evandrocoan
|
1e6fa5f8eb
|
Ensure protection against directory transversal
https://security.openstack.org/guidelines/dg_using-file-paths.html
|
2020-07-02 13:52:03 -03:00 |
|
evandrocoan
|
be10da58d9
|
Fixed aqt/mediasrv.py:14: error: unused 'type: ignore' comment
from waitress.server import create_server # type: ignore
https://github.com/evandroforks/anki/runs/743801391#step:25:1129
|
2020-07-02 13:51:59 -03:00 |
|
evandrocoan
|
020415efb9
|
Replaced the mediasrv.py SimpleHttp server by flask and waitress,
fixing HTML5 media support.
https://stackoverflow.com/questions/37044064/html-audio-cant-set-currenttime
https://stackoverflow.com/questions/21956683/enable-access-control-on-simple-http-server
https://stackoverflow.com/questions/5052635/what-is-relation-between-content-length-and-byte-ranges-in-http-1-1
https://stackoverflow.com/questions/16725907/google-app-engine-serving-mp3-for-audio-element-needs-content-range-header
I was trying to use HTML5 audio tag to display audios like:
```html
<audio id="elem_audio" src="myfile.mp3" controls></audio>
```
But the progress bar seek was not working. After researching, I found the problem was the HTML server not properly responding to the HTML5 header requests. The HTML server should respond to quite complicated things as 206 partial, properly handle keep-alive, provide media ranges and other HTTP headers: https://stackoverflow.com/questions/37044064/html-audio-cant-set-currenttime
To implement all these on the Simple HTTP server would be quite complicated. Then, instead, I imported the `flask` web server, which is quite simple and straight forward to use. Now, the back-end is using a secure complaint HTTP back-end:
1. https://palletsprojects.com/p/flask/
> Flask is a lightweight WSGI web application framework. It is designed to make getting started quick and easy, with the ability to scale up to complex applications. It began as a simple wrapper around Werkzeug and Jinja and has become one of the most popular Python web application frameworks.
>
> Flask offers suggestions, but doesn't enforce any dependencies or project layout. It is up to the developer to choose the tools and libraries they want to use. There are many extensions provided by the community that make adding new functionality easy.
1. https://docs.pylonsproject.org/projects/waitress/en/latest/
> Waitress is meant to be a production-quality pure-Python WSGI server with very acceptable performance. It has no dependencies except ones which live in the Python standard library. It runs on CPython on Unix and Windows under Python 2.7+ and Python 3.5+. It is also known to run on PyPy 1.6.0 on UNIX. It supports HTTP/1.0 and HTTP/1.1.
Right now, anki does not support fields passing file names directly to HTML audio tags, but this can be easily done with (https://github.com/ankitects/anki/pull 540 - Added arguments to the sound tag) plus the commit 826a97df61, the HTML5 audio tag can be used like this:
```html
// Audio = [sound:myfile.mp3|onlyfilename]
<audio id="elem_audio" src="{{Audio}}" controls controlsList="nodownload"></audio>
```
# Conflicts:
# qt/aqt/mediasrv.py
|
2020-07-02 13:51:49 -03:00 |
|
Damien Elmes
|
d4cd4535e6
|
lint fixes
|
2020-06-29 15:53:56 +10:00 |
|
Damien Elmes
|
41d77b0255
|
get i18n working in typescript
|
2020-06-29 15:48:01 +10:00 |
|
Damien Elmes
|
329186f140
|
qt's js code now shares ts/node_modules; more graph work
|
2020-06-29 15:48:01 +10:00 |
|
Damien Elmes
|
dcff5e28fa
|
add top level component and pass search/day limit back from frontend
|
2020-06-29 15:48:00 +10:00 |
|
Damien Elmes
|
82568a1f3e
|
experiment with exposing raw card/revlog data to frontend
|
2020-06-29 15:48:00 +10:00 |
|
Damien Elmes
|
50fdf9b03d
|
storage->collection
|
2020-05-20 17:58:28 +10:00 |
|
BlueGreenMagick
|
e46ace5044
|
match both forward slash and os seperator
|
2020-02-29 12:36:10 +09:00 |
|
Damien Elmes
|
5876866565
|
tweaking the folder names again
hopefully that's the last of it
|
2020-01-03 07:48:38 +10:00 |
|
