Browse Source

Added Terms of Service page.

Added virus checking to all uploads.
tags/2.0.3
Teknikode 3 years ago
parent
commit
80f3671541

+ 20
- 0
Teknik/Areas/API/Controllers/APIv1Controller.cs View File

@@ -12,6 +12,7 @@ using Teknik.Helpers;
using Teknik.Models;
using System.Text;
using Teknik.Areas.Shortener.Models;
using nClam;

namespace Teknik.Areas.API.Controllers
{
@@ -46,6 +47,25 @@ namespace Teknik.Areas.API.Controllers
fileData = binaryReader.ReadBytes(file.ContentLength);
}

// Scan the file to detect a virus
if (Config.UploadConfig.VirusScanEnable)
{
ClamClient clam = new ClamClient(Config.UploadConfig.ClamServer, Config.UploadConfig.ClamPort);
ClamScanResult scanResult = clam.SendAndScanFile(fileData);

switch (scanResult.Result)
{
case ClamScanResults.Clean:
break;
case ClamScanResults.VirusDetected:
return Json(new { error = new { message = string.Format("Virus Detected: {0}. As per our <a href=\"{1}\">Terms of Service</a>, Viruses are not permited.", scanResult.InfectedFiles.First().VirusName, Url.SubRouteUrl("tos", "TOS.Index")) } });
case ClamScanResults.Error:
break;
case ClamScanResults.Unknown:
break;
}
}

// Need to grab the contentType if it's empty
if (string.IsNullOrEmpty(contentType))
{

+ 7
- 0
Teknik/Areas/Help/Views/Help/Upload.cshtml View File

@@ -32,6 +32,13 @@
<p>
The encryption library being used is <a href="http://code.google.com/p/crypto-js/">Crypto-JS</a> and the cipher being used is <b>AES-@Model.Config.UploadConfig.KeySize</b> using the mode <b>CTR</b>. The variant of AES is determined by the size of the key used (128, 192, or 256).
</p>
<h3>Upload Requirements</h3>
<p>
The maximum file size per upload is <b>@Utility.GetBytesReadable(Model.Config.UploadConfig.MaxUploadSize)</b>
</p>
<p>
Each file is scanned for viruses at upload. If it fails, it will cancel the upload.
</p>
</div>
</div>
</div>

+ 7
- 2
Teknik/Areas/Profile/Controllers/ProfileController.cs View File

@@ -392,9 +392,14 @@ namespace Teknik.Areas.Profile.Controllers
return Json(new { error = "Unable to delete git account. Response Code: " + response.StatusCode });
}
}
catch (Exception)
catch (HttpException htex)
{
if (htex.GetHttpCode() != 404)
return Json(new { error = "Unable to delete git account. Http Exception: " + htex.Message });
}
catch (Exception ex)
{
return Json(new { error = "Unable to delete git account." });
return Json(new { error = "Unable to delete git account. Exception: " + ex.Message });
}
}


+ 23
- 0
Teknik/Areas/TOS/Controllers/TOSController.cs View File

@@ -0,0 +1,23 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using Teknik.Areas.TOS.ViewModels;
using Teknik.Controllers;

namespace Teknik.Areas.TOS.Controllers
{
public class TOSController : DefaultController
{
// GET: Privacy/Privacy
[AllowAnonymous]
public ActionResult Index()
{
ViewBag.Title = "Terms of Service - " + Config.Title;
ViewBag.Description = "Teknik Terms of Service.";

return View(new TOSViewModel());
}
}
}

+ 30
- 0
Teknik/Areas/TOS/TOSAreaRegistration.cs View File

@@ -0,0 +1,30 @@
using System.Collections.Generic;
using System.Web.Mvc;
using Teknik.Configuration;

namespace Teknik.Areas.TOS
{
public class TOSAreaRegistration : AreaRegistration
{
public override string AreaName
{
get
{
return "TOS";
}
}

public override void RegisterArea(AreaRegistrationContext context)
{
Config config = Config.Load();
context.MapSubdomainRoute(
"TOS.Index", // Route name
new List<string>() { "tos" }, // Subdomains
new List<string>() { config.Host }, // domains
"", // URL with parameters
new { controller = "TOS", action = "Index" }, // Parameter defaults
new[] { typeof(Controllers.TOSController).Namespace }
);
}
}
}

+ 12
- 0
Teknik/Areas/TOS/ViewModels/TOSViewModel.cs View File

@@ -0,0 +1,12 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using Teknik.ViewModels;

namespace Teknik.Areas.TOS.ViewModels
{
public class TOSViewModel : ViewModelBase
{
}
}

+ 24
- 0
Teknik/Areas/TOS/Views/Shared/Index.cshtml View File

@@ -0,0 +1,24 @@
@model Teknik.Areas.TOS.ViewModels.TOSViewModel

@using Teknik.Models
<div class="container">
<div class="row">
<div class="col-xs-10">
<h2>Terms of Service for Teknik Services</h2>
<p>
Below are the terms of service for the Teknik Services. By using our services, you agree to all of the below terms.
</p>
<ul>
<li>No illegal content as defined by the country the user resides. If you are viewing content, be mindful that laws differ between regions.</li>
<li>Any Malware uploads or otherwise hosted/linked content will be removed without notice.</li>
<li>Email is limited to a maximum of 100 outbound email messages per day. This is to prevent spam accounts. If your account is flagged as spamming, it will be deleted without notice.</li>
<li>Copyrighted content will be removed only after a valid DMCA is recieved and verified.</li>
</ul>
</div>
</div>
<div class="row">
<div class="col-xs-10">
<p><i>Last Modified May 8, 2016</i></p>
</div>
</div>
</div>

+ 3
- 0
Teknik/Areas/TOS/Views/_ViewStart.cshtml View File

@@ -0,0 +1,3 @@
@{
Layout = "~/Views/Shared/_Layout.cshtml";
}

+ 36
- 0
Teknik/Areas/TOS/Views/web.config View File

@@ -0,0 +1,36 @@
<?xml version="1.0"?>

<configuration>
<configSections>
<sectionGroup name="system.web.webPages.razor" type="System.Web.WebPages.Razor.Configuration.RazorWebSectionGroup, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<section name="host" type="System.Web.WebPages.Razor.Configuration.HostSection, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" />
<section name="pages" type="System.Web.WebPages.Razor.Configuration.RazorPagesSection, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" />
</sectionGroup>
</configSections>

<system.web.webPages.razor>
<host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<pages pageBaseType="System.Web.Mvc.WebViewPage">
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
<add namespace="System.Web.Optimization" />
<add namespace="Teknik" />
</namespaces>
</pages>
</system.web.webPages.razor>

<appSettings>
<add key="webpages:Enabled" value="false" />
</appSettings>

<system.webServer>
<handlers>
<remove name="BlockViewHandler"/>
<add name="BlockViewHandler" path="*" verb="*" preCondition="integratedMode" type="System.Web.HttpNotFoundHandler" />
</handlers>
</system.webServer>
</configuration>

+ 25
- 4
Teknik/Areas/Upload/Controllers/UploadController.cs View File

@@ -1,4 +1,5 @@
using Piwik.Tracker;
using nClam;
using Piwik.Tracker;
using System;
using System.Collections.Generic;
using System.Data.Entity;
@@ -56,6 +57,26 @@ namespace Teknik.Areas.Upload.Controllers
{
fileData = binaryReader.ReadBytes(data.ContentLength);
}

// Scan the file to detect a virus
if (Config.UploadConfig.VirusScanEnable)
{
ClamClient clam = new ClamClient(Config.UploadConfig.ClamServer, Config.UploadConfig.ClamPort);
ClamScanResult scanResult = clam.SendAndScanFile(fileData);

switch (scanResult.Result)
{
case ClamScanResults.Clean:
break;
case ClamScanResults.VirusDetected:
return Json(new { error = new { message = string.Format("Virus Detected: {0}. As per our <a href=\"{1}\">Terms of Service</a>, Viruses are not permited.", scanResult.InfectedFiles.First().VirusName, Url.SubRouteUrl("tos", "TOS.Index")) } });
case ClamScanResults.Error:
break;
case ClamScanResults.Unknown:
break;
}
}

// if they want us to encrypt it, we do so here
if (encrypt)
{
@@ -86,14 +107,14 @@ namespace Teknik.Areas.Upload.Controllers
}
return Json(new { result = new { name = upload.Url, url = Url.SubRouteUrl("u", "Upload.Download", new { file = upload.Url }), key = key } }, "text/plain");
}
return Json(new { error = "Unable to upload file" });
return Json(new { error = new { message = "Unable to upload file" } });
}
else
{
return Json(new { error = "File Too Large" });
return Json(new { error = new { message = "File Too Large" } });
}
}
return Json(new { error = "Uploads are disabled" });
return Json(new { error = new { message = "Uploads are disabled" } });
}

// User did not supply key

+ 36
- 21
Teknik/Areas/Upload/Scripts/Upload.js View File

@@ -290,25 +290,26 @@ function uploadProgress(fileID, evt) {

function uploadComplete(fileID, key, saveKey, serverSideEncrypt, evt) {
obj = JSON.parse(evt.target.responseText);
var name = obj.result.name;
var fullName = obj.result.url;
if (obj.result.key != null)
key = obj.result.key;
if (!saveKey) {
fullName = fullName + '#' + key;
}
$('#progress-' + fileID).children('.progress-bar').css('width', '100%');
$('#progress-' + fileID).children('.progress-bar').html('Complete');
$('#upload-link-' + fileID).html('<p><a href="' + fullName + '" id="full-url-link-' + fileID + '" target="_blank" class="alert-link">' + fullName + '</a></p>');
var keyBtn = '<div class="col-sm-4 text-center" id="key-link-' + fileID + '"> \
if (obj.result != null) {
var name = obj.result.name;
var fullName = obj.result.url;
if (obj.result.key != null)
key = obj.result.key;
if (!saveKey) {
fullName = fullName + '#' + key;
}
$('#progress-' + fileID).children('.progress-bar').css('width', '100%');
$('#progress-' + fileID).children('.progress-bar').html('Complete');
$('#upload-link-' + fileID).html('<p><a href="' + fullName + '" id="full-url-link-' + fileID + '" target="_blank" class="alert-link">' + fullName + '</a></p>');
var keyBtn = '<div class="col-sm-4 text-center" id="key-link-' + fileID + '"> \
<button type="button" class="btn btn-default btn-sm" id="save-key-link-' + fileID + '">Save Key On Server</button> \
</div>';
if (saveKey) {
keyBtn = '<div class="col-sm-4 text-center" id="key-link-' + fileID + '"> \
if (saveKey) {
keyBtn = '<div class="col-sm-4 text-center" id="key-link-' + fileID + '"> \
<button type="button" class="btn btn-default btn-sm" id="remove-key-link-' + fileID + '">Remove Key From Server</button> \
</div>';
}
$('#link-footer-' + fileID).html(' \
}
$('#link-footer-' + fileID).html(' \
<div class="row"> \
' + keyBtn + ' \
<div class="col-sm-4 text-center"> \
@@ -319,14 +320,28 @@ function uploadComplete(fileID, key, saveKey, serverSideEncrypt, evt) {
</div> \
</div> \
');
if (saveKey) {
linkRemoveKey('#remove-key-link-' + fileID + '', name, key, fileID);
if (saveKey) {
linkRemoveKey('#remove-key-link-' + fileID + '', name, key, fileID);
}
else {
linkSaveKey('#save-key-link-' + fileID + '', name, key, fileID);
}
linkUploadDelete('#generate-delete-link-' + fileID + '', name);
linkShortenUrl('#shortenUrl-button-' + fileID + '', fileID, fullName);
}
else {
linkSaveKey('#save-key-link-' + fileID + '', name, key, fileID);
else
{
$('#progress-' + fileID).children('.progress-bar').css('width', '100%');
$("#progress-" + fileID).children('.progress-bar').removeClass('progress-bar-success');
$("#progress-" + fileID).children('.progress-bar').addClass('progress-bar-danger');
$('#remove-link-' + fileID).text('Clear Upload');
if (obj.error != null) {
$('#progress-' + fileID).children('.progress-bar').html(obj.error.message);
}
else {
$('#progress-' + fileID).children('.progress-bar').html('Unable to Upload File');
}
}
linkUploadDelete('#generate-delete-link-' + fileID + '', name);
linkShortenUrl('#shortenUrl-button-' + fileID + '', fileID, fullName);
}

function uploadFailed(fileID, evt) {

+ 7
- 0
Teknik/Configuration/UploadConfig.cs View File

@@ -23,6 +23,10 @@ namespace Teknik.Configuration
public bool IncludeExtension { get; set; }
// The size of the chunk that the file will be encrypted/decrypted in (bytes)
public int ChunkSize { get; set; }
// Virus Scanning Settings
public bool VirusScanEnable { get; set; }
public string ClamServer { get; set; }
public int ClamPort { get; set; }

public UploadConfig()
{
@@ -42,6 +46,9 @@ namespace Teknik.Configuration
BlockSize = 128;
IncludeExtension = true;
ChunkSize = 1024;
VirusScanEnable = false;
ClamServer = "localhost";
ClamPort = 3310;
}
}
}

+ 12
- 0
Teknik/Teknik.csproj View File

@@ -76,6 +76,10 @@
<HintPath>..\packages\MySql.Data.6.9.8\lib\net45\MySql.Data.dll</HintPath>
<Private>True</Private>
</Reference>
<Reference Include="nClam, Version=2.0.6.0, Culture=neutral, processorArchitecture=MSIL">
<HintPath>..\packages\nClam.2.0.6.0\lib\net40-Client\nClam.dll</HintPath>
<Private>True</Private>
</Reference>
<Reference Include="Newtonsoft.Json, Version=8.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
<HintPath>..\packages\Newtonsoft.Json.8.0.2\lib\net45\Newtonsoft.Json.dll</HintPath>
<Private>True</Private>
@@ -219,6 +223,9 @@
<Compile Include="Areas\Stream\Controllers\StreamController.cs" />
<Compile Include="Areas\Stream\StreamAreaRegistration.cs" />
<Compile Include="Areas\Stream\ViewModels\StreamViewModel.cs" />
<Compile Include="Areas\TOS\Controllers\TOSController.cs" />
<Compile Include="Areas\TOS\TOSAreaRegistration.cs" />
<Compile Include="Areas\TOS\ViewModels\TOSViewModel.cs" />
<Compile Include="Areas\Transparency\Controllers\TransparencyController.cs" />
<Compile Include="Areas\Transparency\Models\Bill.cs" />
<Compile Include="Areas\Transparency\Models\Donation.cs" />
@@ -503,6 +510,9 @@
<Content Include="Areas\Shortener\Views\_ViewStart.cshtml" />
<Content Include="Areas\Shortener\Views\Shortener\Index.cshtml" />
<Content Include="Areas\Help\Views\Help\API\v1\Shorten.cshtml" />
<Content Include="Areas\TOS\Views\web.config" />
<Content Include="Areas\TOS\Views\_ViewStart.cshtml" />
<Content Include="Areas\TOS\Views\Shared\Index.cshtml" />
<None Include="Properties\PublishProfiles\Teknik Dev.pubxml" />
<None Include="Properties\PublishProfiles\Teknik Production.pubxml" />
<None Include="Scripts\jquery-2.1.4.intellisense.js" />
@@ -595,6 +605,8 @@
<Folder Include="Areas\Profile\Views\Shared\" />
<Folder Include="Areas\Shortener\Views\Shared\" />
<Folder Include="Areas\Stream\Views\Shared\" />
<Folder Include="Areas\TOS\Models\" />
<Folder Include="Areas\TOS\Views\TOS\" />
<Folder Include="Areas\Transparency\Views\Shared\" />
<Folder Include="Areas\Upload\Views\Shared\" />
</ItemGroup>

+ 1
- 1
Teknik/Views/Shared/_Footer.cshtml View File

@@ -15,7 +15,7 @@
}
<div class="row">
<div class="col-md-6 text-left text-muted">
&copy; Teknik 2013-2016 | <a href="@Url.SubRouteUrl("privacy", "Privacy.Index")">Privacy</a> | <a href="@Url.SubRouteUrl("transparency", "Transparency.Index")">Transparency</a>
&copy; Teknik 2013-2016 | <a href="@Url.SubRouteUrl("privacy", "Privacy.Index")">Privacy</a> | <a href="@Url.SubRouteUrl("tos", "TOS.Index")">TOS</a> | <a href="@Url.SubRouteUrl("transparency", "Transparency.Index")">Transparency</a>
</div>
<div class="col-md-6 text-right text-muted">
<div id="pagetime" style="display:none;">

+ 1
- 0
Teknik/packages.config View File

@@ -24,6 +24,7 @@
<package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net46" userInstalled="true" />
<package id="Modernizr" version="2.8.3" targetFramework="net452" userInstalled="true" />
<package id="MySql.Data" version="6.9.8" targetFramework="net452" />
<package id="nClam" version="2.0.6.0" targetFramework="net452" />
<package id="Newtonsoft.Json" version="8.0.2" targetFramework="net452" userInstalled="true" />
<package id="Piwik.Tracker" version="2.8.0.0" targetFramework="net452" />
<package id="Respond" version="1.4.2" targetFramework="net452" userInstalled="true" />

Loading…
Cancel
Save