cyberrapists/cg_api_secure-webshare
SHA256
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b004e1594877a863c2eb96183fa99dbde1a781763165f62c55d1842dc56640b4
cg_api_secure-webshare/agent1_batch10.md

1.5 KiB
Raw Blame History

Batch 10 — API Documentation Update

File Changed

  • docs/API.md

Exact Changes Made

1. Added POST /api/content/:cxid/report endpoint

Inserted a new endpoint section between GET /api/content/:cxid/file/:file_idx/raw and POST /api/content/:cxid/verify-password.

  • Auth: None
  • Body: { "reason": "string" }
  • Behavior documented: Validates cxid, checks content is active, inserts report with reporter_user_id = 0 (web), forwards notification to all review_group_ids via Telegram Bot API
  • Response: 204 No Content on success, 404 Not Found if content not found/deleted/blacklisted
  • Rate limiting: Covered by the general API governor

2. Updated GET /api/content/:cxid/file/:file_idx view counter note

Changed the note from:

"Range requests and If-None-Match (ETag) matches do not increment the counter."

To:

"Range requests, If-None-Match (ETag) matches, and HEAD requests do not increment the counter."

3. Added "Password Flow" subsection under General Behavior

Inserted after "Rate Limiting" and before "Fallback / Static Assets" to clarify:

  • The sc query parameter is checked on both the metadata endpoint (GET /api/content/:cxid) and the file endpoints (GET /api/content/:cxid/file/:file_idx, GET /api/content/:cxid/file/:file_idx/raw).
  • When valid, the server sets an HMAC-signed cgcx_pw cookie on the response.
  • Passwords can also be provided via the cgcx_pw cookie.
  • For programmatic verification, use POST /api/content/:cxid/verify-password.
Reference in New Issue View Git Blame Copy Permalink