chore(release): 2.33.2

fix: create user dir on signup
chore(release): 2.33.1
2025-07-18 14:00:25 +00:00 · 2025-06-21 10:37:30 +02:00 · 2025-06-21 10:32:50 +02:00 · 2025-06-21 09:25:18 +02:00 · 2025-06-21 09:21:39 +02:00 · 2025-06-21 09:21:17 +02:00
8 changed files with 27 additions and 21 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -2,6 +2,22 @@
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 ### [2.33.2](https://github.com/filebrowser/filebrowser/compare/v2.33.1...v2.33.2) (2025-06-21)
 ### Bug Fixes
 * create user dir on signup ([0ca8059](https://github.com/filebrowser/filebrowser/commit/0ca8059d8dea4fe079146471ce4f24acc96021f2))
 ### [2.33.1](https://github.com/filebrowser/filebrowser/compare/v2.33.0...v2.33.1) (2025-06-21)
 ### Bug Fixes
 * downloadUrl of file preview ([#3728](https://github.com/filebrowser/filebrowser/issues/3728)) ([8a14018](https://github.com/filebrowser/filebrowser/commit/8a14018861fe581672bbd27cdc3ae5691f70a108))
 * remove auth query parameter from download and preview links ([cbb7124](https://github.com/filebrowser/filebrowser/commit/cbb712484d3bdabc033acaf3b696ef4f5865813d))
 * search uses ctrl+shift+f instead of hijacking browser's ctrl+f ([#4638](https://github.com/filebrowser/filebrowser/issues/4638)) ([a02b297](https://github.com/filebrowser/filebrowser/commit/a02b2972ebde2a58806ad1377bad46e748b63166))
 ## [2.33.0](https://github.com/filebrowser/filebrowser/compare/v2.32.3...v2.33.0) (2025-06-18)
--- a/docs/installation.md
+++ b/docs/installation.md
@ -52,6 +52,8 @@ docker run \
  filebrowser/filebrowser
 ```
 The default user has PID 1000 and GID 1000. Please make sure that this user has access to the different mounted volumes. To change the user running inside the Docker image, you need to use the [`--user` flag](https://docs.docker.com/engine/containers/run/#user).
 ### s6 overlay
 The `s6` image is based on LinuxServer and leverages the [s6-overlay](https://github.com/just-containers/s6-overlay) system for a standard, highly customizable image. It should be used as follows:
--- a/frontend/src/api/files.ts
+++ b/frontend/src/api/files.ts
@ -75,11 +75,6 @@ export function download(format: any, ...files: string[]) {
    url += `algo=${format}&`;
  }
  const authStore = useAuthStore();
  if (authStore.jwt) {
    url += `auth=${authStore.jwt}&`;
  }
  window.open(url);
 }
--- a/frontend/src/api/pub.ts
+++ b/frontend/src/api/pub.ts
@ -71,5 +71,5 @@ export function getDownloadURL(res: Resource, inline = false) {
    ...(res.token && { token: res.token }),
  };
-  return createURL("api/public/dl/" + res.hash + res.path, params, false);
+  return createURL("api/public/dl/" + res.hash + res.path, params);
 }
--- a/frontend/src/api/share.ts
+++ b/frontend/src/api/share.ts
@ -41,5 +41,5 @@ export async function create(
 }
 export function getShareURL(share: Share) {
-  return createURL("share/" + share.hash, {}, false);
+  return createURL("share/" + share.hash, {});
 }
--- a/frontend/src/api/utils.ts
+++ b/frontend/src/api/utils.ts
@ -76,23 +76,13 @@ export function removePrefix(url: string): string {
  return url;
 }
-export function createURL(endpoint: string, params = {}, auth = true): string {
+export function createURL(endpoint: string, searchParams = {}): string {
  const authStore = useAuthStore();
  let prefix = baseURL;
  if (!prefix.endsWith("/")) {
    prefix = prefix + "/";
  }
  const url = new URL(prefix + encodePath(endpoint), origin);
-
+  url.search = new URLSearchParams(searchParams).toString();
  const searchParams: SearchParams = {
    ...(auth && { auth: authStore.jwt }),
    ...params,
  };
  for (const key in searchParams) {
    url.searchParams.set(key, searchParams[key]);
  }
  return url.toString();
 }
--- a/frontend/src/views/files/Preview.vue
+++ b/frontend/src/views/files/Preview.vue
@ -253,7 +253,7 @@ const hasPrevious = computed(() => previousLink.value !== "");
 const hasNext = computed(() => nextLink.value !== "");
 const downloadUrl = computed(() =>
-  fileStore.req ? api.getDownloadURL(fileStore.req, true) : ""
+  fileStore.req ? api.getDownloadURL(fileStore.req, false) : ""
 );
 const raw = computed(() => {
@ -262,7 +262,7 @@ const raw = computed(() => {
  }
  if (isEpub.value) {
-    return createURL("api/raw" + fileStore.req?.path, {}, false);
+    return createURL("api/raw" + fileStore.req?.path, {});
  }
  return downloadUrl.value;
--- a/http/auth.go
+++ b/http/auth.go
@ -157,6 +157,9 @@ var signupHandler = func(_ http.ResponseWriter, r *http.Request, d *data) (int,
 	}
 	user.Password = pwd
 	if d.settings.CreateUserDir {
 		user.Scope = ""
 	}
 	userHome, err := d.settings.MakeUserDir(user.Username, user.Scope, d.server.Root)
 	if err != nil {
Author	SHA1	Message	Date
Henrique Dias	ffb858e4ef	chore(release): 2.33.2	2025-06-21 10:37:30 +02:00
Henrique Dias	0ca8059d8d	fix: create user dir on signup	2025-06-21 10:32:50 +02:00
Henrique Dias	8ca080422f	chore(release): 2.33.1	2025-06-21 09:25:18 +02:00
Henrique Dias	cbb712484d	fix: remove auth query parameter from download and preview links macOS saves the download URL in the metadata of the downloaded file. This means that the downloaded file contains a metadata item with the JWT token of the user. If the user were to share this file with someone else, they would have access to their account using the JWT in the metadata during the validity of the JWT. The JWT has been removed from the URLs. Since the user is logged in, there is an authentication cookie set. A JWT in the URL is not necessary.	2025-06-21 09:21:39 +02:00
Patrick Wang	8a14018861	fix: downloadUrl of file preview (#3728 )	2025-06-21 09:21:17 +02:00
Henrique Dias	a493ec90ff	docs: add more docker notes	2025-06-21 08:45:53 +02:00