11 Commits

Author	SHA1	Message	Date
Cohee	8a8e8a89dc	Remove debug log. ... Don't think it makes much sense	2024-05-23 02:10:39 +03:00
Wolfsblvt	a251849f8f	WI import checking for existing worlds too ... - WI import uses the same check as create new world - API endpoint to get server-side sanitized filenames - Small changes to toast messages	2024-05-22 21:11:39 +02:00
Cohee	41ad7c5d26	Verify data bank attachments	2024-04-22 02:34:50 +03:00
Cohee	242d57c14b	Add Data Bank manager	2024-04-16 02:14:34 +03:00
Cohee	b07a6a9a78	Update all endpoints to use user directories	2024-04-07 01:47:07 +03:00
valadaptive	5096e70c11	Move client-relative path logic to helper function	2023-12-06 17:22:37 -05:00
valadaptive	39d771cc4a	Replace path "\" with "/" server-side	2023-12-06 17:22:37 -05:00
valadaptive	795ca2247b	Return filename validation messages	2023-12-06 17:22:37 -05:00
valadaptive	41d427f4a8	Move sanitize call inside validation function ... Also rename it (again) to validateAssetFileName.	2023-12-06 16:46:52 -05:00
valadaptive	c00df4f45b	Clean up file name sanitization ... - Checking for null bytes is unnecessary because the check for illegal characters directly below it will catch them. - We can use the path.extname method to get the file extension more cleanly. It returns the *last* extension (e.g. path.extname('file.foo.js') === '.js'), so behavior is preserved. - Normalizing the path is unnecessary. We don't allow any path separators in the file name, so it does nothing. - Stripping '..', path separators, and '$' is unnecessary because of the earlier illegal character check.	2023-12-05 09:25:45 -05:00
valadaptive	d24c1dde10	Use Express router for assets + "files" endpoints ... I've split out the "file/upload" endpoint into its own module, and renamed it to "files" to be consistent with the existing naming scheme.	2023-12-04 12:40:53 -05:00