From 76eff6a87afcfbcd184bc875b89d368ab4a2bd38 Mon Sep 17 00:00:00 2001 From: El RIDO Date: Sat, 18 Jan 2020 07:12:03 +0100 Subject: [PATCH] Revert "[TEST] Try to disallow vulnerable cases" to remove accidentally committed file and statement that breaks the tests This reverts commit ebc2d649c412afc0d82b1c3ad6a7990189d11289. --- js/privatebin.js | 3 --- test.diff | 40 ---------------------------------------- tpl/bootstrap.php | 2 +- tpl/page.php | 2 +- 4 files changed, 2 insertions(+), 45 deletions(-) delete mode 100644 test.diff diff --git a/js/privatebin.js b/js/privatebin.js index 7fab607..975b212 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -616,9 +616,6 @@ jQuery.PrivateBin = (function($, RawDeflate) { // messageID may contain links, but only the first parameter, as that is from a trusted source (code or translation JSON files) let containsLinks = args[0].indexOf(' 0) { - throw new Error('security violation detected: do not concatenate links and untrusted data!'); - } // format string let output = Helper.sprintf.apply(this, args); diff --git a/test.diff b/test.diff deleted file mode 100644 index 97e384f..0000000 --- a/test.diff +++ /dev/null @@ -1,40 +0,0 @@ -diff --git a/js/privatebin.js b/js/privatebin.js -index c83d8ff..5c0aecc 100644 ---- a/js/privatebin.js -+++ b/js/privatebin.js -@@ -620,6 +620,9 @@ jQuery.PrivateBin = (function($, RawDeflate) { - - // messageID may contain links, but only the first parameter, as that is from a trusted source (code or translation JSON files) - let containsLinks = args[0].indexOf(' 0) { -+ throw new Error('security violation detected: do not concatenate links and untrusted data!'); -+ } - - // format string - let output = Helper.sprintf.apply(this, args); -diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php -index 59c730e..0e949da 100644 ---- a/tpl/bootstrap.php -+++ b/tpl/bootstrap.php -@@ -72,7 +72,7 @@ endif; - ?> - - -- -+ - - - -diff --git a/tpl/page.php b/tpl/page.php -index 0f8df18..ff2d5f5 100644 ---- a/tpl/page.php -+++ b/tpl/page.php -@@ -50,7 +50,7 @@ endif; - ?> - - -- -+ - - - diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php index 03636d9..f7c1953 100644 --- a/tpl/bootstrap.php +++ b/tpl/bootstrap.php @@ -72,7 +72,7 @@ endif; ?> - + diff --git a/tpl/page.php b/tpl/page.php index 760d991..55f5f78 100644 --- a/tpl/page.php +++ b/tpl/page.php @@ -50,7 +50,7 @@ endif; ?> - +