54ae313563
fix(security+perf): SSRF protection, timing-safe auth, proxy cache, submit error handling
2026-04-13 17:59:29 +00:00
Claude
a879543a1c
Security audit: fix XSS, missing function, improve SSH & URL handling
...
- Fix XSS: HTML-escape all user input (URLs, package names, errors, proxy data)
- Fix NameError: add missing is_demo_link() function (called but undefined)
- Fix: remove unused http_in fetch in proxies_get()
- Security: mask API keys in log output (TMDB key no longer visible in logs)
- Security: use known_hosts for SSH host key verification when available
- Security: remove .env from git tracking, add .env.example template
- Usability: add URL reachability check before submitting to JDownloader
- Usability: add "Erledigte Jobs entfernen" button to clear finished/failed jobs
- Usability: color-code job status (red for failed, green for finished)
- Docs: add security section to README (known_hosts, HTTPS, .env)
https://claude.ai/code/session_01S774Pqazr2U8vkSyhUBgDs
2026-04-06 07:46:53 +00:00
f87f0f5cdc
Merge branch 'main' into codex/fix-jdownloader-api-package-removal-error-54zoo0
2026-01-21 21:23:26 +01:00
68353b33aa
Detect demo link downloads and fail early
2026-01-21 21:22:59 +01:00
25ad8c05d0
Add raw API cleanup fallback for JDownloader
2026-01-21 21:08:48 +01:00
6c13fbbb2f
Merge branch 'main' into codex/fetch-proxies-from-proxyscrape-api-4xe4oq
2026-01-04 14:46:06 +01:00
33282ddbcb
Remove proxy blacklist filters
2026-01-04 14:45:44 +01:00
e83f1323cd
Merge branch 'main' into codex/fetch-proxies-from-proxyscrape-api-4vaqb3
2026-01-04 14:27:07 +01:00
194b16e09c
Remove HTTP proxies from UI
2026-01-04 14:26:36 +01:00
daeee039fa
Update proxy sources for socks lists
2026-01-04 14:20:38 +01:00
97a5afbee9
Update app.py
2026-01-03 23:09:10 +01:00
1350b50199
Add your-server.de to proxy blacklist
2026-01-03 22:55:54 +01:00
a0e7ed91c7
Update jobs progress without full reload
2026-01-01 22:22:41 +01:00
30329ef72a
Fetch proxy lists from upstream sources
2026-01-01 20:18:30 +01:00
73756574e5
Fix MyJDownloader device status indentation
2025-12-31 13:10:35 +01:00
5bddd63ec1
Update device status handling in app.py
...
Change device status check to warn on non-ONLINE states.
2025-12-31 12:49:07 +01:00
7fe5a410cc
Refactor device selection logic in get_device function
2025-12-31 11:55:48 +01:00
653e5fb163
Refactor device retrieval logic in get_device()
2025-12-31 11:48:42 +01:00
db7aa503b3
Refactor get_device function for better device retrieval
2025-12-31 11:44:13 +01:00
6e9c2dc08b
Update app.py
2025-12-31 11:36:40 +01:00
3977da4291
Update app.py
2025-12-31 10:15:36 +01:00
cf98dcde52
Refactor app.py for better readability and structure
...
Refactor environment variable handling and improve code structure.
2025-12-31 09:18:32 +01:00
13daf39adc
Integrate Jellyfin and TMDB API functionality
...
Added configuration for Jellyfin API and TMDB API. Implemented functions for searching movies and TV shows, and for refreshing the Jellyfin library.
2025-12-30 23:15:17 +01:00
d9924d6d27
Refactor Myjdapi usage in app.py
2025-12-30 22:02:48 +01:00
87e8d987dc
Enhance app.py with directory options and auth
...
Added support for separate movie and series directories, implemented basic authentication, and improved error handling.
2025-12-30 22:00:27 +01:00
1ea985c7c5
Create app.py
2025-12-27 22:54:44 +01:00
