github error311/FileRise v2.10.1
on GitHub

latest releases: v2.10.5, v2.10.4
12 hours ago

Changes 12/18/2025 (v2.10.0 & 2.10.1)

release(v2.10.1): tighten DOM safety & sanitize admin logo URL

  • Fix encrypted folder banner to avoid setting raw innerHTML,
    instead building elements with textContent for safer DOM updates.
  • Improve admin panel branding logo URL handling with a
    dedicated sanitizer function that normalizes site-relative paths,
    strips CR/LF, enforces valid http/https, and respects base paths.

release(v2.10.0): encryption at rest + firewall/proxy settings + subpath/base-path support (closes #73)

Added

  • Encryption at rest (folder-based) using libsodium secretstream (XChaCha20-Poly1305), including:

    • Master key support via FR_ENCRYPTION_MASTER_KEY or META_DIR/encryption_master.key, plus admin UI to generate/clear the key file.
    • Folder encryption metadata tracking (folder_crypto.json) with inherited encryption for descendants.
    • Background encrypt/decrypt jobs with progress UI (minimizable) and resumable status.

  • Firewall / Proxy settings: “Published URL” support for correct share-link/redirect generation behind reverse proxies and subpath installs:

    • FR_PUBLISHED_URL env override (locks admin field), or admin-config stored publishedUrl.

Changed

  • Subpath / base-path installs now supported end-to-end:
    • Server-side base path detection + helpers (FR_BASE_PATH, X-Forwarded-Prefix, fr_with_base_path()).
    • Frontend base path utilities (basePath.js) applied across app, portals, PWA/service worker, and asset URLs (favicons, manifest, fonts).
  • Share-link generation now prefers FR_PUBLISHED_URL_EFFECTIVE / published URL when present; otherwise uses base-path-aware paths.

Security / Restrictions (encryption v1 behavior)

  • When a folder is encrypted (or within an encrypted tree), the following are disabled/blocked to prevent leakage of ciphertext or unsupported flows:
    • WebDAV access
    • File/folder sharing + shared-folder uploads/downloads
    • ZIP create/extract operations
    • ONLYOFFICE (editor bypassed)
  • Encrypted files download via on-the-fly decryption (no HTTP Range support).

Fixes / Polish

  • Improve UI behavior in encrypted folders (hide/disable share/zip actions, banner + encrypted badge overlays).
  • PWA/service worker + manifest updated to work under subpath scopes.
  • Minor robustness improvements (context-menu SVG repair, better upload error toasts, throttled folder stats calls).

v2.10.1

Full Changelog

v2.9.3 → v2.10.1

SHA-256 (zip)

8f6ecc53831ec7aee1fc106a67ced3adeddea8d66aa755c7e5df7902db97bce7  FileRise-v2.10.1.zip
Check out latest releases or
releases around error311/FileRise v2.10.1

Don't miss a new FileRise release

NewReleases is sending notifications on new releases.

Get notifications