Skip to content
Permalink
Browse files

Various config changes

  • Loading branch information...
millinon committed Aug 27, 2016
1 parent ea23be2 commit 298fad012f5aea078a6f8410b3082ca06128929a
Showing with 59 additions and 51 deletions.
  1. +9 −0 description.json
  2. +40 −38 nginx-conf/sites-available/jump.conf
  3. +9 −12 www/include/api/api.hh
  4. +1 −1 www/include/html/header.hh
@@ -0,0 +1,9 @@
{
"title": "jump.wtf",
"description": "jump.wtf is a free link shortening and file hosting service. It allows you to take a long-form URL, like 'http://example.com/foo/bar', and turn it into a short URL, like 'https://jump.wtf/mFczTp'.",
"relation": "https://jump.wtf",
"keywords": "link shortening, file hosting, tinyurl alternative, imgur alternative",
"type": "hosting",
"language": "en",
"contactInformation": "admin@jump.wtf"
}
@@ -1,4 +1,4 @@
log_format jump_access '[$time_local] $remote_user $server_name $request $status "$http_referer $http_user_agent"';
log_format jump_access '[$time_local] $remote_addr $server_name $request $status "$http_referer $http_user_agent"';

# redirect http://jump.wtf to https://jump.wtf
server {
@@ -110,8 +110,8 @@ server {
server_tokens off;
}

add_header 'Access-Control-Allow-Origin' "https://jump.wtf";
add_header 'Content-Security-Policy' "default-src 'self' https://*.jump.wtf; script-src 'self' https://*.jump.wtf; img-src 'self' https://*.jump.wtf data:; style-src 'self' 'unsafe-inline' https://*.jump.wtf https://fonts.googleapis.com; font-src 'self' https://*.jump.wtf https://fonts.googleapis.com https://fonts.gstatic.com; frame-s rc 'none'; object-src 'none'; media-src data:;";
add_header 'Access-Control-Allow-Origin' "*";
# add_header 'Content-Security-Policy' "default-src 'self' https://*.jump.wtf; script-src 'self' https://*.jump.wtf; img-src 'self' https://f.jump.wtf data:; style-src 'self' 'unsafe-inline' https://f.jump.wtf https://fonts.googleapis.com; font-src 'self' https://*.jump.wtf https://fonts.googleapis.com https://fonts.gstatic.com; frame-s rc 'none'; object-src 'none'; media-src data:;";
}

server {
@@ -123,7 +123,16 @@ server {

client_max_body_size 64m;


root /var/www/jump/htdocs;

location /static {
alias /var/www/jump/htdocs;
try_files $uri =404;
autoindex off;
access_log off;
server_tokens off;
}

location / {

access_log /var/log/jump/access.log jump_access;
@@ -137,39 +146,32 @@ server {
fastcgi_param DOCUMENT_ROOT "/var/www/jump/";
server_tokens off;
}
add_header 'Content-Security-Policy' "default-src 'self' http://*.jumpwtfbk44aa37y.onion; script-src 'self' http://*.jumpwtfbk44aa37y.onion; img-src 'self' http://*.jumpwtfbk44aa37y.onion data:; style-src 'self' 'unsafe-inline' http://*.jumpwtfbk44aa37y.onion http://fonts.googleapis.com https://fonts.googleapis.com; font-src 'self' http://*.jumpwtfbk44aa37y.onion http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com; frame-src 'none'; object-src 'none'; media-src data:;";
add_header 'Content-Security-Policy' "default-src 'self'; script-src 'self' 'unsafe-inline' http://jumpwtfbk44aa37y.onion; img-src 'self' https://f.jump.wtf data:; style-src 'self' 'unsafe-inline' http://jumpwtfbk44aa37y.onion http://fonts.googleapis.com https://fonts.googleapis.com; font-src 'self' http://jumpwtfbk44aa37y.onion http://fonts.googleapis.com http://fonts.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com; object-src 'none'; media-src data:;";
}

server {
listen 127.0.0.1:80;

server_name static.jumpwtfbk44aa37y.onion;

add_header 'X-Content-Type-Options' "nosniff";
add_header 'Cache-Control' "no-transform";
expires modified +24h;

gzip on;
gzip_proxied any;
gzip_types text/plain text/xml text/css application/javascript application/font-woff2;
gzip_vary on;
gzip_min_length 10240;
gzip_static on;

root /var/www/jump/htdocs;

location /static {
alias /var/www/jump/htdocs;
try_files $uri =404;
autoindex off;
access_log off;
server_tokens off;
}

location / {
try_files $uri =404;
autoindex off;
server_tokens off;
}
add_header 'Access-Control-Allow-Origin' "jumpwtfbk44aa37y.onion";
}
#server {
# listen 127.0.0.1:80;
#
# server_name static.jumpwtfbk44aa37y.onion;
#
# add_header 'X-Content-Type-Options' "nosniff";
# add_header 'Cache-Control' "no-transform";
# expires modified +24h;
#
# root /var/www/jump/htdocs;
#
# location /static {
# alias /var/www/jump/htdocs;
# try_files $uri =404;
# autoindex off;
# access_log off;
# server_tokens off;
# }
#
# location / {
# try_files $uri =404;
# autoindex off;
# server_tokens off;
# }
# add_header 'Access-Control-Allow-Origin' "*";
#}
@@ -367,15 +367,16 @@ class jump_api {
'TableName' => aws_config::LINK_TABLE,
'Item' => array_merge(
[
'Object ID' => ['S' => $new_key],
'pass' => ['S' => $pass],
'Object ID' => ['S' => $new_key],
'pass' => ['S' => $pass],
'private_b' => ['BOOL' => $input['private']],
'active_b' => ['BOOL' => true],
'file_b' => ['BOOL' => true],
'time' => ['S' => date(DateTime::W3C)],
'filename' => ['S' => $new_key.$extension],
'ext' => ['S' => $extension],
'clicks' => ['N' => strval($input['clicks'] ?: 0)],
'active_b' => ['BOOL' => true],
'file_b' => ['BOOL' => true],
'time' => ['S' => date(DateTime::W3C)],
'filename' => ['S' => $new_key.$extension],
'ext' => ['S' => $extension],
'clicks' => ['N' => strval($input['clicks'] ?: 0)],
'IP' => ['S' => $_SERVER['REMOTE_ADDR']],
],
(!empty($salt) ? ['salt' => ['S' => $salt]] : []),
),
@@ -832,10 +833,6 @@ class jump_api {
array_push($kill_list, 'Checksum');
}

if (isset($item['IP'])) {
array_push($kill_list, 'IP');
}

if (isset($item['origname'])) {
array_push($kill_list, 'origname');
}
@@ -53,7 +53,7 @@ function gen_head($title = "JUMP.WTF") {
/>
<link
rel="stylesheet"
href="//fonts.googleapis.com/css?family=Montserrat:700"
href="https://fonts.googleapis.com/css?family=Montserrat:700"
type="text/css"
data-noprefix=""
/>

0 comments on commit 298fad0

Please sign in to comment.
You can’t perform that action at this time.