From 39eca27e534f1f502234627b8c2807fad6012a24 Mon Sep 17 00:00:00 2001 From: wukko Date: Tue, 17 Sep 2024 14:14:43 +0600 Subject: [PATCH 1/3] web/changelogs/10: lowball the user count estimate --- web/changelogs/10.0.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/changelogs/10.0.md b/web/changelogs/10.0.md index 1a178b75..86da6d3b 100644 --- a/web/changelogs/10.0.md +++ b/web/changelogs/10.0.md @@ -47,7 +47,7 @@ and for nerds, we have a giant list of backend changes (that we are also excited this update allows us to actually innovate and develop new & exciting features. we are no longer held back by the legacy codebase. first feature of such kind is on-device remuxing. go check it out! -oh yeah, we now have 2.5 million monthly users. kind of insane. +oh yeah, we now have over 2 million monthly users. kind of insane. we hope you enjoy this update as much as we enjoyed making it. it was a really fun summer project for both of us. From baddb134706aa83968cc524ba92fd35e6dc00cb8 Mon Sep 17 00:00:00 2001 From: wukko Date: Tue, 17 Sep 2024 19:48:59 +0600 Subject: [PATCH 2/3] web/i18n/settings: update language section descriptions --- web/i18n/en/settings.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/i18n/en/settings.json b/web/i18n/en/settings.json index fea15d29..90b2e0f6 100644 --- a/web/i18n/en/settings.json +++ b/web/i18n/en/settings.json @@ -88,10 +88,10 @@ "accessibility.motion.description": "disables animations and transitions whenever possible.", "language": "language", - "language.auto.title": "use default browser language", - "language.auto.description": "automatically picks the best language for you. if preferred browser language isn't available, english is used instead.", + "language.auto.title": "automatic selection", + "language.auto.description": "cobalt will use your browser's default language if translation is available. if not, english will be used instead.", "language.preferred.title": "preferred language", - "language.preferred.description": "if any text isn’t translated to the preferred language, it will fall back to english.", + "language.preferred.description": "this language will be used when automatic selection is disabled. any text that isn't translated will be displayed in english.", "privacy.analytics": "anonymous traffic analytics", "privacy.analytics.title": "don't contribute to analytics", From 29f967a3ec463cc431a74fde325483199cad12c6 Mon Sep 17 00:00:00 2001 From: dumbmoron Date: Tue, 17 Sep 2024 15:37:01 +0000 Subject: [PATCH 3/3] api: fix accept & content-type validation when not using authentication --- api/src/core/api.js | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/api/src/core/api.js b/api/src/core/api.js index 51ec1697..fdd13ce1 100644 --- a/api/src/core/api.js +++ b/api/src/core/api.js @@ -105,6 +105,18 @@ export const runAPI = (express, app, __dirname) => { app.post('/', apiLimiter); app.use('/tunnel', apiLimiterStream); + app.post('/', (req, res, next) => { + if (!acceptRegex.test(req.header('Accept'))) { + return fail(res, "error.api.header.accept"); + } + + if (!acceptRegex.test(req.header('Content-Type'))) { + return fail(res, "error.api.header.content_type"); + } + + next(); + }); + app.post('/', (req, res, next) => { if (!env.turnstileSecret || !env.jwtSecret) { return next(); @@ -128,14 +140,6 @@ export const runAPI = (express, app, __dirname) => { return fail(res, "error.api.auth.jwt.invalid"); } - if (!acceptRegex.test(req.header('Accept'))) { - return fail(res, "error.api.header.accept"); - } - - if (!acceptRegex.test(req.header('Content-Type'))) { - return fail(res, "error.api.header.content_type"); - } - req.authorized = true; } catch { return fail(res, "error.api.generic");