Commit Graph

287 Commits

Author SHA1 Message Date
Alexander Do 3f28f01b0e Switch from bind / unbind to on / off 2018-04-09 15:57:58 +00:00
Alexander Do 60cedd7fb5 Only create Blob for Download for IE upon click event 2018-04-09 04:44:37 +00:00
Alexander Do 2925fa8bfc Requested Changes, IE Download fix only 2018-04-08 22:36:55 +00:00
Alexander Do d3b8ef44ed Download Attachment changes. Support for Edge and change to Blob 2018-04-07 06:59:26 +00:00
rugk 0687448d0a
Fix some issues from ESLint 2018-02-21 22:51:31 +01:00
El RIDO ffae6111b0
handling further JSHint warnings and TODOs 2018-01-06 13:32:07 +01:00
El RIDO 98d07e0789
improving code quality issues reported by Codacy 2018-01-06 10:57:54 +01:00
El RIDO d92755f030
undoing code style regression 2018-01-06 09:58:19 +01:00
El RIDO 72acc95326
improving code quality issues suggested by JSHint 2018-01-06 09:26:10 +01:00
El RIDO 2db412873b
implementing ESlint suggestions 2018-01-06 07:17:33 +01:00
El RIDO 5e070db6a1
reverting escaping just for Markdown formatting, as discussed in #269 2018-01-03 21:18:33 +01:00
El RIDO a95701bba8
completing DiscussionViewer testing 2018-01-02 15:38:37 +01:00
El RIDO fcb4249e01
actually IDs are hexadecimal, not base64, so not a problem 2018-01-02 11:51:11 +01:00
El RIDO 95bf37be8f
implementing DiscussionViewer test, found an issue with slashes in the paste or comment IDs (as per Base64 encoding) 2018-01-02 11:44:54 +01:00
El RIDO 28f1f41c17
removing duplicate code and unused option 2018-01-02 11:42:03 +01:00
El RIDO 85401a1513
Merge branch 'master' into js-unit-testing 2018-01-02 09:37:46 +01:00
El RIDO 98a8591a27
naming JS libraries consistently 2018-01-02 08:01:39 +01:00
El RIDO 094a0c80db
Merge branch 'master' into qrcode 2018-01-02 07:56:16 +01:00
El RIDO bb54d46c7e
updating DOMPurify library, simplifying its use, ensuring HTML entities get escaped before formatting paste - regression introduced in #258, reported in #269 2018-01-01 10:25:07 +01:00
rugk 414ab0eb71
Add config and basic page template support
* load JS file asyncronously (just HTML5 async attribut)
* add basic support for page template, where it generates the code inside
  of a simple div at the top
* added option to turn off QR code support
2017-12-25 14:59:15 +01:00
El RIDO d80c2f83fa
making DiscussionViewer testable, removing some inconsistency 2017-12-18 14:47:17 +01:00
El RIDO 928215dc5e
splitting out PasteViewer, DiscussionViewer, AttachmentViewer tests 2017-12-18 14:25:08 +01:00
El RIDO 893d29a046
splitting out Alert, Editor, PasteStatus, Prompt, UiHelper tests 2017-12-15 07:20:51 +01:00
El RIDO be358a6804
splitting out Model tests 2017-12-14 07:31:09 +01:00
El RIDO 5b9ac67504
splitting out CryptTool tests 2017-12-14 07:23:38 +01:00
El RIDO 3fed63ce28
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00
El RIDO dfd906900b
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00
El RIDO 39860dfdc4
making AttachmentViewer testable and implementing tests 2017-12-03 14:29:07 +01:00
El RIDO dac86eb363
making AttachmentViewer testable 2017-11-28 06:38:10 +01:00
rugk 7bf5af761b
Add QR code generation when paste is created 2017-11-26 15:59:12 +01:00
El RIDO d9c6b634b9
remove dangling comma 2017-11-22 22:44:38 +01:00
El RIDO a0740ff79f
getting rid of htmlEntities (except for tests) and setElementText (dropping IE9 support), changing urls2links interface, all to avoid double encoding sanitized HTML 2017-11-22 22:27:38 +01:00
El RIDO d0cccce7a8
removing patterns that don't get sanitized, but also don't get interpreted when inserted into the HTML 2017-11-22 20:49:23 +01:00
rugk 56f4ee5c20
Revert "Try to move sanitisation & links into setElementText"
This reverts commit 8d2e19f791.
2017-11-22 16:48:54 +01:00
rugk 8d2e19f791
Try to move sanitisation & links into setElementText 2017-11-22 16:48:00 +01:00
rugk 3d2dbabaec
add some more tests from OWASP 2017-11-22 15:41:49 +01:00
El RIDO 9fa2ea3373
ensuring text is sanitized in all cases, before being injected into the DOM 2017-11-22 08:05:06 +01:00
El RIDO 2d00202b42
correcting the XSS test, commenting two failing patterns, to be reviewed by @rugk 2017-11-22 07:03:29 +01:00
El RIDO 233bd65b00
Merge branch 'master' into sanitizeMarkdown, changing test to use new library 2017-11-22 06:30:38 +01:00
El RIDO f2628a0bf3
added a test for #183, fails at this point, #258 should fix this 2017-11-22 06:15:09 +01:00
rugk bbec693cab
Allow DOMPurify as a global 2017-11-21 22:26:02 +01:00
rugk b6d7d56774
Sanitize HTML code
using DOMPurify v1.0.2
Fixes https://github.com/PrivateBin/PrivateBin/issues/183
2017-11-21 21:22:51 +01:00
El RIDO 35ea65b797
handling JSVerify RNG state 89fdc94018a35b672e 2017-11-21 10:56:58 +01:00
El RIDO c6ddee317d
adding tests for PasteViewer class 2017-11-21 10:53:33 +01:00
El RIDO 10ee37b35c
handling JSVerify RNG state 08a74d310cfb58269e 2017-11-20 09:43:35 +01:00
El RIDO af073c9ca1
adding tests for Editor class 2017-11-20 09:37:43 +01:00
El RIDO 5a2bb1993d
handling JSVerify RNG state 82fb7d20c918a6e543 2017-11-20 08:58:53 +01:00
El RIDO 360a0921e2
adding tests for Prompt class, typos 2017-11-20 08:49:25 +01:00
El RIDO 984941f901
adding test for hiding messages 2017-11-16 09:04:27 +01:00
El RIDO 9d1a9a0da7
fixing paste success message handling in page template 2017-11-16 08:57:08 +01:00