From b7540fb2b1bbe016d23b8a7f3e7ab3edafb219c8 Mon Sep 17 00:00:00 2001 From: Marvin Borner Date: Sat, 4 May 2019 19:10:18 +0200 Subject: Fixed major security issues Co-authored-by: LarsVomMars --- src/main/resources/js/files.js | 4 +--- src/main/resources/views/index.rocker.html | 1 - src/main/resources/views/register.rocker.html | 3 ++- 3 files changed, 3 insertions(+), 5 deletions(-) (limited to 'src/main/resources') diff --git a/src/main/resources/js/files.js b/src/main/resources/js/files.js index 16b59cb..0102296 100644 --- a/src/main/resources/js/files.js +++ b/src/main/resources/js/files.js @@ -23,9 +23,7 @@ drop.addEventListener('drop', e => { for (let i = 0; i < items.length; i++) { const item = items[i].webkitGetAsEntry(); const file = items[i].getAsFile(); - - // TODO: Consider using current date due to updated lastModified state at upload - const date = new Date(file.lastModified); + const date = new Date(); const row = document.getElementById("table").insertRow(-1); row.setAttribute("data-href", file.name); diff --git a/src/main/resources/views/index.rocker.html b/src/main/resources/views/index.rocker.html index 650a4b7..98a659e 100644 --- a/src/main/resources/views/index.rocker.html +++ b/src/main/resources/views/index.rocker.html @@ -7,7 +7,6 @@
@if(username.length() > 0) { - Logout } else if (!(new DatabaseController()).isSetup()) { Setup diff --git a/src/main/resources/views/register.rocker.html b/src/main/resources/views/register.rocker.html index 6d314dd..af3d127 100644 --- a/src/main/resources/views/register.rocker.html +++ b/src/main/resources/views/register.rocker.html @@ -1,4 +1,4 @@ -@args (String username, String message) +@args (String username, String token, String message) @layout.template("Register", RockerContent.NONE, RockerContent.NONE) -> {
@@ -8,6 +8,7 @@

Please set a password for user "@username"

+
-- cgit v1.2.3