schmidt1024/xmrpay.link
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
68 Commits 1 Branch 9 Tags
487b5e9ec8b9d75540fa68a41da26321e714f1f7
Commit Graph

68 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander Schmidt
487b5e9ec8 Fix privacy.html: add script-src to CSP so legal text renders 2026-03-27 10:49:39 +01:00
Alexander Schmidt
67a27f8f59 Fix banner z-index on mobile, update version to 1.1.1 2026-03-27 10:47:26 +01:00
Alexander Schmidt
de1b7b1074 Add Tor hidden service to Docker self-hosting setup
Some checks failed
Build & Push Docker Image / build (push) Has been cancelled
Details
v1.1.1 		2026-03-27 10:38:52 +01:00
Alexander Schmidt
41c332365b Add self-host banner and rewrite README for self-hosting focus
Some checks failed
Build & Push Docker Image / build (push) Has been cancelled
Details
v1.1.0 		2026-03-27 10:31:48 +01:00
Alexander Schmidt
d0b70acf39 Fix short URL redirect when PATH_INFO is empty string
Some checks failed
Build & Push Docker Image / build (push) Has been cancelled
Details
v1.0.3 		2026-03-27 10:09:08 +01:00
Alexander Schmidt
ffd9327e3e Allow self-hosted origins in API verification
Some checks failed
Build & Push Docker Image / build (push) Has been cancelled
Details
v1.0.2 		2026-03-27 09:44:11 +01:00
Alexander Schmidt
40b81a5dc8 Fix install.sh: correct GitHub repo name in compose URL 2026-03-27 09:32:34 +01:00
Alexander Schmidt
dc5582aa04 Point source links to GitHub repo
Some checks failed
Build & Push Docker Image / build (push) Has been cancelled
Details
v1.0.1 		2026-03-27 09:11:29 +01:00
Alexander Schmidt
643ced23e9 Fix GitHub Actions: add DOCKER environment, use Node.js 24 2026-03-27 09:09:38 +01:00
Alexander Schmidt
64eee4ebc5 Add Docker self-hosting and CI/CD pipeline 
- Dockerfile: Caddy + PHP-FPM + app in single Alpine container
- Caddyfile: auto-HTTPS, security headers, short URL rewrite
- docker-compose.yml: app + Watchtower for auto-updates
- install.sh: one-liner for fresh VPS setup
- GitHub Actions: build & push to Docker Hub + GHCR on tag

Self-host with:
  curl -sL https://xmrpay.link/install.sh | sh -s your-domain.com
 2026-03-27 08:26:30 +01:00
Alexander Schmidt
5212f586c7 Auto-inject version from git tags in deploy 
Reads version from git describe, injects into i18n.js and index.html
before minification. No manual version bumping needed.
Tag with: git tag v1.1.0
 2026-03-27 08:06:57 +01:00
Alexander Schmidt
6fcc063ad9 Add version number to footer and fix line-height v1.0.0 2026-03-27 08:02:54 +01:00
Alexander Schmidt
2e71959fd1 Add line break in footer i18n string 2026-03-27 07:58:33 +01:00
Alexander Schmidt
25cb0e1a5d Fix deploy permissions and exclude credentials 
- Add --chmod=D755,F644 to rsync (HestiaCP PHP-FPM needs world-readable)
- Exclude scripts/.deploy.env from deploy (contains server credentials)
 2026-03-27 07:55:54 +01:00
Alexander Schmidt
83e7d43a74 Add CSP, SRI, and auto-hash deploy pipeline 
- Content Security Policy via <meta> tag (blocks exfiltration to foreign domains)
- Subresource Integrity on all static and dynamically loaded scripts
- Nginx security headers snippet (HSTS, CSP, frame-ancestors on all responses)
- Auto-minify and SRI hash update in deploy.sh (prevents stale hashes)
 2026-03-27 07:51:01 +01:00
Alexander Schmidt
2a3cc5682c Clarify trust model and wallet-native default in README 2026-03-26 15:28:29 +01:00
Alexander Schmidt
3aa8277530 Add wallet URI copy and shortlink trust toggle 2026-03-26 15:11:11 +01:00
Alexander Schmidt
6f43f34d68 Fix deploy dry-run flag and generalize env example 2026-03-26 14:52:31 +01:00
Alexander Schmidt
77bf794b73 Harden deployment with data backups and restore script 2026-03-26 14:25:35 +01:00
Alexander Schmidt
94c8ecb2aa Add deploy env ignore and example template 2026-03-26 14:15:04 +01:00
Alexander Schmidt
32d509fe9d Harden deploy script config handling 2026-03-26 14:07:07 +01:00
Alexander Schmidt
8ae736bbad Add safe deploy script preserving data directory 2026-03-26 13:55:59 +01:00
Alexander Schmidt
d01b7d0d27 Align privacy rate-limit wording with implementation 2026-03-26 13:53:07 +01:00
Alexander Schmidt
dddda450a7 Update privacy terms: no persistent IP records 2026-03-26 13:48:40 +01:00
Alexander Schmidt
758b2f3589 Preserve absolute invoice deadline across reloads 2026-03-26 13:43:30 +01:00
Alexander Schmidt
69f173bc2f Keep short URL in share field when loaded via short link 2026-03-26 13:40:16 +01:00
Alexander Schmidt
3dd1e55432 Refresh pending proof confirmations on status lookup 2026-03-26 13:28:40 +01:00
Alexander Schmidt
4b0cd3aaab Fix short link integrity check for code parameter 2026-03-26 13:26:05 +01:00
Alexander Schmidt
1e2ea6c24d Bump asset versions and rotate service worker cache 2026-03-26 13:24:18 +01:00
Alexander Schmidt
f6edc4cb58 Fix false short URL integrity warning 2026-03-26 13:22:34 +01:00
Alexander Schmidt
09a5ef703c Add yellow favicon badge for pending invoices 2026-03-26 13:20:11 +01:00
Alexander Schmidt
85039402a7 Regenerate minified translations for pending proof status 2026-03-26 13:15:33 +01:00
Alexander Schmidt
a2c3d8dd00 Add document-and-coin favicon concept and sync paid favicon state 2026-03-26 13:10:30 +01:00
Alexander Schmidt
9cc50188c0 Update README: mark auto-cleanup as complete, add Invoice Lifecycle section 2026-03-26 11:03:59 +01:00
Alexander Schmidt
0049077605 Add type annotations to fix Intelephense type checking errors 2026-03-26 11:03:15 +01:00
Alexander Schmidt
31623fd03e Update cache-busting version to 20260326-2 for cleanup feature 2026-03-26 11:02:20 +01:00
Alexander Schmidt
ee0d0d4124 Implement lazy-cleanup for expired invoices with deadline-based deletion 2026-03-26 11:01:32 +01:00
Alexander Schmidt
c4e3f3cd15 Add deadline cleanup feature to roadmap 2026-03-26 10:54:21 +01:00
Alexander Schmidt
6fd2d05163 Add cache-busting version params for frontend assets 2026-03-26 10:11:13 +01:00
Alexander Schmidt
d2684c3638 Fix paid/pending invoice status UI and date handling 2026-03-26 10:06:08 +01:00
Alexander Schmidt
dc330d2367 refactor: reuse shared style.css and language switcher on privacy page 2026-03-26 08:01:59 +01:00
Alexander Schmidt
2263fbf659 fix: harden PHP type handling across all endpoints 2026-03-26 07:57:11 +01:00
Alexander Schmidt
5d38946c53 feat: add multilingual privacy and terms page + footer link 2026-03-26 07:50:57 +01:00
Alexander Schmidt
59375e647c fix: footer 'Minimal Backend' → 'No Tracking' 2026-03-26 07:39:55 +01:00
Alexander Schmidt
761df8d26b fix: remove duplicate <?php tag in verify.php (HTTP 500) 2026-03-26 07:36:35 +01:00
Alexander Schmidt
4ac12eb083 feat: confirmation-aware TX verification (10-conf threshold) 
- 0-9 confs: show amber 'Pending/N/10' stamp on QR, auto-poll every 60s
- ≥10 confs: show green 'Paid' stamp (Monero standard lock)
- verify.php: store status ('pending'|'paid'), allow upward updates
- i18n: add status_pending + proof_confirmed_pending (all 7 langs)
- style.css: add .proof-result.warning, .pending-stamp, .qr-container.confirming
- Polling stops on resetForm; short-URL viewers also poll verify.php
 2026-03-26 07:30:43 +01:00
Alexander Schmidt
403a08479c fix: remove duplicate <?php tag in check-short.php 2026-03-26 07:15:28 +01:00
Alexander Schmidt
2c3a8a0584 Security hardening: rate limiting, atomic locks, origin check, honest docs 
API / Security:
- Add api/_helpers.php: shared send_security_headers(), verify_origin(),
  get_hmac_secret(), check_rate_limit(), read_json_locked(), write_json_locked()
- shorten.php: remove Access-Control-Allow-Origin:*, restrict to same-origin,
  rate-limit 20 req/h per IP, atomic JSON read+lock, HMAC secret from file
- verify.php: rate-limit GET (30/min) and POST (10/h) per IP, atomic lock,
  prevent overwriting existing proofs, origin check on POST
- node.php: fix rate limit from 1000 to 60 req/min, add security headers,
  origin check
- check-short.php: add security headers, re-derive signature server-side
- s.php: use file-based HMAC secret via get_hmac_secret(), hash_equals()
  for timing-safe comparison

Service Worker:
- sw.js: navigation requests (mode=navigate) never served from cache;
  network-first with offline fallback to prevent stale invoice state

Documentation (honest claims):
- README: tagline "No backend" -> "No tracking"; new Architecture table
  listing exactly what server sees for each feature; Security Model section
- index.html: meta description and footer updated from "No Backend" to
  "Minimal Backend"
- i18n.js footer: already updated in previous commit
 2026-03-26 07:13:02 +01:00
Alexander Schmidt
7e325abf7d Security: Add HMAC validation for short URLs + improve privacy documentation 
- Implement HMAC-SHA256 signatures on short URLs to detect server-side tampering
- Add client-side signature verification with hostname-derived secret
- New API endpoint: /api/check-short.php for integrity verification
- Update verify.php with privacy notice (addresses not stored)
- Update README to clarify minimal backend requirement (short URLs, rate caching, proof storage)
- Add toast warning when signature mismatch detected
- Support both old and new format in s.php for backward compatibility
- Update all i18n translations (EN, DE, FR, IT, ES, PT, RU)

Addresses security concern: Server compromise could previously result in address
substitution for short-linked invoices. Now client-side verification detects tampering.
 2026-03-26 06:52:20 +01:00
Alexander Schmidt
c1bd97948c docs: update README — 7 languages, 8 currencies, remove completed roadmap items 2026-03-25 18:28:35 +01:00