2.0

Author: fyaz05

.github/workflows/dockerize.yml

@@ -7,16 +7,17 @@ on:
 
 jobs:
   build:
+    if: github.repository == 'fyaz05/FileToLink'
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v5
-      
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
           username: fyaz05
           password: ${{ secrets.DOCKER_TOKEN }}
-          
+
       - name: Build and Push
         uses: docker/build-push-action@v6
         with:

.python-version

@@ -1 +1 @@
-3.13
+3.14

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.13-slim
+FROM python:3.14-slim
 
 ENV PYTHONUNBUFFERED=1 \
     PYTHONDONTWRITEBYTECODE=1

README.md

@@ -3,4 +3,4 @@
 import time
 
 StartTime = time.time()
-__version__ = "1.9.9"
+__version__ = "2.0.0"

Thunder/__init__.py

@@ -26,13 +26,14 @@
     MSG_ADMIN_AUTH_LIST_HEADER, MSG_ADMIN_NO_BAN_REASON,
     MSG_ADMIN_USER_BANNED, MSG_ADMIN_USER_UNBANNED, MSG_AUTHORIZE_FAILED,
     MSG_AUTHORIZE_SUCCESS, MSG_AUTHORIZE_USAGE, MSG_AUTH_USER_INFO,
-    MSG_BAN_REASON_SUFFIX, MSG_BAN_USAGE, MSG_BUTTON_CLOSE,
-    MSG_CANNOT_BAN_OWNER, MSG_CHANNEL_BANNED, MSG_CHANNEL_BANNED_REASON_SUFFIX,
-    MSG_CHANNEL_NOT_BANNED, MSG_CHANNEL_UNBANNED, MSG_DB_ERROR, MSG_DB_STATS,
+    MSG_BAN_REASON_SUFFIX, MSG_BAN_USAGE, MSG_BROADCAST_USAGE,
+    MSG_BUTTON_CLOSE, MSG_CANNOT_BAN_OWNER, MSG_CHANNEL_BANNED,
+    MSG_CHANNEL_BANNED_REASON_SUFFIX, MSG_CHANNEL_NOT_BANNED,
+    MSG_CHANNEL_UNBANNED, MSG_DB_ERROR, MSG_DB_STATS,
     MSG_DEAUTHORIZE_FAILED, MSG_DEAUTHORIZE_SUCCESS,
-    MSG_DEAUTHORIZE_USAGE, MSG_ERROR_GENERIC, MSG_INVALID_USER_ID,
-    MSG_LOG_FILE_CAPTION, MSG_LOG_FILE_EMPTY, MSG_LOG_FILE_MISSING,
-    MSG_NO_AUTH_USERS, MSG_RESTARTING, MSG_SHELL_ERROR,
+    MSG_DEAUTHORIZE_USAGE, MSG_ERROR_GENERIC, MSG_INVALID_BROADCAST_CMD,
+    MSG_INVALID_USER_ID, MSG_LOG_FILE_CAPTION, MSG_LOG_FILE_EMPTY,
+    MSG_LOG_FILE_MISSING, MSG_NO_AUTH_USERS, MSG_RESTARTING, MSG_SHELL_ERROR,
     MSG_SHELL_EXECUTING, MSG_SHELL_NO_OUTPUT, MSG_SHELL_OUTPUT,
     MSG_SHELL_OUTPUT_STDERR, MSG_SHELL_OUTPUT_STDOUT, MSG_SHELL_USAGE,
     MSG_SPEEDTEST_ERROR, MSG_SPEEDTEST_INIT, MSG_SPEEDTEST_RESULT,
@@ -65,7 +66,28 @@ async def get_total_users(client: Client, message: Message):
 
 @StreamBot.on_message(filters.command("broadcast") & owner_filter)
 async def broadcast_handler(client: Client, message: Message):
-    await broadcast_message(client, message)
+    mode = "all"
+    if len(message.command) > 1:
+        arg = message.command[1].lower().strip()
+        if arg in ("help", "--help", "-h"):
+            return await reply(message, text=MSG_BROADCAST_USAGE, parse_mode=ParseMode.MARKDOWN)
+        if arg == "authorized":
+            mode = "authorized"
+        elif arg == "regular":
+            mode = "regular"
+        else:
+            safe_arg = arg.replace("`", "'")
+            await reply(
+                message,
+                text=f"❌ **Invalid argument:** `{safe_arg}`\n\n{MSG_BROADCAST_USAGE}",
+                parse_mode=ParseMode.MARKDOWN
+            )
+            return
+
+    if not message.reply_to_message:
+        return await reply(message, text=MSG_INVALID_BROADCAST_CMD)
+
+    await broadcast_message(client, message, mode=mode)
 
 
 @StreamBot.on_message(filters.command("status") & owner_filter)

Thunder/bot/plugins/admin.py

@@ -3,7 +3,8 @@
 from aiohttp import web
 from .stream_routes import routes
 
+
 async def web_server():
-    web_app = web.Application(client_max_size=30000000)
+    web_app = web.Application(client_max_size=50 * 1024 * 1024)
     web_app.add_routes(routes)
     return web_app

Thunder/server/__init__.py

@@ -26,6 +26,13 @@
 PATTERN_ID_FIRST = re.compile(r"^(\d+)(?:/.*)?$")
 VALID_HASH_REGEX = re.compile(r'^[a-zA-Z0-9_-]+$')
 
+CORS_HEADERS = {
+    "Access-Control-Allow-Origin": "*",
+    "Access-Control-Allow-Methods": "GET, HEAD, OPTIONS",
+    "Access-Control-Allow-Headers": "Range, Content-Type, *",
+    "Access-Control-Expose-Headers": "Content-Length, Content-Range, Content-Disposition",
+}
+
 streamers = {}
 
 
@@ -101,7 +108,8 @@ def parse_range_header(range_header: str, file_size: int) -> tuple[int, int]:
             raise web.HTTPBadRequest(text=f"Invalid range header: {range_header}")
         suffix_len = int(end_str)
         if suffix_len <= 0:
-            raise web.HTTPRequestRangeNotSatisfiable(headers={"Content-Range": f"bytes */{file_size}"})
+            raise web.HTTPRequestRangeNotSatisfiable(
+                headers={"Content-Range": f"bytes */{file_size}"})
         start = max(file_size - suffix_len, 0)
         end = file_size - 1
 
@@ -114,7 +122,6 @@ def parse_range_header(range_header: str, file_size: int) -> tuple[int, int]:
 
 
 @routes.get("/", allow_head=True)
-
 async def root_redirect(request):
     raise web.HTTPFound("https://github.com/fyaz05/FileToLink")
 
@@ -126,21 +133,39 @@ async def status_endpoint(request):
 
     workload_distribution = {str(k): v for k, v in sorted(work_loads.items())}
 
-    return web.json_response({
-        "server": {
-            "status": "operational",
-            "version": __version__,
-            "uptime": get_readable_time(uptime)
-        },
-        "telegram_bot": {
-            "username": f"@{StreamBot.username}",
-            "active_clients": len(multi_clients)
+    return web.json_response(
+        {
+            "server": {
+                "status": "operational",
+                "version": __version__,
+                "uptime": get_readable_time(uptime)
+            },
+            "telegram_bot": {
+                "username": f"@{StreamBot.username}",
+                "active_clients": len(multi_clients)
+            },
+            "resources": {
+                "total_workload": total_load,
+                "workload_distribution": workload_distribution
+            }
         },
-        "resources": {
-            "total_workload": total_load,
-            "workload_distribution": workload_distribution
+        headers={"Access-Control-Allow-Origin": "*"}
+    )
+
+
+@routes.options("/status")
+async def status_options(request: web.Request):
+    return web.Response(headers={
+        **CORS_HEADERS,
+        "Access-Control-Max-Age": "86400"
+    })
 
-        }
+
+@routes.options(r"/{path:.+}")
+async def media_options(request: web.Request):
+    return web.Response(headers={
+        **CORS_HEADERS,
+        "Access-Control-Max-Age": "86400"
     })
 
 
@@ -152,15 +177,25 @@ async def media_preview(request: web.Request):
 
         rendered_page = await render_page(
             message_id, secure_hash, requested_action='stream')
-        return web.Response(text=rendered_page, content_type='text/html')
+
+        response = web.Response(
+            text=rendered_page,
+            content_type='text/html',
+            headers={
+                "Access-Control-Allow-Origin": "*",
+                "Access-Control-Allow-Headers": "Range, Content-Type, *",
+                "X-Content-Type-Options": "nosniff",
+            }
+        )
+        response.enable_compression()
+        return response
 
     except (InvalidHash, FileNotFound) as e:
         logger.debug(
             f"Client error in preview: {type(e).__name__} - {e}",
             exc_info=True)
         raise web.HTTPNotFound(text="Resource not found") from e
     except Exception as e:
-
         error_id = secrets.token_hex(6)
         logger.error(f"Preview error {error_id}: {e}", exc_info=True)
         raise web.HTTPInternalServerError(
@@ -201,8 +236,13 @@ async def media_delivery(request: web.Request):
 
             mime_type = (
                 file_info.get('mime_type') or 'application/octet-stream')
-            filename = (
-                file_info.get('file_name') or f"file_{secrets.token_hex(4)}")
+
+            filename = file_info.get('file_name')
+            if not filename:
+                ext = mime_type.split('/')[-1] if '/' in mime_type else 'bin'
+                ext_map = {'jpeg': 'jpg', 'mpeg': 'mp3', 'octet-stream': 'bin'}
+                ext = ext_map.get(ext, ext)
+                filename = f"file_{secrets.token_hex(4)}.{ext}"
 
             headers = {
                 "Content-Type": mime_type,
@@ -211,7 +251,12 @@ async def media_delivery(request: web.Request):
                     f"inline; filename*=UTF-8''{quote(filename)}"),
                 "Accept-Ranges": "bytes",
                 "Cache-Control": "public, max-age=31536000",
-                "Connection": "keep-alive"
+                "Connection": "keep-alive",
+                "Access-Control-Allow-Origin": "*",
+                "Access-Control-Allow-Headers": "Range, Content-Type, *",
+                "Access-Control-Expose-Headers": (
+                    "Content-Length, Content-Range, Content-Disposition"),
+                "X-Content-Type-Options": "nosniff"
             }
 
             if range_header:
@@ -250,6 +295,7 @@ async def stream_generator():
                             break
                 finally:
                     work_loads[client_id] -= 1
+
             return web.Response(
                 status=206 if range_header else 200,
                 body=stream_generator(),