Softpedia >Mac >Internet Utilities >OnionShare >  Changelog

OnionShare Changelog

What's new in OnionShare 2.6.2

Mar 22, 2024
  • Security fix: Removes newlines from History item path
  • Security fix: Set a maximum length of 524288 characters for text messages in Receive mode
  • Security fix: Allows only specific ASCII characters for usernames and removes control characters
  • Security fix: Forcefully disconnect user from chat on disconnect event
  • Security fix: Handle username validation excpeptions to prevent silent joining

New in OnionShare 2.6.1 (Mar 22, 2024)

  • Release updates: Automate builds with CI, make just 64-bit Windows release, make a single universal2 release for both Intel and Apple Silicon macOS
  • Upgrade dependencies, including Tor, meek, and snowflake
  • Bug fix: Restore the primary_action mode settings in a tab after OnionShare reconnects to Tor
  • Bug fix: Fix issue with auto-connecting to Tor with persistent tabs open
  • Bug fix: Fix packaging issue where Windows version of OnionShare conflicts with Windows version of Dangerzone
  • Bug fix: Fix 'Use a bridge' checkbox state change
  • Bug fix: Raise error from waitress if not shutdown

New in OnionShare 2.6 (Oct 10, 2022)

  • Major feature: a new 'Quickstart' screen, which enables toggling on or off an animated automatic connection to Tor. This allows configuring network settings prior to automatic connection.
  • Major feature: Censorship circumvention. Use new features in the upstream Tor API to try to automatically obtain bridges depending on the user's location.
  • New feature: automatically fetch the built-in bridges from the upstream Tor API rather than hardcode them in each release of OnionShare.
  • New feature: keyboard shortcuts to access various modes and menus, and accessibility hints
  • Bug fix: Temporary Directory for serving the OnionShare web pages was broken on Windows
  • Packaging: Packaging is more automated, and Linux Snapcraft releases are available for amd64, arm64, and armhf
  • Miscellaneous: Many dependency updates and web page theming improvements

New in OnionShare 2.6 Dev 1 (Jun 20, 2022)

  • Early release to test CI builds.

New in OnionShare 2.5 (Jan 18, 2022)

  • Security fix: Sanitize the path parameter in History item widget to be plain text
  • Security fix: Use microseconds in Receive mode directory creation to avoid potential DoS
  • Security fix: Several hardening improvements for session and username management in Chat mode, to prevent impersonation and other issues
  • Major feature: Obtain bridges from Moat / BridgeDB (over a domain-fronted Meek client)
  • Major feature: Snowflake bridge support
  • New feature: Tor connection settings, as well as general settings, are now Tabs rather than dialogs
  • New feature: User can customize the Content-Security-Policy header in Website mode
  • New feature: Built-in bridges are automatically updated from Tor's API when the user has chosen to use them
  • Switch to using our stem fork called cepa, which is now published on PyPi so we can build it in releases
  • Various bug fixes

New in OnionShare 2.4 (Sep 29, 2021)

  • Major feature: Private keys (v3 onion client authentication) replaces passwords and HTTP basic auth
  • Updated Tor to 0.4.6.7 on all platforms
  • Various bug fixes

New in OnionShare 2.3.3 (Aug 23, 2021)

  • New feature: Setting for light or dark theme
  • Updated Tor to 0.4.6.7 for Linux, 0.4.5.10 for Windows and macOS
  • Various bug fixes

New in OnionShare 2.3.2 (Aug 23, 2021)

  • New feature: Custom titles can be set for OnionShare's various modes
  • New feature: Receive mode supports notification webhooks
  • New feature: Receive mode supports submitting messages as well as files
  • New feature: New ASCII art banner and prettier verbose output
  • New feature: Partial support for range requests (pausing and resuming in HTTP)
  • Updated Tor to 0.4.5.7
  • Updated built-in obfs4 bridges
  • Various bug fixes

New in OnionShare 2.3.1 (Feb 23, 2021)

  • Bugfix: Fix chat mode
  • Bugfix: Fix --persistent in onionshare-cli
  • Bugfix: Fix checking for updates in Windows and macOS

New in OnionShare 2.3 (Feb 23, 2021)

  • Major new feature: Multiple tabs, including better support for persistent services, faster Tor connections
  • New feature: Chat anonymously mode
  • New feature: All new design
  • New feature: Ability to display QR codes of OnionShare addresses
  • New feature: Web apps have responsive design and look better on mobile
  • New feature: Flatpak and Snapcraft packaging for Linux
  • Several bug fixes

New in OnionShare 2.2 (Sep 21, 2020)

  • New feature: Website mode, which allows publishing a static HTML website as an onion service
  • Allow individual files to be viewed or downloaded in Share mode, including the ability to browse into subdirectories and use breadcrumbs to navigate back
  • Show a counter when individual files or pages are viewed
  • Better History items including colors and status codes to differentiate between successful and failed requests
  • Swap out the random /slug suffix for HTTP basic authentication (when in non-public mode)
  • Hide the Tor connection settings if the ONIONSHARE_HIDE_TOR_SETTINGS environment variable is set (Tails compatibility)
  • Remove the NoScript XSS warning in Receive Mode now that the NoScript/Tor Browser bug is fixed. The ajax upload method still exists when javascript is enabled.
  • Better support for DragonFly BSD
  • Updated various dependencies, including Flask, Werkzeug, urllib3, requests, and PyQt5
  • Updated Tor to 0.4.1.5
  • Other minor bug fixes
  • New translations:
  • Arabic (العربية)
  • Dutch (Nederlands)
  • Persian (فارسی)
  • Romanian (Română)
  • Serbian latin (Srpska (latinica))
  • Removed translations with fewer than 90% of strings translated:
  • Finnish (Suomi)

New in OnionShare 2.1 (May 8, 2019)

  • New feature: Auto-start timer, which allows scheduling when the server starts
  • Renamed CLI argument --debug to --verbose
  • Make Tor connection timeout configurable as a CLI argument
  • Updated various dependencies, including to fix third-party security issues in urllib3, jinja2, and jQuery
  • Update Tor to 0.3.5.8
  • New translations:
  • Traditional Chinese (正體中文 (繁體)),
  • Simplified Chinese (中文 (简体))
  • Finnish (Suomi)
  • German (Deutsch)
  • Icelandic (Íslenska)
  • Irish (Gaeilge)
  • Norwegian Bokmål (Norsk Bokmål)
  • Polish (Polski)
  • Portuguese Portugal (Português (Portugal))
  • Telugu (తెలుగు)
  • Turkish (Türkçe)
  • Ukrainian (Українська)
  • Removed translations because less than 90% of the strings were translated:
  • Bengali (বাংলা)
  • Persian (فارسی)

New in OnionShare 2.0 (Feb 21, 2019)

  • New feature: Receiver mode allows you to receive files with OnionShare, instead of only sending files
  • New feature: Support for next generation onion services
  • New feature: macOS sandbox is enabled
  • New feature: Public mode feature, for public uses of OnionShare, which when enabled turns off slugs in the URL and removes the limit on how many 404 requests can be made
  • New feature: If you're sharing a single file, don't zip it up
  • New feature: Full support for meek_lite (Azure) bridges
  • New feature: Allow selecting your language from a dropdown
  • New translations: Bengali (বাংলা), Catalan (Català), Danish (Dansk), French (Français), Greek (Ελληνικά), Italian (Italiano), Japanese (日本語), Persian (فارسی), Portuguese Brazil (Português Brasil), Russian (Русский), Spanish (Español), Swedish (Svenska)
  • Several bugfixes
  • Invisible to users, but this version includes some major refactoring of the codebase, and a robust set of unit tests which makes OnionShare easier to maintain going forward

New in OnionShare 1.3.1 (Jun 19, 2018)

  • Updated Tor to 0.2.3.10
  • Windows and Mac binaries are now distributed with licenses for tor and obfs4

New in OnionShare 1.3 (Feb 27, 2018)

  • Major UI redesign, introducing many UX improvements
  • Client-side web interface redesigned
  • New feature: Support for meek_lite pluggable transports (Amazon and Azure) - not yet ready for Windows or Mac, sorry
  • New feature: Support for custom obfs4 and meek_lite bridges (again, meek_lite not available on Windows/Mac yet)
  • New feature: ability to cancel share before it starts
  • Bug fix: the UpdateChecker no longer blocks the UI when checking
  • Bug fix: simultaneous downloads (broken in 1.2)
  • Update Tor to 0.2.3.9
  • Improved support for BSD
  • Updated French and Danish translations
  • Minor build script and build documentation fixes
  • Add flake8 tests

New in OnionShare 1.2 (Jan 19, 2018)

  • New feature: Support for Tor bridges, including obfs4proxy
  • New feature: Ability to use a persistent URL
  • New feature: Auto-stop timer, to stop OnionShare at a specified time
  • New feature: Get notification when Tor connection dies
  • Updated versions of python, Qt, tor, and other dependencies that are bundled
  • Added ability to supply a custom settings file as a command line arg
  • Added support for FreeBSD
  • Fixed small user interface issues
  • Fixed minor bugs
  • New translations for Dutch

New in OnionShare 1.1 (May 31, 2017)

  • OnionShare connects to Tor itself now, so opening Tor Browser in the background isn't required
  • In Windows and macOS, OnionShare alerts users about updates
  • Removed the menu bar, and added a Settings button
  • Added desktop notifications, and a system tray icon
  • Ability to add multiple files and folders with a single "Add" button
  • Ability to delete multiple files and folders at once with the "Delete" button
  • Hardened some response headers sent from the web server
  • Minor clarity improvements to the contents of the share's web page
  • Alert the user rather than share an empty archive if a file was unreadable
  • Prettier progress bars

New in OnionShare 1.1 Dev 2 (May 24, 2017)

  • OnionShare connects to Tor itself now, so opening Tor Browser in the background isn't required
  • In Windows and macOS, OnionShare alerts users about updates
  • Removed the menu bar, and adding a Settings button
  • Added desktop notifications

New in OnionShare 1.1 Dev 1 (May 18, 2017)

  • OnionShare connects to Tor itself now, so opening Tor Browser in the background isn't required
  • In Windows and macOS, OnionShare alerts users about updates
  • Removed the menu bar, and adding a Settings button

New in OnionShare 1.0 (Feb 24, 2017)

  • Fixed long-standing macOS X bug that caused OnionShare to crash on older Macs (!)
  • Added settings dialog to configure connecting to Tor, including support for system Tor
  • Added support for stealth onion services (advanced option)
  • Added support for Whonix
  • Improved AppArmor profiles
  • Added progress bar for zipping up files
  • Improved the look of download progress bars
  • Allows developers to launch OnionShare from source tree, without building a package
  • Deleted legacy code, and made OnionShare purely use ephemeral Tor onion services
  • Switched to EFF's diceware wordlist for slugs

New in OnionShare 0.9.1 (Sep 7, 2016)

  • Added Nautilus extension, so you can right-click on a file and choose "Share via OnionShare", thanks to Subgraph developers
  • Switch to using the term "onion service" rather than "hidden service"
  • Fix CVE-2016-5026, minor security issue related to use of /tmp directory
  • Switch from PyInstaller to cx_Freeze for Windows and OSX packaging
  • Support CLI in Windows and OSX

New in OnionShare 0.9 (Apr 13, 2016)

  • Slugs are now shorter and human-readable, with rate limiting to prevent URL guessing
  • Uses a new slug each time the server restarts
  • "Stop sharing automatically" enforces only one download
  • Users get asked if they're sure they want to close OnionShare while server is running
  • Added estimated time remaining progress indicator
  • Fixed frozen window while waiting for hidden service to start
  • Displays version number in both GUI and CLI
  • Closing window causes downloads to stop immediately
  • Web server listens in ports 17600-17650, for future Tails support
  • Updated translations
  • Ported from Python 2 to Python 3 and from Qt4 to Qt5
  • Ported from py2app and py2exe to PyInstaller

New in OnionShare 0.8.1 (Dec 8, 2015)

  • Fixed minor bugs

New in OnionShare 0.8 (Dec 8, 2015)

  • Add support for ephemeral hidden services
  • Stopped leaking sender's locale on download page
  • Add support for Tor Messenger as provider of Tor service
  • Minor bugfixes, code cleanup, and refactoring

New in OnionShare 0.7.1 (Nov 23, 2015)

  • Fixed critical bug in OS X binaries that caused crashes on some computers
  • Added Security Design document
  • Minor bug fix with Windows code signing timestamp server
  • Linux version uses HS dir that is allowed by Tor Browser Launcher's AppArmor profiles