Commit Graph

1369 Commits

Author SHA1 Message Date
El RIDO dae11fdd16
Merge branch 'qrcode' 2018-01-02 08:43:42 +01:00
El RIDO 6ce0fe55f6
revert as per StyleCI: missed one 2018-01-02 08:41:45 +01:00
El RIDO f135dd2667
Hrmpf, StyleCI only allows the use of either tabs or spaces for PHP code, forcing me to revert the use of tabs in the templates 2018-01-02 08:31:12 +01:00
El RIDO ec3ed1e5ff
removing unused code and reducing size of HTML in case QR code is turned off 2018-01-02 08:23:11 +01:00
El RIDO 98a8591a27
naming JS libraries consistently 2018-01-02 08:01:39 +01:00
El RIDO fe54889b99
fixing failing unit test 2018-01-02 07:56:46 +01:00
El RIDO 094a0c80db
Merge branch 'master' into qrcode 2018-01-02 07:56:16 +01:00
El RIDO 76c14795ef
removing unnecessary repository from composer: We do not depend on ourselves 2018-01-02 07:30:51 +01:00
El RIDO daebd41af7
correcting syntax of npm install 2018-01-02 07:19:07 +01:00
El RIDO 63e5f5c101
improving npm installation performance 2018-01-02 07:14:58 +01:00
El RIDO 12c5e9db39
Maybe not needed anymore? See https://github.com/composer/composer/issues/4884#issuecomment-195229989 2018-01-02 06:49:56 +01:00
El RIDO bb54d46c7e
updating DOMPurify library, simplifying its use, ensuring HTML entities get escaped before formatting paste - regression introduced in #258, reported in #269 2018-01-01 10:25:07 +01:00
El RIDO 6093f0cc9c
enable travis CI caching, hoping to circumvent composer rate limiting 2018-01-01 09:31:48 +01:00
rugk 414ab0eb71
Add config and basic page template support
* load JS file asyncronously (just HTML5 async attribut)
* add basic support for page template, where it generates the code inside
  of a simple div at the top
* added option to turn off QR code support
2017-12-25 14:59:15 +01:00
El RIDO d80c2f83fa
making DiscussionViewer testable, removing some inconsistency 2017-12-18 14:47:17 +01:00
El RIDO 928215dc5e
splitting out PasteViewer, DiscussionViewer, AttachmentViewer tests 2017-12-18 14:25:08 +01:00
El RIDO 893d29a046
splitting out Alert, Editor, PasteStatus, Prompt, UiHelper tests 2017-12-15 07:20:51 +01:00
El RIDO be358a6804
splitting out Model tests 2017-12-14 07:31:09 +01:00
El RIDO 5b9ac67504
splitting out CryptTool tests 2017-12-14 07:23:38 +01:00
El RIDO 3fed63ce28
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00
El RIDO dfd906900b
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00
El RIDO 5582c05414
decrypting a particular message encrypted with v1.1.1 fails (#260) 2017-12-10 07:04:54 +01:00
El RIDO ee8ffdc51b
en- & decrypting the particular message works without issues 2017-12-10 07:02:32 +01:00
El RIDO 1f4e0092d9
add testing on php 7.2 2017-12-03 15:39:05 +01:00
El RIDO 39860dfdc4
making AttachmentViewer testable and implementing tests 2017-12-03 14:29:07 +01:00
El RIDO dac86eb363
making AttachmentViewer testable 2017-11-28 06:38:10 +01:00
rugk 7bf5af761b
Add QR code generation when paste is created 2017-11-26 15:59:12 +01:00
El RIDO 9f973edb7d
Merge branch 'sanitizeMarkdown' 2017-11-22 22:45:04 +01:00
El RIDO d9c6b634b9
remove dangling comma 2017-11-22 22:44:38 +01:00
El RIDO a0740ff79f
getting rid of htmlEntities (except for tests) and setElementText (dropping IE9 support), changing urls2links interface, all to avoid double encoding sanitized HTML 2017-11-22 22:27:38 +01:00
El RIDO d0cccce7a8
removing patterns that don't get sanitized, but also don't get interpreted when inserted into the HTML 2017-11-22 20:49:23 +01:00
rugk 56f4ee5c20
Revert "Try to move sanitisation & links into setElementText"
This reverts commit 8d2e19f791.
2017-11-22 16:48:54 +01:00
rugk 8d2e19f791
Try to move sanitisation & links into setElementText 2017-11-22 16:48:00 +01:00
rugk 3d2dbabaec
add some more tests from OWASP 2017-11-22 15:41:49 +01:00
El RIDO 9fa2ea3373
ensuring text is sanitized in all cases, before being injected into the DOM 2017-11-22 08:05:06 +01:00
El RIDO 2d00202b42
correcting the XSS test, commenting two failing patterns, to be reviewed by @rugk 2017-11-22 07:03:29 +01:00
El RIDO 233bd65b00
Merge branch 'master' into sanitizeMarkdown, changing test to use new library 2017-11-22 06:30:38 +01:00
El RIDO f2628a0bf3
added a test for #183, fails at this point, #258 should fix this 2017-11-22 06:15:09 +01:00
El RIDO e40da8b1a6
Merge branch 'js-unit-testing' 2017-11-22 05:33:24 +01:00
rugk bbec693cab
Allow DOMPurify as a global 2017-11-21 22:26:02 +01:00
rugk b6d7d56774
Sanitize HTML code
using DOMPurify v1.0.2
Fixes https://github.com/PrivateBin/PrivateBin/issues/183
2017-11-21 21:22:51 +01:00
rugk bccb349226
adjust .gitignore to use new config file name 2017-11-21 20:02:22 +01:00
El RIDO 35ea65b797
handling JSVerify RNG state 89fdc94018a35b672e 2017-11-21 10:56:58 +01:00
El RIDO c6ddee317d
adding tests for PasteViewer class 2017-11-21 10:53:33 +01:00
El RIDO 10ee37b35c
handling JSVerify RNG state 08a74d310cfb58269e 2017-11-20 09:43:35 +01:00
El RIDO af073c9ca1
adding tests for Editor class 2017-11-20 09:37:43 +01:00
El RIDO 5a2bb1993d
handling JSVerify RNG state 82fb7d20c918a6e543 2017-11-20 08:58:53 +01:00
El RIDO 360a0921e2
adding tests for Prompt class, typos 2017-11-20 08:49:25 +01:00
El RIDO 984941f901
adding test for hiding messages 2017-11-16 09:04:27 +01:00
El RIDO 9d1a9a0da7
fixing paste success message handling in page template 2017-11-16 08:57:08 +01:00