Merge pull request #1003 from PrivateBin/yourls-cleanup

improve configuration wording, adjust self check
This commit is contained in:
El RIDO 2022-11-03 19:54:56 +01:00 committed by GitHub
commit 66600e5eb3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 29 additions and 20 deletions

View File

@ -7,9 +7,10 @@
; (optional) set a project name to be displayed on the website ; (optional) set a project name to be displayed on the website
; name = "PrivateBin" ; name = "PrivateBin"
; The full URL, with the domain name and directories that point to the PrivateBin files ; The full URL, with the domain name and directories that point to the
; This URL is essential to allow Opengraph images to be displayed on social networks ; PrivateBin files, including an ending slash (/). This URL is essential to
; basepath = "" ; allow Opengraph images to be displayed on social networks.
; basepath = "https://privatebin.example.com/"
; enable or disable the discussion feature, defaults to true ; enable or disable the discussion feature, defaults to true
discussion = true discussion = true
@ -55,9 +56,9 @@ languageselection = false
; if this is set and language selection is disabled, this will be the only language ; if this is set and language selection is disabled, this will be the only language
; languagedefault = "en" ; languagedefault = "en"
; (optional) URL shortener address to offer after a new paste is created ; (optional) URL shortener address to offer after a new paste is created.
; it is suggested to only use this with self-hosted shorteners as this will leak ; It is suggested to only use this with self-hosted shorteners as this will leak
; the pastes encryption key ; the pastes encryption key.
; urlshortener = "https://shortener.example.com/api?link=" ; urlshortener = "https://shortener.example.com/api?link="
; (optional) Let users create a QR code for sharing the paste URL with one click. ; (optional) Let users create a QR code for sharing the paste URL with one click.
@ -230,18 +231,18 @@ dir = PATH "data"
;secretkey = "secret access key" ;secretkey = "secret access key"
[yourls] [yourls]
; don't mix this up with "urlshortener" config item: ; When using YOURLS as a "urlshortener" config item:
; - when using a standard configuration, "urlshortener" will point to the YOURLS ; - By default, "urlshortener" will point to the YOURLS API URL, with or without
; API, including access credentials, and will be part of the PrivateBin public ; credentials, and will be visible in public on the PrivateBin web page.
; web page (insecure!) ; Only use this if you allow short URL creation without credentials.
; - when using the parameters in this section ("signature" and "apiurl"), ; - Alternatively, using the parameters in this section ("signature" and
; "urlshortener" will point to a fixed PrivateBin page ; "apiurl"), "urlshortener" needs to point to the base URL of your PrivateBin
; ("$basepath/shortenviayourls?link=") and that URL will in turn call YOURLS ; instance with "shortenviayourls?link=" appended. For example:
; server-side, using the URL from "apiurl" and the "access signature" from the ; urlshortener = "${basepath}shortenviayourls?link="
; "signature" parameters below. ; This URL will in turn call YOURLS on the server side, using the URL from
; "apiurl" and the "access signature" from the "signature" parameters below.
; (optional) the "signature" (access key) issued by YOURLS for the using account ; (optional) the "signature" (access key) issued by YOURLS for the using account
; signature = "" ; signature = ""
; (optional) the URL of the YOURLS API, called to shorten a PrivateBin URL ; (optional) the URL of the YOURLS API, called to shorten a PrivateBin URL
; apiurl = "" ; apiurl = "https://yourls.example.com/yourls-api.php"

View File

@ -236,6 +236,14 @@ class Configuration
if (!array_key_exists($this->_configuration['expire']['default'], $this->_configuration['expire_options'])) { if (!array_key_exists($this->_configuration['expire']['default'], $this->_configuration['expire_options'])) {
$this->_configuration['expire']['default'] = key($this->_configuration['expire_options']); $this->_configuration['expire']['default'] = key($this->_configuration['expire_options']);
} }
// ensure the basepath ends in a slash, if one is set
if (
strlen($this->_configuration['main']['basepath']) &&
substr_compare($this->_configuration['main']['basepath'], '/', -1) !== 0
) {
$this->_configuration['main']['basepath'] .= '/';
}
} }
/** /**

View File

@ -48,7 +48,7 @@ class YourlsProxy
*/ */
public function __construct(Configuration $conf, $link) public function __construct(Configuration $conf, $link)
{ {
if (strpos($link, $conf->getKey('basepath') . '/?') === false) { if (strpos($link, $conf->getKey('basepath') . '?') === false) {
$this->_error = 'Trying to shorten a URL that isn\'t pointing at our instance.'; $this->_error = 'Trying to shorten a URL that isn\'t pointing at our instance.';
return; return;
} }

View File

@ -272,7 +272,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
{ {
$mock_yourls_service = $this->_path . DIRECTORY_SEPARATOR . 'yourls.json'; $mock_yourls_service = $this->_path . DIRECTORY_SEPARATOR . 'yourls.json';
$options = parse_ini_file(CONF, true); $options = parse_ini_file(CONF, true);
$options['main']['basepath'] = 'https://example.com/path'; $options['main']['basepath'] = 'https://example.com/path'; // missing slash gets added by Configuration constructor
$options['main']['urlshortener'] = 'https://example.com/path/shortenviayourls?link='; $options['main']['urlshortener'] = 'https://example.com/path/shortenviayourls?link=';
$options['yourls']['apiurl'] = $mock_yourls_service; $options['yourls']['apiurl'] = $mock_yourls_service;
Helper::createIniFile(CONF, $options); Helper::createIniFile(CONF, $options);

View File

@ -20,7 +20,7 @@ class YourlsProxyTest extends PHPUnit_Framework_TestCase
} }
$this->_mock_yourls_service = $this->_path . DIRECTORY_SEPARATOR . 'yourls.json'; $this->_mock_yourls_service = $this->_path . DIRECTORY_SEPARATOR . 'yourls.json';
$options = parse_ini_file(CONF_SAMPLE, true); $options = parse_ini_file(CONF_SAMPLE, true);
$options['main']['basepath'] = 'https://example.com'; $options['main']['basepath'] = 'https://example.com/';
$options['main']['urlshortener'] = 'https://example.com/shortenviayourls?link='; $options['main']['urlshortener'] = 'https://example.com/shortenviayourls?link=';
$options['yourls']['apiurl'] = $this->_mock_yourls_service; $options['yourls']['apiurl'] = $this->_mock_yourls_service;
Helper::confBackup(); Helper::confBackup();