removing exceptions - in these cases server admins can opt to disable the warning message in the configuration

This commit is contained in:
El RIDO 2019-06-22 08:39:46 +02:00
parent 57bd65225d
commit d0365faf76
No known key found for this signature in database
GPG Key ID: 0F5C940A6BD81F92
3 changed files with 3 additions and 22 deletions

View File

@ -4581,31 +4581,12 @@ jQuery.PrivateBin = (function($, RawDeflate) {
if (window.isSecureContext === true || window.isSecureContext === false) { if (window.isSecureContext === true || window.isSecureContext === false) {
return !window.isSecureContext; return !window.isSecureContext;
} }
const url = new URL(window.location);
const url = new URL(window.location);
// HTTP is obviously insecure // HTTP is obviously insecure
if (url.protocol !== 'http:') { if (url.protocol !== 'http:') {
return false; return false;
} }
// filter out actually secure connections over HTTP
if (
url.hostname.endsWith('.onion') ||
url.hostname.endsWith('.i2p')
) {
return false;
}
// whitelist localhost for development
if (
url.hostname === 'localhost' ||
url.hostname === '127.0.0.1'
) {
return false;
}
// totally INSECURE http protocol!
return true; return true;
} }

View File

@ -72,7 +72,7 @@ if ($MARKDOWN):
endif; endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.10.js" integrity="sha512-CqskSFXERL38A1PJP9BlO04me7kmwgDIhN1+k24RoFiisEwXA0BMdm0lzJC7g5jCRZ4k5OYdOJGEqW9CwDl4CA==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/purify-1.0.10.js" integrity="sha512-CqskSFXERL38A1PJP9BlO04me7kmwgDIhN1+k24RoFiisEwXA0BMdm0lzJC7g5jCRZ4k5OYdOJGEqW9CwDl4CA==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-lddjg/5Djy4VAY2IZk3kdLPchAnjHhoUHEemgxRwi351CjSS9GDu7QUpRT/pPPeB8Xh0owxCB9WvcV6hZ/999w==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-PuvR+R5FHPl2S8Gh6UdybTvipakps3ndEDAUAKoRhgmjmljHqAQLnvG13IkdCTIG2Xxn6peumQPvWhrOg1Xx3Q==" crossorigin="anonymous"></script>
<!--[if IE]> <!--[if IE]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style> <style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
<![endif]--> <![endif]-->

View File

@ -50,7 +50,7 @@ if ($MARKDOWN):
endif; endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.10.js" integrity="sha512-CqskSFXERL38A1PJP9BlO04me7kmwgDIhN1+k24RoFiisEwXA0BMdm0lzJC7g5jCRZ4k5OYdOJGEqW9CwDl4CA==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/purify-1.0.10.js" integrity="sha512-CqskSFXERL38A1PJP9BlO04me7kmwgDIhN1+k24RoFiisEwXA0BMdm0lzJC7g5jCRZ4k5OYdOJGEqW9CwDl4CA==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-lddjg/5Djy4VAY2IZk3kdLPchAnjHhoUHEemgxRwi351CjSS9GDu7QUpRT/pPPeB8Xh0owxCB9WvcV6hZ/999w==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-PuvR+R5FHPl2S8Gh6UdybTvipakps3ndEDAUAKoRhgmjmljHqAQLnvG13IkdCTIG2Xxn6peumQPvWhrOg1Xx3Q==" crossorigin="anonymous"></script>
<!--[if IE]> <!--[if IE]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style> <style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
<![endif]--> <![endif]-->