- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
no vulnerabilities since 2023-07-23
- there is a discord server with an
@everyone
in case of future important updates - v1.8.7 (2023-07-23) - CVE-2023-38501 - reflected XSS
- v1.8.2 (2023-07-14) - CVE-2023-37474 - path traversal (first CVE)
new features
- initial work on #62 (support identity providers, oauth/SSO/...); see readme
- only authentication so far; no authorization yet, and users must exist in the copyparty config with bogus passwords
- new option
--ipa
rejects connections from clients outside of a given allowlist of IP prefixes - environment variables can be used almost everywhere that takes a filesystem path; should make it way more comfy to write configs for docker / systemd
- #59 added a basic docker-compose yaml and an example config
- probably much room for improvement on everything docker still
bugfixes
- the nftables-based port-forwarding in the systemd example was buggy; replaced with CAP_NET_BIND_SERVICE
- palemoon-specific js crash if a text selection was dragged
- text selection in messageboxes was jank
other changes
- improved systemd example with hardening and a better example config
- logfiles are flushed for every line written; can be disabled with
--no-logflush
for ~3% more performance best-case - iphones probably won't broadcast cover-art to car stereos over bluetooth anymore since the thingamajig in iOS that's in charge of that doesn't have cookie-access, and strapping in the auth is too funky so let's stop doing that b7723ac
- can be remedied by enabling filekeys and granting unauthenticated people access that way
- willing to bet $5 nobody would have noticed any of this if it wasn't for this changelog, I mean who uses iPhones anyways ( ゚ ヮ゚)
- can be remedied by enabling filekeys and granting unauthenticated people access that way
💾 what to download?
download link | is it good? | description |
---|---|---|
copyparty-sfx.py | ✅ the best 👍 | runs anywhere! only needs python |
a docker image | it's ok | good if you prefer docker 🐋 |
copyparty.exe | ⚠️ acceptable | for win8 or later; built-in thumbnailer |
u2c.exe | ⚠️ acceptable | CLI uploader as a win7+ exe (video) |
copyparty32.exe | ⛔️ dangerous | for win7 -- never expose to the internet! |
cpp-winpe64.exe | ⛔️ dangerous | runs on 64bit WinPE, otherwise useless |