ZeroNet Blogs

Static ZeroNet blogs mirror

Changelog: December 13, 2018

- Posted in ZeroBlog by


  • Multilanguage, self hosted documentation with ongoing Fr/Zh translation + ZeroNet mirror: [Thanks to Lola, blurHY]
  • Fix sandbox escape vulnerability [Thanks, reported by ivanq/ZeroLSTN]
  • Restrict script execution by using Content security policy: It prevents code execution in case of sandbox escape/html injection.
  • Make Sidebar, Multiuser, UiConfig, UiPassword plugin compatible with hardened security changes.
  • Use chromedriver for testing as phantomjs does not supports sites with new content security policy.
  • Auto escape variables in template underscore helper
  • Cleanup entries older than 6 month from charts.db
  • New certList admin API call
  • Don't delete optional files from owned sites
  • Fix signing when --data_dir contains window-style path separators.
  • Fix setLocalStorage call before websocket connection is created
  • Fix saving user mutes
  • ZeroFrame.js 1.3.0: Support monkey patching Fetch API

I started the modifications that will be necessary to move ZeroNet codebase to Python 3. This will also include other major changes:

  • Move sqlite database connection to separate thread: make the UI more responsive and avoid blocking on db heavy operations (eg. rebuilding)
  • New database sync mode: Avoid db corruption on power loss or hw error
  • Support libsecp256k1: ~10x speed boost in file and certificate validation
  • Remove included third-party Python libraries (src/lib)
  • Update source code from ZeroNet by default

If everything goes well, then ETA: 2-3wk