lgommans / dro.pm Goto Github PK
View Code? Open in Web Editor NEWDrop links, text and files for easy sharing
License: GNU General Public License v3.0
Drop links, text and files for easy sharing
License: GNU General Public License v3.0
Hi,
I really like your website and I use it all the time in my class. Often I share a link on the big screen with them and it would be really cool and handy if they could also just scan a big QR code instead of typing in dro.pm/X (which they often misspell by the way:))
Got a well-written user report about not being able to download a file. Upon investigation (luckily I saw the report before the link expired), it turned out that the serialized data in the database contains a non-ASCII character. Browsers act weird, but with curl -v
it can be seen that the connection is prematurely closed.
When the following payload is entered in the short link generator, a PHP warning shows up:
https://google.com/
X-example: test
The newline (\n, %0A) should be replaced by a carriage return (\r, %0D) in a program like BurpSuite for this to work.
Newline and carriage return characters should be filtered before being passed to the PHP header() function. Newlines are already being filtered out, but carriage returns not.
Here is the POST body:
https%3A%2F%2Fgoogle.com%2F%0AX-example%3A%20test
https://developer.chrome.com/articles/web-share-target/
Seems useful. Should check what the requirements are for being a PWA. Does it just require hosting a manifest somewhere that specifies the HTML to use and some API endpoints to use for submitting that share thing?
I've long been wanting a proper app to share with, a crappy version of which is in this repository, and this seems like a good and potentially trivial way to get there
Hi!
To prevent others from stumbling upon my content, I use the 'delete' option a lot. However, I believe this immediately frees the url for others to use, which could lead to someone being redirected somewhere I didn't intend. Perhaps it would be possible to occupy the url for an x amount of hours; before releasing it for re-use.
What do you think?
A picture says more than a thousand words:
Issue is that the newly entered custom url is not valid until the textbox used for entering content is touched. Also shouldn't this action invalidate the old url (dro.pm/e in this example)? Otherwise you'd still end up with a copy of the content that could be easily found by others.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.