mihaigalos
/
0x0
forked from mia/0x0
1
0
Fork 0
Code Issues 14 Pull Requests Packages Projects Releases Wiki Activity
No-bullshit file hosting and URL shortening service
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
41 Commits
2 Branches
0 Tags
21 MiB
 
 
 
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Go to file
Mia Herkt afb5811879
README: Warn users about URL fetch network security implications 		8 months ago
migrations Add NSFW detection 6 years ago
nsfw_model Add NSFW detection 6 years ago
templates Use template responses 2 years ago
tests Add tests 2 years ago
.gitignore Support instance config 2 years ago
.mailmap Add mailmap 2 years ago
LICENSE Change license to EUPL 2 years ago
README.rst README: Warn users about URL fetch network security implications 8 months ago
cleanup.py Fix some flake8 errors in cleanup and nsfw_detect 2 years ago
fhost.py Fix non-seekable file handles 8 months ago
nsfw_detect.py Fix some flake8 errors in cleanup and nsfw_detect 2 years ago
pyproject.toml Add tests 2 years ago
requirements.txt remove short_url and add in-tree URLencoder (#53) 1 year ago

README.rst
Escape

The Null Pointer

This is a no-bullshit file hosting and URL shortening service that also runs 0x0.st. Use with uWSGI.

Configuration

To change settings, modify instance/config.py. For more information on instance configuration, see the Flask documentation.

To customize the home and error pages, simply create a templates directory in your instance directory and copy any templates you want to modify there.

If you are running nginx, you should use the X-Accel-Redirect header. To make it work, include this in your nginx configs server block:

location /up {
    internal;
}

where /up is whatever youve configured as FHOST_STORAGE_PATH.

For all other servers, set FHOST_USE_X_ACCEL_REDIRECT to False and USE_X_SENDFILE to True, assuming your server supports this. Otherwise, Flask will serve the file with chunked encoding, which sucks and should be avoided at all costs.

To make files expire, simply create a cronjob that runs cleanup.py every now and then.

Before running the service for the first time, run FLASK_APP=fhost flask db upgrade.

NSFW Detection

0x0 supports classification of NSFW content via Yahoos open_nsfw Caffe neural network model. This works for images and video files and requires the following:

  • Caffe Python module (built for Python 3)
  • ffmpegthumbnailer executable in $PATH

Network Security Considerations

Keep in mind that 0x0 can fetch files from URLs. This includes your local network! You should take precautions so that this feature cannot be abused. 0x0 does not (yet) have a way to filter remote URLs, but on Linux, you can use firewall rules and/or namespaces. This is less error-prone anyway.

For instance, if you are using the excellent FireHOL, its very easy to create a group on your system and use it as a condition in your firewall rules. You would then run the application server under that group.