mirror of https://github.com/sc0tfree/updog.git
Merge 58fa210c9b
into 28a1ac1612
This commit is contained in:
commit
7dd41e7bfb
20
README.md
20
README.md
|
@ -1,8 +1,3 @@
|
|||
![Version 1.4](http://img.shields.io/badge/version-v1.4-green.svg)
|
||||
![Python 3.8](http://img.shields.io/badge/python-3.8-blue.svg)
|
||||
[![MIT License](http://img.shields.io/badge/license-MIT%20License-blue.svg)](https://github.com/sc0tfree/updog/blob/master/LICENSE)
|
||||
[![sc0tfree Twitter](http://img.shields.io/twitter/url/http/shields.io.svg?style=social&label=Follow)](https://twitter.com/sc0tfree)
|
||||
|
||||
<p>
|
||||
<img src="https://sc0tfree.squarespace.com/s/updog.png" width=85px alt="updog"/>
|
||||
</p>
|
||||
|
@ -11,15 +6,11 @@ Updog is a replacement for Python's `SimpleHTTPServer`.
|
|||
It allows uploading and downloading via HTTP/S,
|
||||
can set ad hoc SSL certificates and use HTTP basic auth.
|
||||
|
||||
<p align="center">
|
||||
<img src="https://sc0tfree.squarespace.com/s/updog-screenshot.png" alt="Updog screenshot"/>
|
||||
</p>
|
||||
|
||||
## Installation
|
||||
|
||||
Install using pip:
|
||||
Install using pipx:
|
||||
|
||||
`pip3 install updog`
|
||||
`pipx install git+https://github.com/KFDCompiled/updog`
|
||||
|
||||
## Usage
|
||||
|
||||
|
@ -60,6 +51,13 @@ enter the password in the password field.
|
|||
|
||||
`updog --ssl`
|
||||
|
||||
**Upload using curl:**
|
||||
`curl -v -XPOST -F "file=@PATH/NAME;filename=NAME" -F "path=/FULL/PATH/TO/UPDOG/WORKINGDIR" http://IP:PORT/upload`
|
||||
|
||||
if you started updog with `updog -p 80 -d ${PREFIX}/www` then `curl -v -XPOST -F "file=@Public/foo;filename=foo" -F "path=${PREFIX}/www" http://IP:80/upload`
|
||||
|
||||
|
||||
|
||||
## Thanks
|
||||
|
||||
A special thank you to [Nicholas Smith](http://nixmith.com) for
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
colorama
|
||||
flask
|
||||
flask_httpauth
|
||||
werkzeug
|
||||
pyopenssl
|
||||
flask_cors
|
||||
werkzeug == 1.01
|
||||
pyopenssl
|
||||
|
|
|
@ -4,6 +4,7 @@ import argparse
|
|||
|
||||
from flask import Flask, render_template, send_file, redirect, request, send_from_directory, url_for, abort
|
||||
from flask_httpauth import HTTPBasicAuth
|
||||
from flask_cors import CORS
|
||||
from werkzeug.utils import secure_filename
|
||||
from werkzeug.security import generate_password_hash, check_password_hash
|
||||
from werkzeug.serving import run_simple
|
||||
|
@ -34,6 +35,7 @@ def parse_arguments():
|
|||
parser.add_argument('--password', type=str, default='', help='Use a password to access the page. (No username)')
|
||||
parser.add_argument('--ssl', action='store_true', help='Use an encrypted connection')
|
||||
parser.add_argument('--version', action='version', version='%(prog)s v'+VERSION)
|
||||
parser.add_argument('--cors', action='store_true', help='Enable CORS')
|
||||
|
||||
args = parser.parse_args()
|
||||
|
||||
|
@ -49,6 +51,9 @@ def main():
|
|||
app = Flask(__name__)
|
||||
auth = HTTPBasicAuth()
|
||||
|
||||
if args.cors:
|
||||
CORS(app)
|
||||
|
||||
global base_directory
|
||||
base_directory = args.directory
|
||||
|
||||
|
@ -110,6 +115,8 @@ def main():
|
|||
except PermissionError:
|
||||
abort(403, 'Read Permission Denied: ' + requested_path)
|
||||
|
||||
# remove the base_directory
|
||||
requested_path = requested_path[len(base_directory):]
|
||||
return render_template('home.html', files=directory_files, back=back,
|
||||
directory=requested_path, is_subdirectory=is_subdirectory, version=VERSION)
|
||||
else:
|
||||
|
@ -121,22 +128,24 @@ def main():
|
|||
@app.route('/upload', methods=['POST'])
|
||||
@auth.login_required
|
||||
def upload():
|
||||
global base_directory
|
||||
|
||||
if request.method == 'POST':
|
||||
|
||||
# No file part - needs to check before accessing the files['file']
|
||||
if 'file' not in request.files:
|
||||
return redirect(request.referrer)
|
||||
return redirect(request.headers.get('Referer', '/'))
|
||||
|
||||
path = request.form['path']
|
||||
path = base_directory + request.form.get('path', '/')
|
||||
# Prevent file upload to paths outside of base directory
|
||||
if not is_valid_upload_path(path, base_directory):
|
||||
return redirect(request.referrer)
|
||||
return redirect(request.headers.get('Referer', '/'))
|
||||
|
||||
for file in request.files.getlist('file'):
|
||||
|
||||
# No filename attached
|
||||
if file.filename == '':
|
||||
return redirect(request.referrer)
|
||||
return redirect(request.headers.get('Referer', '/'))
|
||||
|
||||
# Assuming all is good, process and save out the file
|
||||
# TODO:
|
||||
|
@ -149,7 +158,7 @@ def main():
|
|||
except PermissionError:
|
||||
abort(403, 'Write Permission Denied: ' + full_path)
|
||||
|
||||
return redirect(request.referrer)
|
||||
return redirect(request.headers.get('Referer', '/'))
|
||||
|
||||
# Password functionality is without username
|
||||
users = {
|
||||
|
|
Loading…
Reference in New Issue