diff --git a/CHANGELOG.md b/CHANGELOG.md index 5424a91..8a6db90 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ * **next (not yet released)** * ADDED: Translations for Italian + * CHANGED: Using modal dialog to request password input instead of native JS input window (#69) * CHANGED: Suppressed referrer HTTP header sending when following links in a paste or comment (#96) and added additional HTTP headers for XSS mitigation (#91) * CHANGED: Updated random_compat and jQuery libraries * **1.0 (2016-08-25)** diff --git a/CREDITS.md b/CREDITS.md index e6bf613..6170a2e 100644 --- a/CREDITS.md +++ b/CREDITS.md @@ -20,6 +20,7 @@ Sébastien Sauvage - original idea and main developer * rugk - new logo/icons * Sobak - PSR-4 and PSR-2 refactoring * Nathaniel Olsen - jQuery upgrade +* Alexander Demenshin - modal password dialog ## Translations * Hexalyse - French diff --git a/i18n/de.json b/i18n/de.json index 7412486..2bc8cdb 100644 --- a/i18n/de.json +++ b/i18n/de.json @@ -80,10 +80,6 @@ ["Dieses Dokument läuft in einem Monat ab.", "Dieses Dokument läuft in %d Monaten ab."], "Please enter the password for this paste:": "Bitte gib das Passwort für diesen Text ein:", - "Decrypt": - "Entschlüsseln", - "Enter password": - "Passwort eingeben", "Could not decrypt data (Wrong key?)": "Konnte Daten nicht entschlüsseln (Falscher Schlüssel?)", "Could not delete the paste, it was not stored in burn after reading mode.": @@ -144,5 +140,9 @@ "Editor": "Bearbeiten", "Preview": "Vorschau", "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": - "Der PATH muss bei PrivateBin mit einem \"%s\" enden. Bitte passe Deinen PATH in Deiner index.php an." + "Der PATH muss bei PrivateBin mit einem \"%s\" enden. Bitte passe Deinen PATH in Deiner index.php an.", + "Decrypt": + "Entschlüsseln", + "Enter password": + "Passwort eingeben" } diff --git a/i18n/fr.json b/i18n/fr.json index 3fe3baa..889e4d2 100644 --- a/i18n/fr.json +++ b/i18n/fr.json @@ -149,5 +149,9 @@ "Editor": "Éditer", "Preview": "Prévisualiser", "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": - "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php." + "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.", + "Decrypt": + "Decrypt", + "Enter password": + "Entrez le mot de passe" } diff --git a/i18n/it.json b/i18n/it.json index 45cf68a..1bd0946 100644 --- a/i18n/it.json +++ b/i18n/it.json @@ -79,7 +79,7 @@ "This document will expire in %d months.": ["Questo documento scadrà tra un mese.", "Questo documento scadrà in %d mesi."], "Please enter the password for this paste:": - "Inserisci la passowrd per questo messaggio:", + "Inserisci la password per questo messaggio:", "Could not decrypt data (Wrong key?)": "Non riesco a decifrari i dati (Chiave errata?)", "Could not delete the paste, it was not stored in burn after reading mode.": @@ -140,5 +140,9 @@ "Editor": "Editor", "Preview": "Preview", "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": - "PrivateBin necessita che PATH termini con \"%s\". Aggiorna la variabile PATH nel tuo index.php." + "PrivateBin necessita che PATH termini con \"%s\". Aggiorna la variabile PATH nel tuo index.php.", + "Decrypt": + "Decrypt", + "Enter password": + "Inserisci la password" } diff --git a/i18n/pl.json b/i18n/pl.json index 26771ff..c5675d1 100644 --- a/i18n/pl.json +++ b/i18n/pl.json @@ -140,5 +140,9 @@ "Editor": "Edytować", "Preview": "Zapowiedź", "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": - "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php." + "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.", + "Decrypt": + "Decrypt", + "Enter password": + "Wpisz hasło" } diff --git a/i18n/sl.json b/i18n/sl.json index 625fb89..46cd015 100644 --- a/i18n/sl.json +++ b/i18n/sl.json @@ -149,5 +149,9 @@ "Editor": "Uredi", "Preview": "Predogled", "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": - "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php." + "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.", + "Decrypt": + "Decrypt", + "Enter password": + "Prosim vnesi geslo" } diff --git a/i18n/zh.json b/i18n/zh.json index e79add0..2da14a1 100644 --- a/i18n/zh.json +++ b/i18n/zh.json @@ -140,5 +140,9 @@ "Editor": "編輯", "Preview": "預習", "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": - "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php." + "PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.", + "Decrypt": + "Decrypt", + "Enter password": + "Enter password" } diff --git a/js/privatebin.js b/js/privatebin.js index 740ea1a..d102f89 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -611,14 +611,26 @@ $(function() { }, /** - * ask the user for the password and return it - * - * @throws error when dialog canceled - * @return string password + * ask the user for the password and set it */ requestPassword: function() { - $("#passwordModal").modal(); + if (this.passwordModal.length == 0) { + var password = prompt(i18n._('Please enter the password for this paste:'), ''); + if (password === null) + { + throw 'password prompt canceled'; + } + if (password.length === 0) + { + this.requestPassword(); + } else { + this.passwordInput.val(password); + this.displayMessages(); + } + } else { + this.passwordModal.modal(); + } }, /** @@ -679,14 +691,15 @@ $(function() { /** * Show decrypted text in the display area, including discussion (if open) * - * @param string key : decryption key - * @param object paste : paste object including comments to display (items = array with keys ('data','meta') + * @param object paste (optional) object including comments to display (items = array with keys ('data','meta') */ - displayMessages: function(key, paste) + displayMessages: function(paste) { - // Try to decrypt the paste. + paste = paste || $.parseJSON(this.cipherData.text()); + var key = this.pageKey(); var password = this.passwordInput.val(); if (!this.prettyPrint.hasClass('prettyprinted')) { + // Try to decrypt the paste. try { if (paste.attachment) @@ -696,7 +709,8 @@ $(function() { { if (password.length === 0) { - return this.requestPassword(); + this.requestPassword(); + return; } attachment = filter.decipher(key, password, paste.attachment); } @@ -731,7 +745,8 @@ $(function() { var cleartext = filter.decipher(key, password, paste.data); if (cleartext.length === 0 && password.length === 0 && !paste.attachment) { - return this.requestPassword(); + this.requestPassword(); + return; } if (cleartext.length === 0 && !paste.attachment) { @@ -932,7 +947,7 @@ $(function() { { if (data.status === 0) { - privatebin.displayMessages(privatebin.pageKey(), data); + privatebin.displayMessages(data); } else if (data.status === 1) { @@ -1151,7 +1166,7 @@ $(function() { /** * Put the screen in "Existing paste" mode. * - * @param boolean preview (optional) : tell if the preview tabs should be displayed, defaults to false. + * @param boolean preview (optional) tell if the preview tabs should be displayed, defaults to false. */ stateExistingPaste: function(preview) { @@ -1410,6 +1425,34 @@ $(function() { this.fileWrap.removeClass('hidden'); }, + /** + * Focus on the modal password dialog. + */ + focusPasswordModal: function() + { + this.passwordDecrypt.focus(); + }, + + /** + * Decrypt using the password from the modal dialog. + */ + decryptPasswordModal: function() + { + this.passwordInput.val(this.passwordDecrypt.val()); + this.displayMessages(); + }, + + /** + * Submit a password in the modal dialog. + * + * @param Event event + */ + submitPasswordModal: function(event) + { + event.preventDefault(); + this.passwordModal.modal('hide'); + }, + /** * Display an error message * (We use the same function for paste and reply to comments) @@ -1497,6 +1540,11 @@ $(function() { // page template drop down $('#language select option').click($.proxy(this.setLanguage, this)); + + // handle modal password request on decryption + this.passwordModal.on('shown.bs.modal', $.proxy(this.focusPasswordModal, this)); + this.passwordModal.on('hidden.bs.modal', $.proxy(this.decryptPasswordModal, this)); + this.passwordForm.submit($.proxy(this.submitPasswordModal, this)); }, /** @@ -1533,6 +1581,9 @@ $(function() { this.openDiscussion = $('#opendiscussion'); this.password = $('#password'); this.passwordInput = $('#passwordinput'); + this.passwordModal = $('#passwordmodal'); + this.passwordForm = $('#passwordform'); + this.passwordDecrypt = $('#passworddecrypt'); this.pasteResult = $('#pasteresult'); this.prettyMessage = $('#prettymessage'); this.prettyPrint = $('#prettyprint'); @@ -1563,30 +1614,9 @@ $(function() { return; } - // List of messages to display. - var data = $.parseJSON(this.cipherData.text()); - // Show proper elements on screen. this.stateExistingPaste(); - - { - // This part of code handles modal password request on decryption - // Inside of event handler, "this" is something different... so we have to save it - var self = this; - $("#passwordModal").on('shown.bs.modal', function() { - $("#decryptPassword").focus(); - }); - $("#passwordForm").submit(function(){ - $("#passwordModal").modal("hide"); - return false; - }); - $("#passwordModal").on("hidden.bs.modal", function(){ - self.passwordInput.val($("#decryptPassword").val()); - self.displayMessages(self.pageKey(), data); - }); - } - - this.displayMessages(this.pageKey(), data); + this.displayMessages(); } // Display error message from php code. else if (this.errorMessage.text().length > 1) diff --git a/tpl/bootstrap-compact.php b/tpl/bootstrap-compact.php index 5c497d4..744998a 100644 --- a/tpl/bootstrap-compact.php +++ b/tpl/bootstrap-compact.php @@ -52,7 +52,7 @@ if ($MARKDOWN): - + @@ -66,6 +66,21 @@ endif;
+