cyberrapists/cg_api_secure-webshare
SHA256
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
beff08fefbb827db0d00d650c2223b8a72126acda60d13a5a410730e008be725
cg_api_secure-webshare/agent1_batch10.md

1.5 KiB
Raw Blame History

Batch 10 — API Documentation Update

File Changed

  • docs/API.md

Exact Changes Made

1. Added POST /api/content/:cxid/report endpoint

Inserted a new endpoint section between GET /api/content/:cxid/file/:file_idx/raw and POST /api/content/:cxid/verify-password.

  • Auth: None
  • Body: { "reason": "string" }
  • Behavior documented: Validates cxid, checks content is active, inserts report with reporter_user_id = 0 (web), forwards notification to all review_group_ids via Telegram Bot API
  • Response: 204 No Content on success, 404 Not Found if content not found/deleted/blacklisted
  • Rate limiting: Covered by the general API governor

2. Updated GET /api/content/:cxid/file/:file_idx view counter note

Changed the note from:

"Range requests and If-None-Match (ETag) matches do not increment the counter."

To:

"Range requests, If-None-Match (ETag) matches, and HEAD requests do not increment the counter."

3. Added "Password Flow" subsection under General Behavior

Inserted after "Rate Limiting" and before "Fallback / Static Assets" to clarify:

  • The sc query parameter is checked on both the metadata endpoint (GET /api/content/:cxid) and the file endpoints (GET /api/content/:cxid/file/:file_idx, GET /api/content/:cxid/file/:file_idx/raw).
  • When valid, the server sets an HMAC-signed cgcx_pw cookie on the response.
  • Passwords can also be provided via the cgcx_pw cookie.
  • For programmatic verification, use POST /api/content/:cxid/verify-password.
Reference in New Issue View Git Blame Copy Permalink