| #127 |
Cap URLs leaked via HTTP Referer header
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
| #280 |
get_hash method in webapi for extension caching logic.
|
assigned
|
zooko
|
enhancement
|
minor
|
undecided
|
| #554 |
some directory targets in wapi/wui require trailing slashes
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
| #567 |
add version info to t=JSON output data
|
assigned
|
rvs
|
enhancement
|
major
|
soon
|
| #615 |
Can JavaScript loaded from Tahoe access all your content which is loaded from Tahoe?
|
assigned
|
davidsarah
|
defect
|
critical
|
soon
|
| #622 |
add a 'repair' button on the webapi checker results page
|
assigned
|
Lcstyle
|
enhancement
|
major
|
soon
|
| #677 |
WebAPI: GET /uri/$FILECAP?t=json doesn't return size for mutable files, but the HTML version does
|
assigned
|
davidsarah
|
defect
|
minor
|
soon
|
| #679 |
/storage emitting exception - lease reporting code
|
assigned
|
davidsarah
|
defect
|
major
|
undecided
|
| #686 |
Search for lost share resulted in a directory popping up at unexpected place
|
assigned
|
daira
|
defect
|
major
|
soon
|
| #691 |
improve WUI directory page according to a new user's first impressions
|
assigned
|
zooko
|
enhancement
|
minor
|
eventually
|
| #766 |
repair results Summary field says "Unhealthy" even though it is healthy after the repair, if it was unhealthy before
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
| #821 |
A script in a file viewed through the WUI can obtain the file's read cap
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
| #824 |
WUI pages lack correct XHTML 1.0 Transitional declarations
|
assigned
|
daira
|
defect
|
normal
|
soon
|
| #827 |
Put file download links ('?save=true') in WUI directory listings
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
| #884 |
give nice error page when URL is mangled or from the future
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
| #885 |
Ignore space or %20 in webapi URLs
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
| #907 |
Stop caps from leaking to phishing-filter servers
|
assigned
|
davidsarah
|
defect
|
minor
|
eventually
|
| #918 |
Abstraction violations in web/info.py
|
assigned
|
davidsarah
|
defect
|
minor
|
eventually
|
| #922 |
The URL of the info page for an unknown dirnode should not grant authority to the containing directory
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
| #951 |
uploads aren't cancelled by closing the web page
|
assigned
|
zooko
|
defect
|
major
|
undecided
|
| #971 |
"Humanized failures" should still have a traceback, hidden by default
|
assigned
|
davidsarah
|
enhancement
|
major
|
soon
|
| #1000 |
add 'Tahoe Explorer' (JavaScript-based UI) to Tahoe
|
assigned
|
davidsarah
|
enhancement
|
major
|
soon
|
| #1091 |
give clearer names to the "create a directory" buttons
|
assigned
|
Lcstyle
|
enhancement
|
minor
|
soon
|
| #1141 |
Cannot Delete Or Rename Files/Directories With Wacky Names
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
| #1173 |
cancelled downloads are marked incorrectly on the Recent Uploads/Downloads page
|
assigned
|
zooko
|
defect
|
major
|
soon
|
| #1234 |
UnrecoverableFileError message should say which file it refers to
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
| #1265 |
New Visualizer is insufficiently labelled/documented (plus layout problem)
|
assigned
|
zooko
|
defect
|
major
|
soon
|
| #1485 |
web-API: POSTs and GETs should be to distinct URLs
|
assigned
|
davidsarah
|
defect
|
major
|
eventually
|
| #1639 |
'Return to file/directory' link from file check results gives an error
|
assigned
|
davidsarah
|
defect
|
major
|
soon
|
| #1649 |
WUI: the error message page for a writeable file/directory nonobviously includes the write cap
|
assigned
|
davidsarah
|
defect
|
major
|
undecided
|
| #1728 |
add link to docs/frontends/download-status.rst from the download status page
|
assigned
|
Lcstyle
|
enhancement
|
normal
|
soon
|
| #1890 |
submit proposal for restrict-referrer-leakage to the CSP standardizers and implementors
|
assigned
|
davidsarah
|
task
|
normal
|
soon
|
| #1898 |
deep check on a non-directory gives unhelpful "400 Bad Request" error
|
assigned
|
davidsarah
|
defect
|
normal
|
soon
|
| #1902 |
WUI: "Download a file" should error on directory
|
assigned
|
Lcstyle
|
defect
|
normal
|
soon
|
| #1928 |
web redirects should use relative URLs
|
assigned
|
davidsarah
|
defect
|
normal
|
soon
|
| #2003 |
put nickname in <title>
|
assigned
|
daira
|
enhancement
|
normal
|
soon
|
| #2402 |
serve static files under a common URL
|
assigned
|
daira
|
enhancement
|
normal
|
soon
|
| #3420 |
Twisted web Resources should "return ErrorPage" instead of "raise WebError"
|
assigned
|
sajith
|
defect
|
normal
|
|
| #92 |
add upload-status page: progress and to-whom info
|
new
|
warner
|
enhancement
|
minor
|
eventually
|
| #203 |
add deep-copy function to web API
|
new
|
|
enhancement
|
major
|
eventually
|
| #277 |
make the wui show the underlying LAFS model -- one WUI page per link in LAFS
|
new
|
zooko
|
enhancement
|
major
|
eventually
|
| #318 |
wapi: test that we return 200 or 201 as appropriate
|
new
|
|
defect
|
major
|
soon
|
| #324 |
use POST for operations whose noun doesn't denote the same resource that a GET would denote, or that have side effects
|
new
|
|
defect
|
major
|
soon
|
| #366 |
address Nathan Wilcox's concerns about "Tahoe and the browser security model"
|
new
|
nejucomo
|
defect
|
major
|
eventually
|
| #386 |
upload status page should show nicknames
|
new
|
akp
|
enhancement
|
minor
|
eventually
|
| #389 |
Implement Web Portal feature.
|
new
|
|
enhancement
|
minor
|
undecided
|
| #413 |
mutable files: expose version info to HTTP clients
|
new
|
|
enhancement
|
major
|
eventually
|
| #430 |
upload/download status: add recently-finished operations
|
new
|
warner
|
enhancement
|
minor
|
eventually
|
| #451 |
webdav frontend
|
new
|
|
enhancement
|
normal
|
undecided
|
| #462 |
PUT should elicit 100 Continue
|
new
|
|
defect
|
major
|
soon
|
| #471 |
servermap update chart doesn't fit
|
new
|
|
defect
|
major
|
eventually
|
| #529 |
Implement Halt and Catch Fire
|
new
|
|
defect
|
major
|
undecided
|
| #568 |
make immutable check/verify/repair and mutable check/verify work given only a verify cap
|
new
|
daira
|
defect
|
major
|
soon
|
| #587 |
Web nodes provide ambient upload authority
|
new
|
daira
|
defect
|
major
|
soon
|
| #589 |
JSON link does not work if there is a '#' character in the file name.
|
new
|
|
defect
|
major
|
eventually
|
| #631 |
trailing spaces in filenames break the WUI rename function
|
new
|
|
defect
|
major
|
soon
|
| #674 |
controlled access to your WUI
|
new
|
nobody
|
enhancement
|
major
|
soon
|
| #689 |
web documents should be constructed out of unicode strings
|
new
|
|
enhancement
|
minor
|
eventually
|
| #765 |
duplication of version and nickname-and-nodeid code in the wui
|
new
|
|
enhancement
|
minor
|
undecided
|
| #770 |
webapi: listen on multiple interfaces/ports
|
new
|
|
enhancement
|
major
|
eventually
|
| #784 |
explain what the "Report an incident" button does
|
new
|
|
enhancement
|
major
|
undecided
|
| #789 |
Support Accept-Encoding: compress, gzip in the WAPI
|
new
|
|
enhancement
|
minor
|
undecided
|
| #813 |
string exception raised to web renderer?
|
new
|
somebody
|
defect
|
minor
|
undecided
|
| #822 |
Web API should use a more reliable, out-of-band means of reporting errors (such as a server connection being lost) during a download
|
new
|
|
defect
|
major
|
soon
|
| #823 |
WUI server should have a disallow-all robots.txt
|
new
|
|
defect
|
major
|
undecided
|
| #825 |
Cannot use WUI to upload a file with a name different to its name in the local filesystem
|
new
|
|
enhancement
|
major
|
undecided
|
| #826 |
Rename action in WUI has no confirmation for clobbering another entry
|
new
|
|
defect
|
major
|
soon
|
| #857 |
Make operation-handle-querying use only a little memory
|
new
|
nobody
|
defect
|
major
|
undecided
|
| #891 |
web gateway memory grows without bound under load
|
new
|
warner
|
defect
|
critical
|
soon
|
| #903 |
webapi t=mkdir-with-children and mkdir-immutable: behavior when directory already exists?
|
new
|
|
defect
|
minor
|
eventually
|
| #906 |
ETag support for mutable files and directories
|
new
|
|
defect
|
major
|
undecided
|
| #920 |
mkdir-immutable probably shouldn't implicitly create (mutable) intermediate directories
|
new
|
|
defect
|
minor
|
eventually
|
| #970 |
webapi PUT via multiple nodes can cause directory corruption but does not report UncoordinatedWriteError
|
new
|
nobody
|
defect
|
minor
|
undecided
|
| #975 |
results of deep-size should include mutable files
|
new
|
|
defect
|
major
|
soon
|
| #976 |
status of mutable file retrieve gives less information than an immutable download
|
new
|
|
defect
|
minor
|
undecided
|
| #979 |
AssertionError on DELETE when child links point to yourself
|
new
|
|
defect
|
major
|
soon
|
| #995 |
It's way too easy to give away write directory caps
|
new
|
nobody
|
defect
|
major
|
undecided
|
| #997 |
The webapi/WUI should have https enabled by default
|
new
|
nobody
|
defect
|
major
|
undecided
|
| #1008 |
Unhandled error conditions disclose detailed information
|
new
|
|
defect
|
major
|
eventually
|
| #1029 |
download a subtree as an archive
|
new
|
|
enhancement
|
major
|
undecided
|
| #1032 |
Display active HTTP upload operations on the status page
|
new
|
nobody
|
enhancement
|
minor
|
eventually
|
| #1047 |
Upload failures should report useful HTTP status lines
|
new
|
nobody
|
enhancement
|
major
|
undecided
|
| #1048 |
Expected exceptions should not include tracebacks
|
new
|
|
enhancement
|
major
|
undecided
|
| #1132 |
browser protocol handler or plugin for Tahoe URIs
|
new
|
|
enhancement
|
major
|
undecided
|
| #1136 |
don't run a web-API frontend if you don't need one
|
new
|
somebody
|
enhancement
|
major
|
eventually
|
| #1142 |
Unlikely XSS Potential in File Names in WUI
|
new
|
nobody
|
defect
|
major
|
undecided
|
| #1144 |
Loopy/Uninhibited/Overlarge Filename Makes Web Server Crump
|
new
|
nobody
|
defect
|
major
|
undecided
|
| #1176 |
webapi should avoid using plaintext temporary file for uploads
|
new
|
|
defect
|
major
|
soon
|
| #1177 |
Display directory storage indexes in directory listings
|
new
|
|
enhancement
|
minor
|
undecided
|
| #1178 |
Use identicons for directory identifiers
|
new
|
|
enhancement
|
minor
|
undecided
|
| #1198 |
Bogus tub location causes introducer error
|
new
|
|
defect
|
major
|
soon
|
| #1203 |
/storage is insufficiently verbose when no crawl running
|
new
|
nobody
|
defect
|
normal
|
eventually
|
| #1211 |
client should be able to test share placement
|
new
|
somebody
|
enhancement
|
major
|
eventually
|
| #1215 |
add CORS support
|
new
|
|
enhancement
|
major
|
undecided
|
| #1221 |
operation stats are not sufficient to understand what's wrong
|
new
|
|
defect
|
major
|
undecided
|
| #1369 |
allow static HTML files to be transcluded into WUI Welcome and directory listing pages
|
new
|
|
defect
|
major
|
undecided
|
| #1375 |
the performance stats for each upload or download are undiscoverable
|
new
|
tarcieri
|
defect
|
normal
|
undecided
|
| #1386 |
KeyError: 'file' if the local file is removed after selection and before Submit
|
new
|
daira
|
defect
|
normal
|
soon
|
| #1434 |
DYHB requests misrendered in download visualization
|
new
|
warner
|
defect
|
major
|
soon
|
| #1436 |
web interface using wrong address / port number when doing ssh port forwarding
|
new
|
|
defect
|
major
|
soon
|
