Commit Graph

232 Commits

Author SHA1 Message Date
El RIDO a0740ff79f
getting rid of htmlEntities (except for tests) and setElementText (dropping IE9 support), changing urls2links interface, all to avoid double encoding sanitized HTML 2017-11-22 22:27:38 +01:00
rugk 56f4ee5c20
Revert "Try to move sanitisation & links into setElementText"
This reverts commit 8d2e19f791.
2017-11-22 16:48:54 +01:00
rugk 8d2e19f791
Try to move sanitisation & links into setElementText 2017-11-22 16:48:00 +01:00
El RIDO 9fa2ea3373
ensuring text is sanitized in all cases, before being injected into the DOM 2017-11-22 08:05:06 +01:00
El RIDO 2d00202b42
correcting the XSS test, commenting two failing patterns, to be reviewed by @rugk 2017-11-22 07:03:29 +01:00
El RIDO 233bd65b00
Merge branch 'master' into sanitizeMarkdown, changing test to use new library 2017-11-22 06:30:38 +01:00
rugk bbec693cab
Allow DOMPurify as a global 2017-11-21 22:26:02 +01:00
rugk b6d7d56774
Sanitize HTML code
using DOMPurify v1.0.2
Fixes https://github.com/PrivateBin/PrivateBin/issues/183
2017-11-21 21:22:51 +01:00
El RIDO c6ddee317d
adding tests for PasteViewer class 2017-11-21 10:53:33 +01:00
El RIDO 360a0921e2
adding tests for Prompt class, typos 2017-11-20 08:49:25 +01:00
El RIDO 9d1a9a0da7
fixing paste success message handling in page template 2017-11-16 08:57:08 +01:00
El RIDO 73bc685178
fixing error message display revealed by testing remaining time display function 2017-11-14 06:52:12 +01:00
El RIDO 6c8f57f91f
making PasteStatus testable, adding test for paste creation notification 2017-11-13 21:57:49 +01:00
El RIDO 29419d03cd
avoid logs polluting the unit test output 2017-10-30 07:04:59 +01:00
El RIDO 9c6aec86c4
making Alert class resetable and adding first tests for it 2017-10-23 21:33:07 +02:00
El RIDO 4410ddcd84
adding tests for UiHelper.reloadHome, making UiHelper unit testable and handling JSVerify RNG states 846932d5afb10ce748 & 012c1f9483adb6e750 2017-10-22 13:39:23 +02:00
El RIDO 414693fa90
testing both cases of the logic required for #167 2017-10-22 10:39:18 +02:00
El RIDO 6dbb098d7a
had to introduce a mock function to test the historyChange state 2017-10-22 09:56:44 +02:00
El RIDO 6fa2bfe30e
updated documentation, incremented version 2017-10-08 16:40:51 +02:00
thororm 28b8f878dc Fixed decryption of pastes without attachment, that have a password 2017-08-12 13:26:43 +02:00
thororm b5c259dd72 Code review 2017-05-20 16:11:32 +02:00
thororm 39717707b3 Code review 2017-05-20 16:04:10 +02:00
thororm 2c17c35b85 Code review results and further improvements
Added english default for new translations
2017-05-15 22:05:52 +02:00
thororm 24aea957b3 Added possibility to paste an image from the clipboard 2017-05-13 21:43:32 +02:00
thororm 838ca3d38e Call removeAttachment on a new paste
Improved disabled attachments handling
2017-05-13 21:27:41 +02:00
thororm 23f5dfbff8 Merge remote-tracking branch 'remotes/thororm/master' into attachment-handling
# Conflicts:
#	tpl/bootstrap.php
#	tpl/page.php
2017-05-13 19:48:25 +02:00
thororm b9075d7708 Removed attachmentHelpers and moved functionality to AttachmentViewer 2017-05-13 19:46:22 +02:00
rugk 9b6748c54d
Adjust requested changes 2017-04-13 10:46:09 +02:00
rugk 073b52ce96
Pass on event
Thus the receiving function also had to be adjusted, so the right data is passed on.
2017-04-11 22:36:25 +02:00
rugk d53207e404
Add password retry feature 2017-04-11 22:21:30 +02:00
rugk 183ebe518b
Force JSON request for getting paste data 2017-04-11 16:34:13 +02:00
thororm 1a1369ff53 scrutinizer issues 2017-04-02 19:11:49 +02:00
thororm ec9fb750b4 Adapted attachment handling to refactoring 2017-04-02 18:58:11 +02:00
El RIDO 37f5d99bc4
finalizing tests for I18n class, AJAX loading of translations needs to be tested in browser, mocked for now 2017-03-26 09:24:42 +02:00
El RIDO 6fb3fe51b2
Merge branch 'master' into js-unit-testing 2017-03-26 06:46:42 +02:00
El RIDO cd40717301
fixing #209, refactoring regression when file upload is disabled 2017-03-25 18:44:20 +01:00
El RIDO 2a19b42b15
making I18n class testable, adding minimal test 2017-03-25 09:41:24 +01:00
El RIDO 9d2e282772
removing unused function 2017-03-25 09:17:04 +01:00
El RIDO 57ebc7338d
Merge branch 'master' into js-unit-testing 2017-03-25 09:06:04 +01:00
El RIDO bbcc3e167b
implementing recommendations of scrutinizer 2017-03-25 00:58:59 +01:00
El RIDO 0fb650c3a6
comply with codacys suggestion 2017-03-13 21:15:52 +01:00
El RIDO b5cdfff3e3
fix missing comment status messages - ♫ lovely span, oh wonderful span ♪ (chorus) span, span, span, span, … 2017-03-13 21:11:26 +01:00
El RIDO 5bf25f227e
update JSDoc and re-published to https://privatebin.info/jsdoc/ 2017-03-13 20:24:18 +01:00
El RIDO ee43557a4f
ensure burn after reading and status messages are only changed after a successfull decryption 2017-03-13 19:30:44 +01:00
El RIDO 9deaed9406
working on asynch translation handling 2017-03-12 17:08:12 +01:00
El RIDO 1649ff34f5
restoring password protection 2017-03-12 16:06:17 +01:00
El RIDO 81b00dd422
fixing page template, removing error messages when markdown or source are disabled in configuration, re-removing unnecessary spans 2017-03-12 14:16:08 +01:00
El RIDO b6d8d0f250
found problem with unit test of baseUri function, makes code much simpler 2017-03-06 19:48:07 +01:00
El RIDO fb99d5bb93
Merge branch 'master' into jsrefactor and fixing baseUri unit test 2017-03-05 12:11:55 +01:00
El RIDO 23b09d601d
credited Tulio for the portuguese translation, updated SRI hashes 2017-03-05 11:02:18 +01:00
El RIDO 131e08ca33
made phpUnit and most mocha tests work again, had to remove some injected objects and added a helper method to facilitate a cache reset for the unit tests. Page template is still broken and the JS test for baseUri() fails 2017-02-25 09:35:55 +01:00
rugk 601aa5e3dc
🐛 Fix typo 2017-02-17 22:59:16 +01:00
rugk c033775779
Cleanup 2017-02-17 22:46:18 +01:00
rugk 52d1be1b54
Fix https://github.com/PrivateBin/PrivateBin/issues/187 2017-02-17 22:26:39 +01:00
rugk b0876ea0e0
🐛 Fix error not appearing below comment 2017-02-17 21:48:21 +01:00
rugk da094e2853
make it work(6): discussion/comments 2017-02-17 20:46:10 +01:00
Túlio Leão e59b58308d Add Portuguese Translation file
Support Portugues translation for PrivateBin by adding its corresponding
file.
2017-02-16 00:57:01 -02:00
rugk 7be5206920
makeit work(5): pase cloning & raw button 2017-02-15 22:59:55 +01:00
rugk a652ab5896
make it work(4): display encrypted pastes
also improved file uploader, better structured
2017-02-14 22:21:55 +01:00
rugk 31e66131b7
make it work(3): allow paste submission 2017-02-13 21:12:00 +01:00
rugk f33d702f3d
make it work(2): buttons & preview working 2017-02-13 11:35:04 +01:00
rugk 8a07a0b157
make it work(1): paste input can be shown 2017-02-12 21:13:04 +01:00
rugk dd6e426da7
first round of refactoring
split into modules, moved code around
need to make it work
2017-02-12 18:08:08 +01:00
El RIDO eedb05111a
added test for getCookie function, documenting its limitation of not finding cookies with empty identifier 2017-02-12 17:11:21 +01:00
El RIDO b9c05b06d0
added test for sprintf function, removing dead code and optimizing test cases 2017-02-11 19:34:51 +01:00
El RIDO b00bcd1352
added test for urls2links function, fixing bug - asterisk is allowed in URLs query string 2017-02-11 16:02:24 +01:00
El RIDO b992bcc732
added test for setMessage function, fixing bug for elements with only one child 2017-02-11 10:43:00 +01:00
rugk 52f1fb143e
Revert "JS: tried namespaces"
This reverts commit e84cfc58a1.
2017-02-08 20:12:22 +01:00
rugk e84cfc58a1
JS: tried namespaces 2017-02-08 20:11:04 +01:00
rugk b01a28d580
remove some more this, slightly change comments 2017-02-08 14:15:58 +01:00
rugk 4e86da8f72
Remove proxy
Also I kept care to (fix?) the focus of the password input. It only works in an
anonymous function for some reason.
2017-02-08 13:54:37 +01:00
rugk 2ebcf60516
Use revealing module pattern
ala http://www.adequatelygood.com/JavaScript-Module-Pattern-In-Depth.html

Also made the loadTranslations a bit more robust with more error messaged being logged.
2017-02-08 13:20:51 +01:00
rugk 5130d9e2f3
New state for "only new button"
Used when the message cannot be decrypted.
Fixes https://github.com/PrivateBin/PrivateBin/issues/126
2017-02-06 22:39:45 +01:00
rugk 5ad02a3d1c
Use original reload function for manual paste open link
This fixes the issue where clicking on the link took you to the home page.
I seriously missed that this.reloadPage does not do the thing I thought it does,
so I updated the doc to make it clear and switched back to the correct function.

Basically reverts 86cd5e1c15
2017-02-06 20:39:52 +01:00
rugk e483d60eed
Merge branch 'historyupdate'
Conflicts:
	tpl/bootstrap.php
	tpl/page.php

And update SRI.

@elrido also did not properly merge this branch. Doing it now…
2017-02-06 20:25:35 +01:00
El RIDO 4cb0374e11
readding accidentally removed line of #173 2017-02-06 20:16:03 +01:00
El RIDO 2ca2309fc4
Merge branch 'patch-1' of https://github.com/r4sas/PrivateBin into r4sas-patch-1 2017-02-06 19:55:07 +01:00
rugk 86cd5e1c15
Use existing reload function 2017-02-05 22:35:44 +01:00
rugk edb546de54
Add loading indicator
Fixes https://github.com/PrivateBin/PrivateBin/issues/172
2017-02-05 22:09:46 +01:00
rugk 5c603d0978
Improve comment 2017-02-05 21:35:28 +01:00
rugk c96dd0836b
Make link clickable again
We need to emulate the click and manually trigger a reload if the hash is
already shown in the URL.
2017-02-05 21:22:09 +01:00
El RIDO 366b61c32d
adding document title in new history state 2017-02-05 18:53:57 +01:00
El RIDO 67f71f4dd6
writing tests for pageKey function, fixing always added padding bug 2017-02-05 18:03:42 +01:00
El RIDO 80f7baa604
writing test for scriptLocation function, fixing non-removed query separator bug 2017-02-05 16:45:11 +01:00
El RIDO 5442af6e20
slight JS refactoring 2017-02-05 14:47:03 +01:00
rugk ca51a80803
Update the history when a paste is created
Fixes https://github.com/PrivateBin/PrivateBin/issues/167
2017-02-01 19:24:56 +01:00
El RIDO 4bbfd5045e
ensure that JS is *really* only initialized after the DOM is fully loaded, resolves #166 2017-01-30 20:29:04 +01:00
El RIDO 368aa2305b
removing unused pieces of code (legacy?), resolves #165 2017-01-29 16:19:12 +01:00
El RIDO f1df27f46c
allowing for parameter strings starting with & 2017-01-29 15:09:57 +01:00
El RIDO cae5a71151
fix missing class renaming 2017-01-29 14:48:56 +01:00
El RIDO d678f5dada
fixing inconsistency found in unit test 2017-01-29 14:32:55 +01:00
El RIDO 8029c2819f
implementing JS module pattern to expose functions for unit testing 2017-01-22 10:42:11 +01:00
El RIDO 5f09264625
fixing documentation inconsitencies found by Scrutinizer CI 2017-01-14 16:13:22 +01:00
El RIDO db2778c64f
introduced JSDoc: changes for JSDoc compatibility and resolving inconsistencies in documentation, both semantic and in the logic 2017-01-14 15:29:12 +01:00
El RIDO a7de0e095b
added supported language, updated credits and changelog 2017-01-10 20:37:14 +01:00
El RIDO f79c00378b
Choosing correct Occitan plural formula, added unit tests for Occitan and Chinese, corrected casing of languages in unit test 2017-01-08 07:56:56 +01:00
rugk 20fea819cb
Update SRI hashes 2017-01-07 20:35:47 +01:00
Quent-in 427facc456 oc added to supported languages
in order to show occitan translations
2017-01-07 15:48:42 +01:00
El RIDO 4a036aea80
updated SRI hashes, added missing formula for slowene plurals and unit test for it, updated credits and changelog 2017-01-01 14:35:39 +01:00
Alfredo Fabián Altamirano Tena 910c3b3f9d Add Spanish to supported languages 2016-12-30 20:40:23 -06:00
El RIDO 1426d4e371
tagging 1.1 release and updating documentation 2016-12-26 12:13:50 +01:00
El RIDO 1badd5e542
applying HTML entity cleanup to raw paste, too, fixing #137 2016-12-25 13:04:06 +01:00
El RIDO ecd8a51137
writing a unit test for #145 lead to the discovery of two errors in the polish translations: error in formula and missing number placeholders in the translation strings 2016-12-25 11:37:45 +01:00
r4sas aacfe8e5fa added a forgotten option 'ru' in supportedLanguages section 2016-12-19 17:26:04 +03:00
atnaguzin 2847bbc45d added ru plural formula, updated template for edited privatebin.js 2016-12-16 12:21:15 +03:00
rugk 58bd603c7c
Use nice condensed table with border
and alos clean the prettyMessage even without showdown
2016-12-13 23:30:28 +01:00
rugk f755a99ab8
Add table class to parsed Markdown
Fixes https://github.com/PrivateBin/PrivateBin/issues/140
2016-12-12 17:37:51 +01:00
El RIDO 3f2de319f3
should use typesafe comparison in JS and adding forgotten modal dialog in bootstrap-dark-page 2016-11-13 18:22:37 +01:00
El RIDO 3f8d6a592b
refactored modal dialog logic, added the new message IDs to all translation files and added the modal dialog to all bootstrap based templates (page gets the old JS input as a fallback) 2016-11-13 18:12:10 +01:00
Alexander Demenshin 2c8a780c74 Removed unreachable code 2016-11-12 18:30:42 +01:00
Alexander Demenshin c916f33a83 More js for modal password request 2016-11-11 18:46:44 +01:00
Alexander Demenshin 09fa46a651 Added relevant js to modal password form 2016-11-11 18:39:38 +01:00
stefanomarty af824bbcd6 Update privatebin.js
Added 'it' supported language.
2016-10-23 11:28:04 +02:00
El RIDO e925833090 bumping version number to 1.0 2016-08-25 09:53:31 +02:00
El RIDO 47646e056b fixing urlshortening regression caused by CSP introduction, resolves #10 2016-08-18 15:09:58 +02:00
El RIDO f957a1868f push state to history when displaying raw text to allow use of back button, fixes #7 2016-08-16 09:51:36 +02:00
El RIDO 87926ce157 reactivated second error message for comments between textarea and button, fixes #62 2016-08-15 15:38:21 +02:00
El RIDO a0c6222fec Ensuring markdown docs use the unformatted text for raw text and clone, fixes #63 2016-08-15 15:04:12 +02:00
El RIDO 4fa2f7cd22 Initialize state of checkboxes on page load, resolves #79 2016-08-15 14:25:52 +02:00
El RIDO 6144e73405 update preview if format is changed, resolves #60 2016-08-11 11:40:37 +02:00
El RIDO 5ec20c1bc2 making burn-after-reading and discussion mutually exclusive options to improve UI, resolves #11 2016-08-11 11:31:34 +02:00
El RIDO addb666a23 introducing CSP header to mitigate XSS attacks, closes #10 2016-08-09 14:46:32 +02:00
El RIDO a28aebae7d make key size and authentication tag size explicit instead of trusting on defaults 2016-08-09 13:16:15 +02:00
El RIDO 97ed1a5cf4 found a better JS html entity escape function and use it to fix regression introduced by the preview feature, resolves #43 2016-07-19 16:12:11 +02:00
El RIDO 002046cc62 some minor cleanups 2016-07-19 14:44:17 +02:00
rugk bbad92a161 Minor JS code improvments 2016-07-19 14:13:52 +02:00
rugk 38ab755733 Replace HTTP links with HTTPS
Using this regexp: https://regex101.com/r/rZ2dE2/1
2016-07-19 13:56:52 +02:00
El RIDO 615777ffd9 clarifying some code 2016-07-11 16:09:38 +02:00
El RIDO df5150c7f2 found another 2016-07-11 15:55:23 +02:00
El RIDO 90a26d8fcb removing some code smells, found in the various code checker tools 2016-07-11 15:47:42 +02:00
El RIDO 3b3b5277eb refactoring to improve code quality 2016-07-11 14:15:20 +02:00
El RIDO 79509ad48a renaming the fork to PrivateBin 2016-07-11 11:58:15 +02:00
Renamed from js/zerobin.js (Browse further)