azures04/crafatar
1
0
Fork 0
mirror of https://github.com/azures04/crafatar.git synced 2026-03-21 23:41:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
954 Commits 9 Branches 7 Tags
Commit Graph

198 Commits

Author SHA1 Message Date
azures04
41690f84c7 Custom endpoints 
- minor change to customise textures & session server host for custom yggdrasil server
 2025-12-08 21:02:48 +01:00
jomo
bba004acc7 improve URL parsing 
uses `new URL()` and `decodeURI()` instead of `url.parse()`
also checks that the requested file is in a subdirectory of `public/` before serving the file

fixes path traversal vulnerability GHSA-5cxq-25mp-q5f2
 2024-02-01 22:24:29 +01:00
jomo
9cb32a843f strip dashes from uuids before handling them 2024-02-01 22:19:02 +01:00
jomo
e44ebda56f periodically log number of current skin and cape requests 2024-02-01 22:00:44 +01:00
Jonathan Madeley
59f27f0769 mcuuid.net -> minecraftuuid.com 2020-12-12 23:39:13 +01:00
jomo
ef4b2f8005 fix an issue with rate limiting 2020-12-12 22:49:31 +01:00
jomo
29955a1765 improve mojang status message 
as Mojang has removed their status page and their status API is no longer updating,
status information is now fetched from https://mc-heads.net/json/mc_status
and the warning message links to https://mc-heads.net/mcstatus

see #271, closes #272
 2020-09-10 22:32:23 +02:00
jomo
265a98d404 pass on caching status information foor 3D renders 
this was falsely always set to 2, indicating the skin was downloaded, even when it was cached
 2020-07-13 00:41:21 +02:00
jomo
624bf0e338 don't count session_requests when SESSIONS_RATE_LIMIT is not set 2020-07-13 00:14:27 +02:00
jomo
e69b3f38fb new logo \o/ 2020-04-05 05:15:59 +02:00
jomo
22309efba9 show quotes on frontpage 2020-04-05 05:15:27 +02:00
jomo
3bd76ad918 update popular users and tools 2020-04-05 05:14:02 +02:00
jomo
22448c098b use 500 instead of 502 when using Cloudflare 
Otherwise Cloudflare will replace images served with 502
with their own error page. This can only be turned off
in paid plans of Cloudflare.
 2020-04-05 02:42:14 +02:00
jomo
7ad6f85aec improve regex 2020-03-30 01:23:16 +02:00
jomo
e0233f2899 document undocumented functions 2020-03-29 20:13:24 +02:00
jomo
eae7745758 add Content-Length, fixes #238 2020-03-29 07:43:23 +02:00
jomo
7f95a34e29 simplify http status codes, update website info 2020-03-29 07:43:23 +02:00
jomo
15a4f17560 add rate limit option for sessionserver 
any outgoing requests to the sessionserver
that would exceed the configured rate limit are skipped
to prevent being blocked by CloudFront

if a texture hash is cached but outdated, the cache ttl will be bumped
as if the request succeeded, in order to lower requests in the near future
 2020-03-29 07:43:23 +02:00
jomo
d967db3ad4 use environment variables for configuration 2020-03-29 07:32:39 +02:00
jomo
d81e2777d2 delete unused function 2020-03-28 23:38:20 +01:00
jomo
ea1ae64283 add 403 to expected response codes 2020-03-28 23:37:08 +01:00
jomo
424a4ab93b remove notice from website 2020-03-24 18:51:20 +01:00
jomo
16948de18d don't warn about closed connections 2020-03-24 18:50:58 +01:00
jomo
c975cc793b remove cleaner.js 2020-03-24 18:49:42 +01:00
jomo
b3a9793b87 add note about rate limit 2020-03-21 12:10:13 +01:00
jomo
168457dfd9 update to node 12 2020-03-21 01:50:50 +01:00
jomo
1816b18b12 update deps 2018-02-16 18:45:56 +01:00
jomo
dff58c66e7 drop support for usernames 
Mojang has disabled their legacy skins API:
https://twitter.com/MojangSupport/status/964511258601865216

With their API rate limits, it's now practially impossible
for us to support usernames.

Fixes #142. The default parameter allows using:

- UUID
- URL
- MHF_Alex
- MHF_Steve
- Alex
- Steve

Contrary to UUIDs, using alex/steve doesn't redirect
and instead provides the skin from a locally stored file.
 2018-02-16 18:01:41 +01:00
jomo
4fdbfb442b use pajk-lwip as a temporary workaround for EyalAr/lwip#297 2017-07-13 13:03:32 +02:00
jomo
305ed1c65f update sponsor info 2017-02-12 18:31:48 +01:00
jomo
a65cc63ec8 remove alex faces from website 
kappe and minecraftchick decided to delete their skins
welcome @aikar and @ammaraskar!
 2016-11-08 01:07:18 +01:00
jomo
4a2226be12 update Crafatar Tools & Plugins 2016-11-08 00:41:37 +01:00
jomo
3b7b42a2f6 update Popular Crafatar users 
- NameMC now has its own interactive renders, so long, and thanks for all the fish!
- PlayMindCrack has shut down
 2016-11-08 00:36:46 +01:00
jomo
24cfc03811 print 'Not found' on invalid path 2016-11-08 00:21:33 +01:00
jomo
c02d3d33e9 don't respond with 304 on error when debugging is enabled 2016-11-07 04:08:19 +01:00
jomo
f1f3ba6709 use response.js for all responses 
results in:
1) less duplicated code
2) default response headers being used at all times
3) *all* requests being logged properly

- adds documentation for result.code
- allows using result.code to override HTTP 500
- uses response.js for too-busy, server error, method not allowed
 2016-11-07 03:59:07 +01:00
jomo
57115202d2 don't rely on hasOwnProperty to exist 
from MDN:
JavaScript does not protect the property name hasOwnProperty; thus, if the possibility exists that an object might have a property with this name, it is necessary to use an external hasOwnProperty to get correct results
 2016-11-04 16:19:12 +01:00
jomo
23948afae5 catch ExtremelyRare™ 502 response from CloudFront 
happens occasionally when they can't reach the mojang upstream server
 2016-07-05 01:04:34 +02:00
jomo
6c132f5c51 fix Shotbow server name 2016-04-24 12:18:11 +02:00
jomo
159060df77 fix typo in Crafatar users 2016-03-26 22:02:56 +01:00
jomo
96b277b806 add missing documentation 2016-02-19 19:24:27 +01:00
jomo
3620a63d14 fs.exists is deprecated, switch to fs.access 2016-02-14 20:17:09 +01:00
jomo
22ecc6f8aa make User-Agent RFC1945 compliant 
This is the product name without the optional '/' + version.
The parens are a comment, the '+' preceding the URL is common practice

https://tools.ietf.org/html/rfc1945#section-10.15
 2016-02-14 17:37:41 +01:00
jomo
0940b50f2c networking.save_texture should return image buffer, not lwip image object 
This led to a crash when a cape or skin was not stored on disk.
The function caled skins.save_image and returned that function's lwip image object instead of the expected buffer.
skins.save_image also no longer returns the image object because it's not used anywhere
 2016-02-14 17:04:33 +01:00
jomo
f088c27012 use '201 Created' when 'status' is 'downloaded' 2016-02-03 02:49:43 +01:00
jomo
f2dda3b939 check for transparency in hat transparency-bounding-box for avatars, fixes #117 2016-02-02 23:57:40 +01:00
jomo
29fa734148 remove 'public' part from Cache-Control, not required 2016-01-23 06:26:41 +01:00
jomo
5654d51eec renders are no longer beta 2016-01-23 06:24:28 +01:00
jomo
c9f04e470b update crafatar users list 2016-01-21 23:23:04 +01:00
jomo
c39019074b use cache lookup for username skin types 
fixes steve-model renders for usernames on first request after uuid request was made before
 2016-01-21 22:12:23 +01:00