ZeroNet

Breaking Changes

• Security: Wrapper template HTML injection vulnerability patched (rev4188+) — sites can no longer gain unrestricted WebSocket ADMIN/NOSANDBOX access or modify client config

Features

• UiPluginManager plugin for third-party plugin management and installation
• Full OpenSSL 1.1 support
• Fake SNI and ALPN headers on peer connections for standard HTTPS parity

Fixes...

• Re-factored code to Python3 runtime (compatible with Python 3.4-3.8)
• More safe database sync mode
• Removed bundled third-party libraries where it's possible
• 5-10x faster signature verification by using libsecp256k1 (Thanks to ZeroMux)
• Generated SSL certificate randomization to avoid protocol filters (Thanks to ValdikSS)
• P2P source code update using ZeroNet protocol
• Offline mode...

• IPv6 support in peer exchange, bigfiles, optional file finding, tracker sharing, socket listening and connecting (based on tangdou1 modifications)
• New tracker database format with IPv6 support
• Refactored port open checking with IPv6 support
• Display notification if there is an unpublished modification for your site
• Consider non-local IPs as external even is the open port che...

Added

• New plugin: UiConfig. A web interface that allows changing ZeroNet settings.
• New plugin: AnnounceShare. Share trackers between users, automatically announce client's ip as tracker if Bootstrapper plugin is enabled.
• Global tracker stats on ZeroHello: Include statistics from all served sites instead of displaying request statistics only for one site.
• Support custom proxy fo...

Added

• New plugin: ContentFilter that allows to have shared site and user block list.
• Support Tor meek proxies to avoid tracker blocking of GFW
• Detect network level tracker blocking and easy setting meek proxy for tracker connections.
• Support downloading 2GB+ sites as .zip (Thx to Radtoo)
• Support ZeroNet as a transparent proxy (Thx to JeremyRand)
• Allow fileQuery as CORS...

ZeroNet 0.6.2 (2018-02-18)

Added

• New plugin: AnnounceLocal to make ZeroNet work without an internet connection on the local network.
• Allow dbQuey and userGetSettings using the as API command on different sites with Cors permission
• New config option: --log_level to reduce log verbosity and IO load
• Prefer to connect to recent peers from trackers first
• Mark peers wit...

Added

• New plugin: Chart
• Collect and display charts about your contribution to ZeroNet network
• Allow list as argument replacement in sql queries. (Thanks to imachug)
• Newsfeed query time statistics (Click on "From XX sites in X.Xs on ZeroHello)
• New UiWebsocket API command: As to run commands as other site
• Ranged ajax queries for big files
• Filter feed by type and site...

Added

• New plugin: Big file support
• Automatic pinning on Big file download
• Enable TCP_NODELAY for supporting sockets
• actionOptionalFileList API command arguments to list non-downloaded files or only big files
• serverShowdirectory API command arguments to allow to display site's directory in OS file browser
• fileNeed API command to initialize optional file downloading
• w...

Added

• New plugin: CORS to request read permission to other site's content
• New API command: userSetSettings/userGetSettings to store site's settings in users.json
• Avoid file download if the file size does not match with the requested one
• JavaScript and wrapper less file access using /raw/ prefix ([Example](http://127.0.0.1:43110/raw/1AsRLpuRxr3pb9p3TKoMXPSWHzh6i7fMGi/en.tar.gz/index...

Fix

• Proxy bypass during source upgrade
• XSS vulnerability using DNS rebinding
• Opened port checking
• Standalone update.py argument parsing
• uPnP crash on startup
• CoffeeScript 1.12.6 compatibility
• Multi value argument parsing
• Database error when running from directory that contains special characters
• Site lock violation logging

Added

• Callback for certSelect API command...