #1551 from saltycrys/add-embed-link
Add embed link to watch page
2020-12-08 21:30:13 +00:00
saltycrys
d42539949e Add YT embed link to watch page 2020-12-08 19:10:29 +01:00
TheFrenchGhosty
28ca5b2b57
Merge pull request #1552 from azhao-squareup/master
do not proxy hls livestrem on supported browser
2020-12-08 18:00:36 +00:00
Andrew Zhao
0cb442d40e do not proxy hls on supported browser 2020-12-08 00:53:48 -05:00
saltycrys
30c92ce1b7 Add embed link to watch page 2020-12-08 02:28:44 +01:00
saltycrys
e55a09241e Fix Invidious playlist continuation
Playing a video in a Invidious playlist now correctly redirects to the next
video. The problem was that the offset was updated in the wrong place.
2020-12-07 22:28:27 +01:00
TheFrenchGhosty
68552b6d65
Merge pull request #1544 from schwukas/fix-youtube-subscription-import
Fix youtube subscription import
2020-12-07 17:03:57 +00:00
Lukas
77c13e10ec Update link to instructions 2020-12-07 13:34:40 +01:00
Lukas
0f66ff50a4 Fix #1516 Document is empty 2020-12-07 13:10:00 +01:00
Lukas
cb40a74aaf Add temporary link to subscription export instructions 2020-12-06 21:46:58 +01:00
saltycrys
2de206cb81 Fix comments
The YouTube headers are now always added for requests to YouTube.
Previously they were only added for requests going through QUIC.

The session token is now JSON decoded to unescape escaped Unicode characters.

The comment continuation protobuf has been updated and the request now goes
through the YouTube `pbj` JSON API.
2020-12-06 04:11:41 +01:00
TheFrenchGhosty
76cad41382
Merge pull request #1525 from saltycrys/fix-video-descriptions
Fix `extract_polymer_config`
2020-12-03 23:31:39 +00:00
saltycrys
cc684ff0b1 Fix redirect channels
Redirect channels may use JS to redirect now, instead of only a response header
as it used to be. This fix reads the channel to redirect to from `ytInitialData`.
2020-12-03 21:02:52 +01:00
saltycrys
7823c07f1a Fix extract_polymer_config
The `ytInitialPlayerResponse` regex can now handle `var` and `window`
assignments.

The video streams can now be extracted from `player_response` and
`initial_data`.

This fixes the descriptions on videos and videos themselves. Videos are
technically broken right now, but work becasue of a fallback that goes through
embeds.
2020-12-03 18:10:41 +01:00
Matthew McGarvey
d7377015a2 Extracting search endpoints 2020-12-01 18:02:39 -06:00
saltycrys
b409cdece5 Improve error message 2
Electric Boogaloo

The long backtrace has been moved into a `<details>` HTML element, as suggested
by @B0pol. To make the error still visible it has been added to the top under
`Title:`. This also encourages informative issue titles.
2020-12-01 13:41:19 +01:00
Théo Gaillard
df3f9a2ae8
fix: channel info parsing 2020-11-30 19:35:45 +01:00
TheFrenchGhosty
ca781651cb Fix formatting of #1504 2020-11-30 15:56:01 +01:00
saltycrys
92bb477f68 Improve error message
The error message has been reworded and the issue template now includes the
date, route, version and backtrace.
2020-11-30 13:02:35 +01:00
saltycrys
0f08cc5aa9 Remove backtrace on YouTube error
YouTube returning an error is not a bug in Invidious, so it should not print
a backtrace.
2020-11-30 12:57:25 +01:00
saltycrys
3dac33ffba
Add backtraces to errors (#1498)
Error handling has been reworked to always go through the new `error_template`,
`error_json` and `error_atom` macros.
They all accept a status code followed by a string message or an exception
object. `error_json` accepts a hash with additional fields as third argument.

If the second argument is an exception a backtrace will be printed, if it is a
string only the string is printed. Since up till now only the exception message
was printed a new `InfoException` class was added for situations where no
backtrace is intended but a string cannot be used.

`error_template` with a string message automatically localizes the message.
Missing error translations have been collected in https://github.com/iv-org/invidious/issues/1497
`error_json` with a string message does not localize the message. This is the
same as previous behavior. If translations are desired for `error_json` they
can be added easily but those error messages have not been collected yet.

Uncaught exceptions previously only printed a generic message ("Looks like
you've found a bug in Invidious. [...]"). They still print that message
but now also include a backtrace.
2020-11-30 10:59:21 +01:00
TheFrenchGhosty
fe73eccb90
Merge pull request #1479 from saltycrys/theme-flash
Apply dark theme immediately
2020-11-28 20:54:45 +00:00
Théo Gaillard
b41ca72d2b
revert: remove 'JSON.parse("' 2020-11-26 18:22:31 +01:00
Théo Gaillard
1ba17a0e14
feat: centralize ytInitialData parsing 2020-11-26 13:43:53 +01:00
Théo Gaillard
480d31eb5e
fix: ytInitialData parsing with regex 2020-11-26 07:22:47 +01:00
TheFrenchGhosty
1973f93d4a
Merge pull request #1482 from matthewmcgarvey/extract-playlist-routes
Extract playlist routes from global file
2020-11-20 21:48:34 +00:00
Émilien Devos
3a2f4d4def
allow to set a custom anti-captcha api url (#1473) 2020-11-20 22:21:26 +01:00
Matthew McGarvey
192d2b86b6 Extract playlist routes from global file 2020-11-19 19:21:48 -06:00
TheFrenchGhosty
6ca948ac3c
Merge pull request #1477 from saltycrys/empty-preference-values
Fill empty preference values
2020-11-19 21:45:00 +00:00
saltycrys
ff46c18164 Move themes into default.css
Now that themes are controlled with a class instead of setting
media="none" on the stylesheet link and both themes already being
duplicated in default.css for the automatic themeing it makes sense
to have all theme related CSS in the same place.

This commit also fixes the missing dark theme on embeds.
2020-11-17 22:53:45 +01:00
saltycrys
de777907f2 Apply dark theme immediately
Themes are now controlled with a class on the body element.

If a preference is set the body element will have either "dark-theme"
or "light-theme" class. If no preference is set or the preference is
empty the class will be "no-theme".

"dark-theme" and "light-theme" are handled by darktheme.css and
lighttheme.css respectively.

"no-theme" is handled by default.css where depending on the value of
"prefers-color-scheme" the styles corresponding to "dark-theme" or
"light-theme" are applied.

Unfortunately this means that both themes are duplicated, once in the
theme .css and once in default.css.
2020-11-16 04:19:41 +01:00
saltycrys
72c4fd868a Fill empty preference values 2020-11-16 01:33:55 +01:00
Émilien Devos
c9c6c1f769
Remove duplicate Referrer-Policy 2020-11-15 10:02:45 +00:00
Perflyst
bb7d8735cb
Merge branch 'master' into patch-1 2020-11-12 17:06:38 +01:00
Perflyst
557b0d76ab
Merge pull request #919 from edumoreira1506/feature/add-buttons-top-page
Add Previous/Next page buttons at the top of the page
2020-11-12 17:00:23 +01:00
Perflyst
13073411cc
Merge pull request #1465 from saltycrys/storyboards
Update videojs-vtt-thumbnails to latest upstream version and improve storyboard display
2020-11-12 16:54:28 +01:00
Johnquai
6d29e9c1b7
Fix missing videos tab on some channels (#1462)
* Fix missing videos tab on some channels

* Fixed formatting

Co-authored-by: Linux User <user@localhost.local>
2020-11-12 15:35:12 +00:00
saltycrys
d3e4739745 Improve storyboard display 2020-11-08 22:23:24 +01:00
Matthew McGarvey
38b617d848 Formatting 2020-11-07 08:22:44 -06:00
Matthew McGarvey
dda02f783f Extract embed routes into separate classes 2020-11-06 16:44:36 -06:00
Matthew McGarvey
2cded8dcac Extract /watch route from main file 2020-11-02 18:06:06 -06:00
saltycrys
9a8b81fcbe Fix storyboards 2020-10-25 09:35:16 +01:00
TheFrenchGhosty
138f38aade
more polish (#1437) 2020-10-24 03:26:17 +00:00
Triplesalt
ec4a22687f
Update get_about_info for polymer (iv-org/invidious#1423) (#1429)
Update get_about_info for polymer (iv-org/invidious#1423)
2020-10-23 01:40:07 +00:00
Ben Heller
22d9d16a7a
Update parsing of ytInitialData (#1427)
Update parsing of ytInitialData
2020-10-22 10:02:15 +00:00
Matthew McGarvey
0520e67303
[refactor] Finish converting jobs to new job setup (#1420)
[refactor] Finish converting jobs to new job setup
2020-10-17 12:25:57 +00:00
Matthew McGarvey
989317e5d3
Extract RefreshChannelsJob (#1403) 2020-10-15 14:22:41 +00:00
Perflyst
812a21bce6
Merge pull request #1372 from tleydxdy/patch-1
Add exponential backoff to refresh_channels
2020-10-10 14:01:47 +02:00
Perflyst
e02608edf8
Use channel API v3 2020-10-10 12:15:30 +02:00
TheFrenchGhosty
1a7e160956
Merge pull request #1402 from matthewmcgarvey/feed-menu-overlap
Fix feed menu overlap at iPad screen widths
2020-10-08 08:35:50 +00:00
Matthew McGarvey
5937e0289e Fix feed menu overlap at ipad screen widths 2020-10-07 23:01:18 -05:00
Matthew McGarvey
85c212aee3 Provide rough draft of better project organization 2020-10-05 23:57:19 -05:00
TheFrenchGhosty
1978c3d3bd
Merge pull request #1379 from Rjevski/patch-1
Remove on-hover tooltip from player
2020-10-05 11:11:25 +00:00
Perflyst
f65e57ee82
Fix formatting 2020-10-03 15:19:12 +02:00
Gauthier POGAM--LE MONTAGNER
1595eaeb74 Fix #1382 : Playlists missing first video
The index was set to index - 1, causing the first video to be shifted in fetch_playlist_videos
(because of its index being -1 lower than it should) and thus not displayed on playlist page.
2020-09-25 14:26:07 +02:00
Andre Borie
a54cbe896d
Remove on-hover tooltip from player
Using the player on latest Safari, the tooltip appears and stays stuck for long even when switching to fullscreen which is annoying. You need to explicitly click anywhere to dismiss that stuck tooltip.

This doesn't seem to happen in Firefox so I am not sure whether this is a browser bug, but in any case I don't see any value in keeping this tooltip so maybe we can just remove it?
2020-09-15 18:50:17 +01:00
Omar Roth
9995a8d53f
Allow cookies from anti-captcha to be optional (#1371) 2020-09-09 23:04:08 +00:00
Omar Roth
b88872d54b
Fix sub refresh (#1370) 2020-09-09 23:03:27 +00:00
tleydxdy
f02ac01f7e
Add exponential backoff to refresh_channels
In practice with the patch I usually see backoff to 2 hours when blocked, so it should improve recovery time. The lim_thread is to work with multi-threading, not sure if it's the best way to do it.
2020-09-09 11:47:11 -04:00
Ben Heller
4a6e920d0e
Use new youtube API to fetch channel videos (#1355)
* Use new API to fetch videos from channels

This mirrors the process used by subscriptions.gir.st. The old API is
tried first, and if it fails then the new one is used.

* Use the new API whenever getting videos from a channel

I created the get_channel_videos_response function because now instead
of just getting a single url, there are extra steps involved in getting
the API response for channel videos, and these steps don't need to be
repeated throughout the code.

The only remaining exception is the bypass_captcha function, which still
only makes a request to the old API. I don't know whether this code
needs to be updated to use the new API for captcha bypassing to work
correctly.

* Correctly determine video length with new api

* Remove unnecessary line
2020-09-02 20:28:57 +00:00
stranger195
13f58d602f
Replace omarroth with iv-org where applicable (#1353)
Fixes #1353
2020-08-25 16:07:16 +00:00
Omar Roth
176ef19cca
Update mixes link 2020-07-26 11:50:26 -04:00
Omar Roth
db83ede73c
Add missing default for ConfigPreferences 2020-07-26 11:09:45 -04:00
Omar Roth
452d1e8307
Fix warnings with latest version of Crystal 2020-07-26 10:59:31 -04:00
Omar Roth
1e4022680a
Fix playlists with one video 2020-07-26 10:59:31 -04:00
Omar Roth
b5f79444f9
Fix optional value in data extractor 2020-07-21 20:11:13 -04:00
Omar Roth
8ed1c77e47
Skip DASH streams segmented by URL 2020-07-04 14:17:46 -04:00
Omar Roth
8c65b8c16f
Update playlists to support polymer redesign 2020-06-24 22:19:36 -04:00
Omar Roth
1f435522b4
Fix cast from nil in short_description 2020-06-17 19:22:28 -04:00
Omar Roth
83b1d80a5b
Fix signature URL regex 2020-06-16 19:21:29 -05:00
Omar Roth
38c7dda00f
Fix genreUrl 2020-06-16 17:51:49 -05:00
Omar Roth
056e7432bd
Update channel playlists to use polymer 2020-06-16 17:51:35 -05:00
Omar Roth
1eca969cf6
Add support for polymer redesign 2020-06-15 18:18:04 -05:00
Omar Roth
c1cbdae5ee
Make HOST_URL constant 2020-06-15 18:13:14 -05:00
Omar Roth
4d4b6a2fa0
Remove top page 2020-06-15 18:11:36 -05:00
Omar Roth
d30a972a90
Support Crystal 0.35.0 2020-06-15 18:11:06 -05:00
Dmitry Sandalov
338dc3223c
Merge pull request #1182 from DmitrySandalov/master
Allow user to subscribe to playlist (#17)
2020-06-13 15:10:18 +03:00
Omar Roth
6435c7b921
Fix reCaptcha 2020-05-28 12:21:47 -05:00
mendel5
80941eacbd
More consistent HTML IDs for info section (#1156)
* More consistent IDs for info section

More consistent IDs for info section: watch-on-youtube, annotations and download

* Consistent IDs: channel-name

* Consistent IDs: published-date

The term "published" can also be found in the answer for the following YouTube API request: https://developers.google.com/youtube/v3/docs/videos/list
2020-05-26 02:57:10 -05:00
Omar Roth
ceb252986e
Update captcha job 2020-05-25 12:52:15 -05:00
Dmitry Sandalov
5d8de5fde2
Allow user to subscribe to playlist (#17) 2020-05-17 14:28:00 +03:00
Omar Roth
750ef296c6
Update captcha handler 2020-05-13 16:09:39 -05:00
Omar Roth
75450dcdbc
Update signature param 2020-05-08 08:59:09 -05:00
mendel5
9d23cf33fd
Consistent IDs for info section (#1133) 2020-04-30 15:01:29 -05:00
Omar Roth
408f3852ec
Hide playlist widget when user has no playlists 2020-04-15 16:30:02 -05:00
Omar Roth
ca1185d0be
Fix warnings in latest version of Crystal 2020-04-09 12:18:09 -05:00
Omar Roth
02d4186b11
Fix player matching 2020-04-09 10:55:50 -05:00
Omar Roth
3f97bebd69
Support adding video to playlist from watch page 2020-04-09 10:55:32 -05:00
Omar Roth
c97cdf551e
Refactor extract_plid 2020-03-30 14:27:07 -05:00
Omar Roth
3b2e142542
Fix JSON serialization 2020-03-29 18:04:44 -04:00
Omar Roth
59a15ceef6
Remove VarInt class 2020-03-15 17:47:16 -04:00
Omar Roth
4011a113cc
Strip invalid characters from referer URLs 2020-03-15 17:47:16 -04:00
leonklingele
70cbe91776
Migrate to a good Content Security Policy (#1023)
So attacks such as XSS (see [0]) will no longer be of an issue.

[0]: https://github.com/omarroth/invidious/issues/1022
2020-03-15 16:46:08 -05:00
Omar Roth
f92027c44b
Escape 'sort_by' 2020-03-10 11:25:32 -04:00
Omar Roth
a117d87f33
Skip validation checks for videoplayback, ggpht 2020-03-04 13:06:17 -05:00
Omar Roth
9dc4f8a1aa
Escape item titles in search page 2020-03-04 13:03:14 -05:00
leonklingele
0d536d11e3
Verify token signature in constant time, Run cheap checks first in token validation process (#1032)
* Verify token signature in constant time

To prevent timing side channel attacks

* Run cheap checks first in token validation process

Expensive checks such as the nonce lookup on the database or the
signature check can be run after cheap/fast checks.
2020-03-02 10:04:36 -06:00
Omar Roth
e21f770485
Fix status check for channel page 2020-02-28 15:57:45 -05:00