Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-10-10 | Merge pull request #1923 from webtorrent/add_utp_support | Kaylee | |
uTP support (disabled by default). when enabled, uTP is tried first for all ip:port and timeouts fall back to TCP Co-authored-by: Pierre Dubouilh <pldubouilh@gmail.com> | |||
2020-10-06 | keeping code consistency | Jean-Philippe ALLEGRO | |
applying changes according to @alxhotel suggestion https://github.com/webtorrent/webtorrent/pull/1925#discussion_r499647106 | |||
2020-10-05 | check if torrent is destroyed before emitting download/upload event | Jean-Philippe ALLEGRO | |
closes https://github.com/webtorrent/webtorrent/issues/1924 | |||
2020-10-03 | PR review improvements | Julen Garcia Leunda | |
2020-10-02 | Add uTP support (BEP29) | Julen Garcia Leunda | |
2020-09-10 | Merge pull request #1364 from KayleePop/destroy | Kaylee | |
2020-06-16 | refactor torrent._rechoke() | KayleePop | |
2020-05-26 | update interest when a peer's bitfield changes | KayleePop | |
It happened eventually before this, but was delayed until the next piece finished downloading | |||
2020-05-26 | fix: not setting initial wire interest | KayleePop | |
https://github.com/webtorrent/webtorrent/issues/1864 | |||
2020-05-14 | Change parseRange.parse to parseRange | x1alien | |
node-parse-numeric-range does not support parse function as of Jan 6, 2020. Refer commit https://github.com/euank/node-parse-numeric-range/commit/9483328128c7d639361e3395ecb8a2b21fe07de4 . | |||
2020-04-15 | implement store destruction option | KayleePop | |
2020-04-02 | fix ratio | Diego Rodriguez Baquero | |
2020-03-16 | Merge pull request #1819 from webtorrent/add-private-docs | Alex | |
Fix and document "private" option | |||
2020-03-15 | Improve code readability | Alex | |
2020-03-15 | use native Set instead of uniq library | KayleePop | |
2020-03-15 | Add tests for private option | Alex | |
2020-03-14 | Add private attribute to docs | Alex | |
2020-01-03 | Check if client is set when debug logging. | jsdt | |
2019-09-11 | Return server from server.listen for method chaining to work (#1641) | Feross Aboukhadijeh | |
Return server from server.listen for method chaining to work | |||
2019-09-07 | Fix how the first piece's irrelevant bytes are calculated (#1738) | Feross Aboukhadijeh | |
Fix how the first piece's irrelevant bytes are calculated | |||
2019-09-07 | Merge pull request #1615 from guanzo/requestIdleCallback | Feross Aboukhadijeh | |
Adds timeout option to requestIdleCallback | |||
2019-09-07 | Fix how the first piece's irrelevant bytes are calculated | Feross Aboukhadijeh | |
2019-09-07 | server: Use relative URLs | Feross Aboukhadijeh | |
Fixes: https://github.com/webtorrent/webtorrent/pull/1598 | |||
2019-09-07 | User might destroy torrent in response to 'metadata' event | Feross Aboukhadijeh | |
Fixes: https://github.com/webtorrent/webtorrent-cli/issues/112 Fix for PR https://github.com/webtorrent/webtorrent/pull/1737 | |||
2019-09-06 | Emit `metadata` event before `ready` and `done` | Alex | |
2019-08-27 | Address @diracdeltas feedback on #1714 | Feross Aboukhadijeh | |
2019-08-27 | Set security headers on /favicon.ico responses | Feross Aboukhadijeh | |
2019-08-27 | Fix http server XSS | Feross Aboukhadijeh | |
Low risk xss. If the torrent contains a specially crafted title or file name, and the user starts the WebTorrent HTTP server via createServer(), and then the user visits the HTTP server index page (which lists the contents of the torrent), then the attacker can run JavaScript in this browser context. The reason this seems relatively low risk is that the WebTorrent HTTP server only allows fetching data pieces from the torrent. It doesn't support any other control of the torrent client. So, attacker code could e.g. figure out what content the user is downloading and exfiltrate that to an external domain. This commit mitigates the issue in two ways (either of which could have prevented this XSS on its own): 1. HTML-escape untrusted torrent metadata (name, path, file names, etc.) 2. Add the strictest possible CSP to prevent all connections, scripts, styles, plugins, frames. Every capability is denied. | |||
2019-08-18 | Merge pull request #1701 from alxhotel/fix-left-parameter | Feross Aboukhadijeh | |
Fix 'left' parameter on seed | |||
2019-08-13 | print debug log in error case | Feross Aboukhadijeh | |
2019-08-12 | Fix left parameter for asynchronous behaviour | Alex | |
2019-08-11 | Fix 'left' parameter on seed | Alex | |
2019-08-09 | Merge pull request #1692 from webtorrent/greenkeeper/stream-to-blob-url-3.0.0 | Feross Aboukhadijeh | |
Update stream-to-blob-url to the latest version 🚀 | |||
2019-08-09 | Fixes for stream-to-blob-url@3 | Feross Aboukhadijeh | |
2019-08-08 | Adds missing callback. | Eric Guan | |
2019-08-07 | remove safe-buffer | Feross Aboukhadijeh | |
2019-08-04 | remove require('url') | Feross Aboukhadijeh | |
For: https://github.com/webtorrent/webtorrent/issues/1681 | |||
2019-08-04 | Merge pull request #1679 from ddumont/patch-1 | Feross Aboukhadijeh | |
better error message for end < start | |||
2019-08-02 | stream-to-blob@2 | Feross Aboukhadijeh | |
For https://github.com/brave/brave-browser/issues/5490 | |||
2019-08-01 | server: use 'application/octet-stream' mimetype as fallback | Feross Aboukhadijeh | |
Instead of a mimetype of "null" Fixes: https://github.com/brave/brave-browser/issues/5489 | |||
2019-08-01 | better error message for end < start | Dan Dumont | |
2019-07-30 | Fix server hostname deny feature | Feross Aboukhadijeh | |
It appears that this feature, originally added in https://github.com/webtorrent/webtorrent/pull/1260, never worked correctly. When the request hostname does not match the user-provided opts.hostname value, we should stop processing the request and return nothing. Instead, what was happening was that we'd simply omit the Access-Control-Allow-Origin header, which is not sufficient since the whole point of DNS rebinding attacks is that they appear same origin and therefore don't require a CORS header. | |||
2019-07-24 | Fix error in Chrome extension environment | Feross Aboukhadijeh | |
Fixes https://github.com/brave/brave-browser/issues/5358 | |||
2019-07-09 | Merge pull request #1650 from jhiesey/rescan | Feross Aboukhadijeh | |
Add torrent.rescanFiles() to allow manual verify | |||
2019-07-09 | Add torrent.rescanFiles() to allow manual verify | John Hiesey | |
Useful if files are modified externally to webtorrent. | |||
2019-07-06 | standard | Feross Aboukhadijeh | |
2019-07-05 | 'url.parse' was deprecated since v11.0.0. Use 'url.URL' constructor instead | Feross Aboukhadijeh | |
2019-06-19 | Remove semicolon | Diego RodrÃguez Baquero | |
2019-06-19 | Return server on listen | Diego RodrÃguez Baquero | |
2019-06-17 | Return server from server.listen for method chaining to work | Anton Harniakou | |