hello! it's been a while, an entire day even...
- read-only demo server at https://a.ocv.me/pub/demo/
- docker image ╱ similar software ╱ client testbed
no vulnerabilities since 2023-07-23
- there is a discord server with an
@everyonein case of future important updates - v1.8.7 (2023-07-23) - CVE-2023-38501 - reflected XSS
- v1.8.2 (2023-07-14) - CVE-2023-37474 - path traversal (first CVE)
- all serverlogs reviewed so far (5 public servers) showed no signs of exploitation
new features
- download folder as tar.gz, tar.bz2, tar.xz
- single-threaded, so extremely slow, but nice for easily compressed data or challenged networks
- append
?tar=gz,?tar=bz2or?tar=xzto a folder URL to do it - default compression levels are gz:3, bz2:2, xz:1; override with
?tar=gz:9
bugfixes
- c1efd22 symlink-deduplicated files got indexed with the wrong last-modified timestamp
- mostly inconsequential; would cause the dupe's uploader-ip to be forgotten on the next server restart since it would reindex to "fix" the timestamp
- when linking a search query it loads the results faster
other changes
- update readme to mention that iPhones and iPads dislike the preload feature and respond by glitching the audio a bit when a song is exactly 20 seconds away from ending and yet how it's probably a bad idea to disable preloading since i bet it's load-bearing against other iOS bugs
- speaking of iPhones and iPads, the previous version should have fixed album playback on those
💾 what to download?
| download link | is it good? | description |
|---|---|---|
| copyparty-sfx.py | ✅ the best 👍 | runs anywhere! only needs python |
| a docker image | it's ok | good if you prefer docker 🐋 |
| copyparty.exe | ⚠️ acceptable | for win8 or later; built-in thumbnailer |
| u2c.exe | ⚠️ acceptable | CLI uploader as a win7+ exe (video) |
| copyparty32.exe | ⛔️ dangerous | for win7 -- never expose to the internet! |
| cpp-winpe64.exe | ⛔️ dangerous | runs on 64bit WinPE, otherwise useless |