Custom Query (53 matches)
| Ticket | Summary | Keywords | Status | Owner | Type | Priority |
|---|---|---|---|---|---|---|
| #615 | Can JavaScript loaded from Tahoe access all your content which is loaded from Tahoe? | newcaps confidentiality integrity preservation capleak gsoc websec | assigned | davidsarah | defect | critical |
| #127 | Cap URLs leaked via HTTP Referer header | confidentiality integrity preservation capleak research websec | assigned | davidsarah | defect | major |
| #203 | add deep-copy function to web API | usability performance webdav | new | enhancement | major | |
| #320 | add streaming (on-line) upload to HTTP interface | streaming performance upload fuse webdav twisted reliability http | assigned | zooko | enhancement | major |
| #366 | address Nathan Wilcox's concerns about "Tahoe and the browser security model" | security capleak docs websec | assigned | blaisep | defect | major |
| #413 | mutable files: expose version info to HTTP clients | mutable integrity versioning webapi wui | new | enhancement | major | |
| #587 | Web nodes provide ambient upload authority | upload security accounting LeastAuthority.com websec | new | daira | defect | major |
| #674 | controlled access to your WUI | wui confidentiality privacy anti-censorship websec | new | nobody | enhancement | major |
| #821 | A script in a file viewed through the WUI can obtain the file's read cap | newcaps newurls confidentiality capleak websec | assigned | davidsarah | defect | major |
| #855 | Make tahoe webopen without arguments show the tahoe: alias, if there is one | wui usability tahoe-webopen | new | enhancement | major | |
| #935 | zandr's FUSE/NAS idea | fuse smb sftp sshfs webdav cache preservation gsoc | new | enhancement | major | |
| #995 | It's way too easy to give away write directory caps | wui jsui usability confidentiality capleak websec | new | nobody | defect | major |
| #997 | The webapi/WUI should have https enabled by default | confidentiality wui webapi capleak | new | nobody | defect | major |
| #1024 | introductory docs are confusing and off-putting | docs install packaging website tahoe-run | assigned | blaisep | defect | major |
| #1136 | don't run a web-API frontend if you don't need one | security websec | new | somebody | enhancement | major |
| #1141 | Cannot Delete Or Rename Files/Directories With Wacky Names | undeletable junk names delete websec | assigned | davidsarah | defect | major |
| #1184 | Clean up the front page of the project site | website | new | secorp | task | major |
| #1215 | add CORS support | security http same-origin cors websec | new | enhancement | major | |
| #1485 | web-API: POSTs and GETs should be to distinct URLs | newurls http usability webapi standards | assigned | davidsarah | defect | major |
| #1649 | WUI: the error message page for a writeable file/directory nonobviously includes the write cap | usability security capleak websec | assigned | davidsarah | defect | major |
| #1664 | webapi fails to handle all TCP disconnects: "Request.finish called on a request after its connection was lost; use Request.notifyFinish to keep track of this." | webapi error disconnect twisted | new | nobody | defect | major |
| #1665 | Brainstorm webapi vulnerabilities between the operator and a user and between users. | docs security webapi introducer accounting status websec multiuser-gateway | new | task | major | |
| #1797 | WUI: view content in an HTML5 sandboxed iframe | wui security usability javascript sandbox same-origin websec | new | defect | major | |
| #1859 | Proof-of-concept attack: Upload and execute attacker controlled js from any domain. | security javascript same-origin capleak websec | new | davidsarah | defect | major |
| #2385 | node web server should use DHE/ECDHE suites automatically | security websec https forward-secrecy twisted | new | j3i | enhancement | major |
| #451 | webdav frontend | webdav cache twisted gsoc | new | enhancement | normal | |
| #1541 | Add ?t=xml parameter for getting file statistics | xml webapi | new | bibilthaysose | enhancement | normal |
| #1563 | webapi.rst should have a Change Log section | docs webapi | new | somebody | defect | normal |
| #1663 | Add a concise table of the URL tree to webapi.rst. | webapi docs | assigned | marlowe | enhancement | normal |
| #1666 | test that an upload with no Content-Length (and not chunked) gives HTTP 411 Length Required | http standards webapi | new | defect | normal | |
| #1895 | implement replace=false for file upload into a mutable directory | webapi replace | new | davidsarah | defect | normal |
| #1899 | make reported max-mutable-share-size have the same semantics as max-immutable-share-size | webapi mutable | new | defect | normal | |
| #1928 | web redirects should use relative URLs | http redirect webapi | assigned | davidsarah | defect | normal |
| #1929 | express documentation for web-API operations in terms of "rooted paths" | docs webapi easy | assigned | marlowe | defect | normal |
| #1930 | should ?t=rename be deprecated in favour of ?t=move ? | cleanup web rename move | new | defect | normal | |
| #2019 | Add disclaimer that "Tahoe-LAFS is unrelated to Tahoe Data Manager" and petition TDM publisher to add similar disclaimer. | website, usability, branding | new | daira | defect | normal |
| #2040 | mutable files: expose test-and-set operations to HTTP clients | mutable versioning test-and-set webapi wui | new | daira | defect | normal |
| #2093 | State-mutating GET methods in webapi. | wui webapi documentation | new | daira | defect | normal |
| #2126 | send application/json content-type for JSON response | json http mime standards webapi | new | defect | normal | |
| #2140 | 'Can't synchronize with repository "(default)"' error on tahoe-lafs.org projects that still use darcs | website trac zfec zetuptoolz regression | new | defect | normal | |
| #2142 | How to enhance WebUI default security against capability eavesdropping? | websec confidentiality privacy wui webapi docs | new | amontero | enhancement | normal |
| #2144 | Tahoe-LAFS as website hosting storage backend | website webdav twisted research | new | enhancement | normal | |
| #2227 | "format=mutable" in the web API | mutable mdmf defaults webapi | new | enhancement | normal | |
| #2401 | authentication via proxy breaks "tahoe backup" | authentication wui webapi http websec | new | defect | normal | |
| #2402 | serve static files under a common URL | static wui websec | assigned | daira | enhancement | normal |
| #2590 | GET /operations/$HANDLE?output=json is not JSON | error webapi json | new | defect | normal | |
| #3041 | Testing of websocket logs | websocket | new | defect | normal | |
| #3286 | WebAPI for create-alias | webapi | new | enhancement | normal | |
| #92 | add upload-status page: progress and to-whom info | web upload usability reliability transparency | new | warner | enhancement | minor |
| #280 | get_hash method in webapi for extension caching logic. | webapi cache extension newcaps | assigned | zooko | enhancement | minor |
| #907 | Stop caps from leaking to phishing-filter servers | capleak integrity confidentiality forward-compatibility newurls docs websec | assigned | davidsarah | defect | minor |
| #1276 | Add recent twitter posts to front page of site | website twitter | new | secorp | task | minor |
| #1774 | exception in twistd.log from web parser | error webapi | new | defect | minor |
Note: See TracQuery
for help on using queries.
