chalec
/
ctrlv-privatebin
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'Haocen-489,491,493,494'

This commit is contained in:
El RIDO 2019-08-25 17:30:20 +02:00
parent 121b1e75d2 271d4b680a
commit e242d87427
No known key found for this signature in database
GPG Key ID: 0F5C940A6BD81F92
6 changed files with 119 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -5,6 +5,8 @@
* CHANGED: Improved mobile UI - obscured send button and hard to click shortener button (#477) * CHANGED: Improved mobile UI - obscured send button and hard to click shortener button (#477)
* CHANGED: Enhanced URL shortener integration (#479) * CHANGED: Enhanced URL shortener integration (#479)
* CHANGED: Improved file upload drag & drop UI (#317) * CHANGED: Improved file upload drag & drop UI (#317)
* FIXED: Cloning related issues (#489, #491, #493, #494)
* FIXED: Enable file operation only when editing (#497)
* FIXED: Clicking 'New' on a previously submitted paste does not blank address bar (#354) * FIXED: Clicking 'New' on a previously submitted paste does not blank address bar (#354)
* FIXED: Clear address bar when create new paste from existing paste (#479) * FIXED: Clear address bar when create new paste from existing paste (#479)
* FIXED: Discussion section not hiding when new/clone paste is clicked on (#484) * FIXED: Discussion section not hiding when new/clone paste is clicked on (#484)

2
cfg/conf.sample.php
View File

@ -70,7 +70,7 @@ languageselection = false
; Check the documentation at https://content-security-policy.com/ ; Check the documentation at https://content-security-policy.com/
; Note: If you use a bootstrap theme, you can remove the allow-popups from the sandbox restrictions. ; Note: If you use a bootstrap theme, you can remove the allow-popups from the sandbox restrictions.
; By default this disallows to load images from third-party servers, e.g. when they are embedded in pastes. If you wish to allow that, you can adjust the policy here. See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-it-load-embedded-images for details. ; By default this disallows to load images from third-party servers, e.g. when they are embedded in pastes. If you wish to allow that, you can adjust the policy here. See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-it-load-embedded-images for details.
; cspheader = "default-src 'none'; manifest-src 'self'; connect-src *; script-src 'self' 'unsafe-eval'; style-src 'self'; font-src 'self'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals" ; cspheader = "default-src 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'unsafe-eval'; style-src 'self'; font-src 'self'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals"
; stay compatible with PrivateBin Alpha 0.19, less secure ; stay compatible with PrivateBin Alpha 0.19, less secure
; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of ; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of

119
js/privatebin.js
View File

@ -1852,10 +1852,6 @@ jQuery.PrivateBin = (function($, RawDeflate) {
Alert.showRemaining('FOR YOUR EYES ONLY. Don\'t close this window, this message can\'t be displayed again.'); Alert.showRemaining('FOR YOUR EYES ONLY. Don\'t close this window, this message can\'t be displayed again.');
$remainingTime.addClass('foryoureyesonly'); $remainingTime.addClass('foryoureyesonly');
// discourage cloning (it cannot really be prevented)
TopNav.hideCloneButton();
} else if (paste.getTimeToLive() > 0) { } else if (paste.getTimeToLive() > 0) {
// display paste expiration // display paste expiration
let expiration = Helper.secondsToHuman(paste.getTimeToLive()), let expiration = Helper.secondsToHuman(paste.getTimeToLive()),
@ -2149,6 +2145,18 @@ jQuery.PrivateBin = (function($, RawDeflate) {
return isPreview; return isPreview;
}; };
/**
* gets the visibility of the editor
*
* @name Editor.isHidden
* @function
* @return {bool}
*/
me.isHidden = function()
{
return $message.hasClass('hidden');
};
/** /**
* reset the Editor view * reset the Editor view
* *
@ -2598,6 +2606,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
$attachmentLink.removeAttr('download'); $attachmentLink.removeAttr('download');
$attachmentLink.off('click'); $attachmentLink.off('click');
$attachmentPreview.html(''); $attachmentPreview.html('');
$dragAndDropFileName.text('');
AttachmentViewer.removeAttachmentData(); AttachmentViewer.removeAttachmentData();
}; };
@ -2838,6 +2847,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
const handleDragEnterOrOver = function(event) { const handleDragEnterOrOver = function(event) {
event.stopPropagation(); event.stopPropagation();
event.preventDefault(); event.preventDefault();
return false;
}; };
const handleDrop = function(event) { const handleDrop = function(event) {
@ -2845,6 +2855,10 @@ jQuery.PrivateBin = (function($, RawDeflate) {
evt.stopPropagation(); evt.stopPropagation();
evt.preventDefault(); evt.preventDefault();
if (Editor.isHidden()) {
return false;
}
if ($fileInput) { if ($fileInput) {
const file = evt.dataTransfer.files[0]; const file = evt.dataTransfer.files[0];
//Clear the file input: //Clear the file input:
@ -2858,7 +2872,12 @@ jQuery.PrivateBin = (function($, RawDeflate) {
}; };
$(document).draghover().on({ $(document).draghover().on({
'draghoverstart': function() { 'draghoverstart': function(e) {
if (Editor.isHidden()) {
e.stopPropagation();
e.preventDefault();
return false;
}
// show dropzone to indicate drop support // show dropzone to indicate drop support
$dropzone.removeClass('hidden'); $dropzone.removeClass('hidden');
}, },
@ -2884,6 +2903,11 @@ jQuery.PrivateBin = (function($, RawDeflate) {
*/ */
function addClipboardEventHandler() { function addClipboardEventHandler() {
$(document).on('paste', function (event) { $(document).on('paste', function (event) {
if (Editor.isHidden()) {
event.stopPropagation();
event.preventDefault();
return false;
}
const items = (event.clipboardData || event.originalEvent.clipboardData).items; const items = (event.clipboardData || event.originalEvent.clipboardData).items;
for (let i = 0; i < items.length; ++i) { for (let i = 0; i < items.length; ++i) {
if (items[i].kind === 'file') { if (items[i].kind === 'file') {
@ -3306,7 +3330,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
} }
/** /**
* set the format on bootstrap templates in dropdown * set the format on bootstrap templates in dropdown from user interaction
* *
* @name TopNav.updateFormat * @name TopNav.updateFormat
* @private * @private
@ -3668,6 +3692,18 @@ jQuery.PrivateBin = (function($, RawDeflate) {
$customAttachment.removeClass('hidden'); $customAttachment.removeClass('hidden');
}; };
/**
* hides the custom attachment
*
* @name TopNav.hideCustomAttachment
* @function
*/
me.hideCustomAttachment = function()
{
$customAttachment.addClass('hidden');
$fileWrap.removeClass('hidden');
};
/** /**
* collapses the navigation bar, only if expanded * collapses the navigation bar, only if expanded
* *
@ -3798,6 +3834,17 @@ jQuery.PrivateBin = (function($, RawDeflate) {
}, 300); }, 300);
} }
/**
* set the format on bootstrap templates in dropdown programmatically
*
* @name TopNav.setFormat
* @function
*/
me.setFormat = function(format)
{
$formatter.parent().find(`a[data-format="${format}"]`).click();
}
/** /**
* init navigation manager * init navigation manager
* *
@ -4347,6 +4394,53 @@ jQuery.PrivateBin = (function($, RawDeflate) {
let attachment = AttachmentViewer.getAttachment(); let attachment = AttachmentViewer.getAttachment();
cipherMessage['attachment'] = attachment[0]; cipherMessage['attachment'] = attachment[0];
cipherMessage['attachment_name'] = attachment[1]; cipherMessage['attachment_name'] = attachment[1];
// we need to retrieve data from blob if browser already parsed it in memory
if (typeof attachment[0] === 'string' && attachment[0].startsWith('blob:')) {
Alert.showStatus(
[
'Retrieving cloned file \'%s\' from memory...',
attachment[1]
],
'copy'
);
try {
const blobData = await $.ajax({
type: 'GET',
url: `${attachment[0]}`,
processData: false,
timeout: 10000,
xhrFields: {
withCredentials: false,
responseType: 'blob'
}
});
if (blobData instanceof window.Blob) {
const fileReading = new Promise(function(resolve, reject) {
const fileReader = new FileReader();
fileReader.onload = function (event) {
resolve(event.target.result);
};
fileReader.onerror = function (error) {
reject(error);
}
fileReader.readAsDataURL(blobData);
});
cipherMessage['attachment'] = await fileReading;
} else {
Alert.showError(
I18n._('Cannot process attachment data.')
);
throw new TypeError('Cannot process attachment data.');
}
} catch (error) {
console.error(error);
Alert.showError(
I18n._('Cannot retrieve attachment.')
);
throw error;
}
}
} }
// encrypt message // encrypt message
@ -4587,6 +4681,11 @@ jQuery.PrivateBin = (function($, RawDeflate) {
.then(() => { .then(() => {
Alert.hideLoading(); Alert.hideLoading();
TopNav.showViewButtons(); TopNav.showViewButtons();
// discourage cloning (it cannot really be prevented)
if (paste.isBurnAfterReadingEnabled()) {
TopNav.hideCloneButton();
}
}) })
.catch((err) => { .catch((err) => {
// wait for the user to type in the password, // wait for the user to type in the password,
@ -4799,6 +4898,12 @@ jQuery.PrivateBin = (function($, RawDeflate) {
AttachmentViewer.removeAttachment(); AttachmentViewer.removeAttachment();
TopNav.showCreateButtons(); TopNav.showCreateButtons();
// newPaste could be called when user is on paste clone editing view
TopNav.hideCustomAttachment();
AttachmentViewer.clearDragAndDrop();
AttachmentViewer.removeAttachmentData();
Alert.hideLoading(); Alert.hideLoading();
history.pushState({type: 'create'}, document.title, Helper.baseUri()); history.pushState({type: 'create'}, document.title, Helper.baseUri());
@ -4914,6 +5019,8 @@ jQuery.PrivateBin = (function($, RawDeflate) {
} }
Editor.setText(PasteViewer.getText()); Editor.setText(PasteViewer.getText());
// also clone the format
TopNav.setFormat(PasteViewer.getFormat());
PasteViewer.hide(); PasteViewer.hide();
Editor.show(); Editor.show();

2
lib/Configuration.php
View File

@ -53,7 +53,7 @@ class Configuration
'urlshortener' => '', 'urlshortener' => '',
'qrcode' => true, 'qrcode' => true,
'icon' => 'identicon', 'icon' => 'identicon',
'cspheader' => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\' \'unsafe-eval\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals', 'cspheader' => 'default-src \'none\'; manifest-src \'self\'; connect-src * blob:; script-src \'self\' \'unsafe-eval\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals',
'zerobincompatibility' => false, 'zerobincompatibility' => false,
'httpwarning' => true, 'httpwarning' => true,
'compression' => 'zlib', 'compression' => 'zlib',

2
tpl/bootstrap.php
View File

@ -71,7 +71,7 @@ if ($MARKDOWN):
endif; endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.11.js" integrity="sha512-p7UyJuyBkhMcMgE4mDsgK0Lz70OvetLefua1oXs1OujWv9gOxh4xy8InFux7bZ4/DAZsTmO4rgVwZW9BHKaTaw==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/purify-1.0.11.js" integrity="sha512-p7UyJuyBkhMcMgE4mDsgK0Lz70OvetLefua1oXs1OujWv9gOxh4xy8InFux7bZ4/DAZsTmO4rgVwZW9BHKaTaw==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-7e8iVsPoWK4adbU+dn7fFBrnuzfoUx2gfvGh7VCLur9cwJWQ5Og4aZnU8sV6HmoLMvSUO0AO/zGvMtX2s3MVEA==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-sbttN5BzzD/cAqT1Edc2CEcDUYezir6lumxlxa5byimoxnlHv8IK7kRnb/9EEhMyItl0DZIQhylaKCbCknUhAw==" crossorigin="anonymous"></script>
<!--[if IE]> <!--[if IE]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style> <style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
<![endif]--> <![endif]-->

2
tpl/page.php
View File

@ -49,7 +49,7 @@ if ($MARKDOWN):
endif; endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.11.js" integrity="sha512-p7UyJuyBkhMcMgE4mDsgK0Lz70OvetLefua1oXs1OujWv9gOxh4xy8InFux7bZ4/DAZsTmO4rgVwZW9BHKaTaw==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/purify-1.0.11.js" integrity="sha512-p7UyJuyBkhMcMgE4mDsgK0Lz70OvetLefua1oXs1OujWv9gOxh4xy8InFux7bZ4/DAZsTmO4rgVwZW9BHKaTaw==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-7e8iVsPoWK4adbU+dn7fFBrnuzfoUx2gfvGh7VCLur9cwJWQ5Og4aZnU8sV6HmoLMvSUO0AO/zGvMtX2s3MVEA==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-sbttN5BzzD/cAqT1Edc2CEcDUYezir6lumxlxa5byimoxnlHv8IK7kRnb/9EEhMyItl0DZIQhylaKCbCknUhAw==" crossorigin="anonymous"></script>
<!--[if IE]> <!--[if IE]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style> <style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
<![endif]--> <![endif]-->