Commit Graph

540 Commits

Author SHA1 Message Date
El RIDO 28f1f41c17
removing duplicate code and unused option 2018-01-02 11:42:03 +01:00
El RIDO 85401a1513
Merge branch 'master' into js-unit-testing 2018-01-02 09:37:46 +01:00
El RIDO 98a8591a27
naming JS libraries consistently 2018-01-02 08:01:39 +01:00
El RIDO 094a0c80db
Merge branch 'master' into qrcode 2018-01-02 07:56:16 +01:00
El RIDO bb54d46c7e
updating DOMPurify library, simplifying its use, ensuring HTML entities get escaped before formatting paste - regression introduced in #258, reported in #269 2018-01-01 10:25:07 +01:00
rugk 414ab0eb71
Add config and basic page template support
* load JS file asyncronously (just HTML5 async attribut)
* add basic support for page template, where it generates the code inside
  of a simple div at the top
* added option to turn off QR code support
2017-12-25 14:59:15 +01:00
El RIDO d80c2f83fa
making DiscussionViewer testable, removing some inconsistency 2017-12-18 14:47:17 +01:00
El RIDO 928215dc5e
splitting out PasteViewer, DiscussionViewer, AttachmentViewer tests 2017-12-18 14:25:08 +01:00
El RIDO 893d29a046
splitting out Alert, Editor, PasteStatus, Prompt, UiHelper tests 2017-12-15 07:20:51 +01:00
El RIDO be358a6804
splitting out Model tests 2017-12-14 07:31:09 +01:00
El RIDO 5b9ac67504
splitting out CryptTool tests 2017-12-14 07:23:38 +01:00
El RIDO 3fed63ce28
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00
El RIDO dfd906900b
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00
El RIDO 5582c05414
decrypting a particular message encrypted with v1.1.1 fails (#260) 2017-12-10 07:04:54 +01:00
El RIDO ee8ffdc51b
en- & decrypting the particular message works without issues 2017-12-10 07:02:32 +01:00
El RIDO 39860dfdc4
making AttachmentViewer testable and implementing tests 2017-12-03 14:29:07 +01:00
El RIDO dac86eb363
making AttachmentViewer testable 2017-11-28 06:38:10 +01:00
rugk 7bf5af761b
Add QR code generation when paste is created 2017-11-26 15:59:12 +01:00
El RIDO d9c6b634b9
remove dangling comma 2017-11-22 22:44:38 +01:00
El RIDO a0740ff79f
getting rid of htmlEntities (except for tests) and setElementText (dropping IE9 support), changing urls2links interface, all to avoid double encoding sanitized HTML 2017-11-22 22:27:38 +01:00
El RIDO d0cccce7a8
removing patterns that don't get sanitized, but also don't get interpreted when inserted into the HTML 2017-11-22 20:49:23 +01:00
rugk 56f4ee5c20
Revert "Try to move sanitisation & links into setElementText"
This reverts commit 8d2e19f791.
2017-11-22 16:48:54 +01:00
rugk 8d2e19f791
Try to move sanitisation & links into setElementText 2017-11-22 16:48:00 +01:00
rugk 3d2dbabaec
add some more tests from OWASP 2017-11-22 15:41:49 +01:00
El RIDO 9fa2ea3373
ensuring text is sanitized in all cases, before being injected into the DOM 2017-11-22 08:05:06 +01:00
El RIDO 2d00202b42
correcting the XSS test, commenting two failing patterns, to be reviewed by @rugk 2017-11-22 07:03:29 +01:00
El RIDO 233bd65b00
Merge branch 'master' into sanitizeMarkdown, changing test to use new library 2017-11-22 06:30:38 +01:00
El RIDO f2628a0bf3
added a test for #183, fails at this point, #258 should fix this 2017-11-22 06:15:09 +01:00
rugk bbec693cab
Allow DOMPurify as a global 2017-11-21 22:26:02 +01:00
rugk b6d7d56774
Sanitize HTML code
using DOMPurify v1.0.2
Fixes https://github.com/PrivateBin/PrivateBin/issues/183
2017-11-21 21:22:51 +01:00
El RIDO 35ea65b797
handling JSVerify RNG state 89fdc94018a35b672e 2017-11-21 10:56:58 +01:00
El RIDO c6ddee317d
adding tests for PasteViewer class 2017-11-21 10:53:33 +01:00
El RIDO 10ee37b35c
handling JSVerify RNG state 08a74d310cfb58269e 2017-11-20 09:43:35 +01:00
El RIDO af073c9ca1
adding tests for Editor class 2017-11-20 09:37:43 +01:00
El RIDO 5a2bb1993d
handling JSVerify RNG state 82fb7d20c918a6e543 2017-11-20 08:58:53 +01:00
El RIDO 360a0921e2
adding tests for Prompt class, typos 2017-11-20 08:49:25 +01:00
El RIDO 984941f901
adding test for hiding messages 2017-11-16 09:04:27 +01:00
El RIDO 9d1a9a0da7
fixing paste success message handling in page template 2017-11-16 08:57:08 +01:00
El RIDO b1e1878861
fully testing remaining time display function 2017-11-16 08:50:38 +01:00
El RIDO 73bc685178
fixing error message display revealed by testing remaining time display function 2017-11-14 06:52:12 +01:00
El RIDO 0cfb019615
handling JSVerify RNG state 0b2b38c4ef690d1a57 2017-11-13 22:00:26 +01:00
El RIDO 6c8f57f91f
making PasteStatus testable, adding test for paste creation notification 2017-11-13 21:57:49 +01:00
El RIDO e51aa7c80f
increasing coverage (by three lines) 2017-11-13 20:44:11 +01:00
El RIDO 9af4a4e2f5
handling JSVerify RNG states 08a8fd9e23076415bc & 8623a0cde74fb19568 2017-11-04 09:02:05 +01:00
El RIDO 01a6c0142a
adding test for alert handler 2017-11-04 08:59:31 +01:00
El RIDO c6e0f2d223
adding test for hiding messages 2017-11-04 07:44:42 +01:00
El RIDO 1fd13981d4
adding test for hiding loading indicator 2017-11-04 07:40:26 +01:00
El RIDO 29419d03cd
avoid logs polluting the unit test output 2017-10-30 07:04:59 +01:00
El RIDO 751731414e
adding test for loading indicator 2017-10-30 06:53:15 +01:00
El RIDO 9c6aec86c4
making Alert class resetable and adding first tests for it 2017-10-23 21:33:07 +02:00
El RIDO d75cea856a
concluding UiHelper tests that are possible in headless jsdom at this time 2017-10-23 05:34:55 +02:00
El RIDO ef6b6816b0
implemented test, but again not supported yet by jsdom 2017-10-22 16:26:41 +02:00
El RIDO 4410ddcd84
adding tests for UiHelper.reloadHome, making UiHelper unit testable and handling JSVerify RNG states 846932d5afb10ce748 & 012c1f9483adb6e750 2017-10-22 13:39:23 +02:00
El RIDO cbcc26ec37
fixing false positive with RNG state 0bc96fe3b8d170254a 2017-10-22 10:55:28 +02:00
El RIDO 4cb21350a0
TravisCI can be a bit slow (locally this test takes 386ms) 2017-10-22 10:45:41 +02:00
El RIDO 414693fa90
testing both cases of the logic required for #167 2017-10-22 10:39:18 +02:00
El RIDO 6dbb098d7a
had to introduce a mock function to test the historyChange state 2017-10-22 09:56:44 +02:00
El RIDO 379571d522
Merge branch 'master' into js-unit-testing 2017-10-22 08:10:49 +02:00
El RIDO 81ac232710
increasing timeouts for travisCI, that seems to have gotten slower 2017-10-08 17:29:07 +02:00
El RIDO 6fa2bfe30e
updated documentation, incremented version 2017-10-08 16:40:51 +02:00
El RIDO ba0ff3545d
started work on UiHelper tests 2017-09-13 07:23:56 +02:00
thororm 08972e4da3 Merge branch 'master' into attachment-handling 2017-08-12 13:29:51 +02:00
thororm 28b8f878dc Fixed decryption of pastes without attachment, that have a password 2017-08-12 13:26:43 +02:00
El RIDO f31a99b1c0
added tests for getCipherData(), hasCipherData() & getTemplate() 2017-05-26 21:52:00 +02:00
El RIDO fcfb02c2b7
added tests for getFormatterDefault(), fixing bug in compact design 2017-05-26 20:55:45 +02:00
El RIDO 9f01ccc80e
added tests for getExpirationDefault() 2017-05-22 22:15:13 +02:00
thororm b5c259dd72 Code review 2017-05-20 16:11:32 +02:00
thororm 39717707b3 Code review 2017-05-20 16:04:10 +02:00
thororm 2c17c35b85 Code review results and further improvements
Added english default for new translations
2017-05-15 22:05:52 +02:00
thororm 24aea957b3 Added possibility to paste an image from the clipboard 2017-05-13 21:43:32 +02:00
thororm 838ca3d38e Call removeAttachment on a new paste
Improved disabled attachments handling
2017-05-13 21:27:41 +02:00
thororm 23f5dfbff8 Merge remote-tracking branch 'remotes/thororm/master' into attachment-handling
# Conflicts:
#	tpl/bootstrap.php
#	tpl/page.php
2017-05-13 19:48:25 +02:00
thororm b9075d7708 Removed attachmentHelpers and moved functionality to AttachmentViewer 2017-05-13 19:46:22 +02:00
rugk 9b6748c54d
Adjust requested changes 2017-04-13 10:46:09 +02:00
rugk 073b52ce96
Pass on event
Thus the receiving function also had to be adjusted, so the right data is passed on.
2017-04-11 22:36:25 +02:00
rugk d53207e404
Add password retry feature 2017-04-11 22:21:30 +02:00
rugk 183ebe518b
Force JSON request for getting paste data 2017-04-11 16:34:13 +02:00
El RIDO 41701bbfe4
trying to fix unit test execution in Travis 2017-04-05 06:55:20 +02:00
El RIDO 8f6c1ee079
added a check for the ZeroBin paste format (uses Base64.js v1.7) 2017-04-05 06:46:21 +02:00
El RIDO 2d4c75be85
added tests for entropy checks and key generation, added base64 experiment, showing we could replace Base64.js v2.1.9 with other options, but still need to find a way to handle v1.7 format and UTF16 to UTF8 conversion (btou / utob functions) 2017-04-04 07:43:41 +02:00
thororm 1a1369ff53 scrutinizer issues 2017-04-02 19:11:49 +02:00
thororm ec9fb750b4 Adapted attachment handling to refactoring 2017-04-02 18:58:11 +02:00
El RIDO 3cf005c8ae
added test with hardcoded v1 pastes to ensure decryption of the original paste format still works, even when the format is changed in the future 2017-03-26 16:16:15 +02:00
El RIDO cdb62b44c7
basic tests for CryptTool classes encryption and compression functions 2017-03-26 11:34:19 +02:00
El RIDO 37f5d99bc4
finalizing tests for I18n class, AJAX loading of translations needs to be tested in browser, mocked for now 2017-03-26 09:24:42 +02:00
El RIDO e1ea14627f
handling JSVerify RNG state 88caf85079d32e416b 2017-03-26 06:47:57 +02:00
El RIDO 6fb3fe51b2
Merge branch 'master' into js-unit-testing 2017-03-26 06:46:42 +02:00
El RIDO cd40717301
fixing #209, refactoring regression when file upload is disabled 2017-03-25 18:44:20 +01:00
El RIDO 145cfccfcb
corrections for rngState 82b19a3e7604cf825d 2017-03-25 10:47:12 +01:00
El RIDO e15e86ac3f
improving coverage of existing tests 2017-03-25 10:18:28 +01:00
El RIDO 2a19b42b15
making I18n class testable, adding minimal test 2017-03-25 09:41:24 +01:00
El RIDO 9d2e282772
removing unused function 2017-03-25 09:17:04 +01:00
El RIDO 57ebc7338d
Merge branch 'master' into js-unit-testing 2017-03-25 09:06:04 +01:00
El RIDO bbcc3e167b
implementing recommendations of scrutinizer 2017-03-25 00:58:59 +01:00
El RIDO 0fb650c3a6
comply with codacys suggestion 2017-03-13 21:15:52 +01:00
El RIDO b5cdfff3e3
fix missing comment status messages - ♫ lovely span, oh wonderful span ♪ (chorus) span, span, span, span, … 2017-03-13 21:11:26 +01:00
El RIDO 5bf25f227e
update JSDoc and re-published to https://privatebin.info/jsdoc/ 2017-03-13 20:24:18 +01:00
El RIDO ee43557a4f
ensure burn after reading and status messages are only changed after a successfull decryption 2017-03-13 19:30:44 +01:00
El RIDO 9deaed9406
working on asynch translation handling 2017-03-12 17:08:12 +01:00
El RIDO 1649ff34f5
restoring password protection 2017-03-12 16:06:17 +01:00
El RIDO 81b00dd422
fixing page template, removing error messages when markdown or source are disabled in configuration, re-removing unnecessary spans 2017-03-12 14:16:08 +01:00
El RIDO b6d8d0f250
found problem with unit test of baseUri function, makes code much simpler 2017-03-06 19:48:07 +01:00
El RIDO fb99d5bb93
Merge branch 'master' into jsrefactor and fixing baseUri unit test 2017-03-05 12:11:55 +01:00
El RIDO 23b09d601d
credited Tulio for the portuguese translation, updated SRI hashes 2017-03-05 11:02:18 +01:00
El RIDO 131e08ca33
made phpUnit and most mocha tests work again, had to remove some injected objects and added a helper method to facilitate a cache reset for the unit tests. Page template is still broken and the JS test for baseUri() fails 2017-02-25 09:35:55 +01:00
rugk 601aa5e3dc
🐛 Fix typo 2017-02-17 22:59:16 +01:00
rugk c033775779
Cleanup 2017-02-17 22:46:18 +01:00
rugk 52d1be1b54
Fix https://github.com/PrivateBin/PrivateBin/issues/187 2017-02-17 22:26:39 +01:00
rugk b0876ea0e0
🐛 Fix error not appearing below comment 2017-02-17 21:48:21 +01:00
rugk da094e2853
make it work(6): discussion/comments 2017-02-17 20:46:10 +01:00
Túlio Leão e59b58308d Add Portuguese Translation file
Support Portugues translation for PrivateBin by adding its corresponding
file.
2017-02-16 00:57:01 -02:00
rugk 7be5206920
makeit work(5): pase cloning & raw button 2017-02-15 22:59:55 +01:00
rugk a652ab5896
make it work(4): display encrypted pastes
also improved file uploader, better structured
2017-02-14 22:21:55 +01:00
rugk 31e66131b7
make it work(3): allow paste submission 2017-02-13 21:12:00 +01:00
rugk f33d702f3d
make it work(2): buttons & preview working 2017-02-13 11:35:04 +01:00
rugk 8a07a0b157
make it work(1): paste input can be shown 2017-02-12 21:13:04 +01:00
rugk dd6e426da7
first round of refactoring
split into modules, moved code around
need to make it work
2017-02-12 18:08:08 +01:00
El RIDO eedb05111a
added test for getCookie function, documenting its limitation of not finding cookies with empty identifier 2017-02-12 17:11:21 +01:00
El RIDO b1396a249d
ensuring that in the JS sprintf tests no replacable patterns occur in the pre- & postfix of the test string 2017-02-12 15:30:11 +01:00
El RIDO b9c05b06d0
added test for sprintf function, removing dead code and optimizing test cases 2017-02-11 19:34:51 +01:00
El RIDO b00bcd1352
added test for urls2links function, fixing bug - asterisk is allowed in URLs query string 2017-02-11 16:02:24 +01:00
El RIDO b992bcc732
added test for setMessage function, fixing bug for elements with only one child 2017-02-11 10:43:00 +01:00
El RIDO 61a59911b8
added test for setElementText function 2017-02-11 09:56:56 +01:00
El RIDO 3ab489e92d
added test for selectText function, but discovered that this can't be tested at the moment without a browser, due to jsdom lacking getSelect support 2017-02-11 09:09:47 +01:00
rugk 52f1fb143e
Revert "JS: tried namespaces"
This reverts commit e84cfc58a1.
2017-02-08 20:12:22 +01:00
rugk e84cfc58a1
JS: tried namespaces 2017-02-08 20:11:04 +01:00
rugk b01a28d580
remove some more this, slightly change comments 2017-02-08 14:15:58 +01:00
rugk 4e86da8f72
Remove proxy
Also I kept care to (fix?) the focus of the password input. It only works in an
anonymous function for some reason.
2017-02-08 13:54:37 +01:00
rugk 2ebcf60516
Use revealing module pattern
ala http://www.adequatelygood.com/JavaScript-Module-Pattern-In-Depth.html

Also made the loadTranslations a bit more robust with more error messaged being logged.
2017-02-08 13:20:51 +01:00
rugk 5130d9e2f3
New state for "only new button"
Used when the message cannot be decrypted.
Fixes https://github.com/PrivateBin/PrivateBin/issues/126
2017-02-06 22:39:45 +01:00
rugk 5ad02a3d1c
Use original reload function for manual paste open link
This fixes the issue where clicking on the link took you to the home page.
I seriously missed that this.reloadPage does not do the thing I thought it does,
so I updated the doc to make it clear and switched back to the correct function.

Basically reverts 86cd5e1c15
2017-02-06 20:39:52 +01:00
rugk e483d60eed
Merge branch 'historyupdate'
Conflicts:
	tpl/bootstrap.php
	tpl/page.php

And update SRI.

@elrido also did not properly merge this branch. Doing it now…
2017-02-06 20:25:35 +01:00
El RIDO 4cb0374e11
readding accidentally removed line of #173 2017-02-06 20:16:03 +01:00
El RIDO 2ca2309fc4
Merge branch 'patch-1' of https://github.com/r4sas/PrivateBin into r4sas-patch-1 2017-02-06 19:55:07 +01:00
rugk 86cd5e1c15
Use existing reload function 2017-02-05 22:35:44 +01:00
rugk edb546de54
Add loading indicator
Fixes https://github.com/PrivateBin/PrivateBin/issues/172
2017-02-05 22:09:46 +01:00
rugk 5c603d0978
Improve comment 2017-02-05 21:35:28 +01:00
rugk c96dd0836b
Make link clickable again
We need to emulate the click and manually trigger a reload if the hash is
already shown in the URL.
2017-02-05 21:22:09 +01:00
El RIDO 366b61c32d
adding document title in new history state 2017-02-05 18:53:57 +01:00
El RIDO f699ca6cd4
writing tests for htmlEntities function 2017-02-05 18:46:24 +01:00
El RIDO 67f71f4dd6
writing tests for pageKey function, fixing always added padding bug 2017-02-05 18:03:42 +01:00
El RIDO a97b94640e
writing test for pasteId function 2017-02-05 16:58:58 +01:00
El RIDO 80f7baa604
writing test for scriptLocation function, fixing non-removed query separator bug 2017-02-05 16:45:11 +01:00
El RIDO 5442af6e20
slight JS refactoring 2017-02-05 14:47:03 +01:00
rugk ca51a80803
Update the history when a paste is created
Fixes https://github.com/PrivateBin/PrivateBin/issues/167
2017-02-01 19:24:56 +01:00
El RIDO 4bbfd5045e
ensure that JS is *really* only initialized after the DOM is fully loaded, resolves #166 2017-01-30 20:29:04 +01:00
El RIDO 368aa2305b
removing unused pieces of code (legacy?), resolves #165 2017-01-29 16:19:12 +01:00
El RIDO b76a73aa06
upgrading showdown 2017-01-29 16:17:56 +01:00
El RIDO f1df27f46c
allowing for parameter strings starting with & 2017-01-29 15:09:57 +01:00
El RIDO 177c9d7114
Merge branch 'js-unit-testing' 2017-01-29 14:50:31 +01:00
El RIDO cae5a71151
fix missing class renaming 2017-01-29 14:48:56 +01:00
El RIDO efcfb80129
Merge branch 'master' of github.com:PrivateBin/PrivateBin 2017-01-29 14:39:34 +01:00
El RIDO d678f5dada
fixing inconsistency found in unit test 2017-01-29 14:32:55 +01:00
El RIDO fdef8bc5be
starting to work on JSVerify & Mocha based unit tests for our JS code base 2017-01-29 14:31:44 +01:00
Nathaniel Olsen a005b1128b Updated showdown 2017-01-23 22:49:03 -06:00
Nathaniel Olsen 47e4478e17 Updated sjcl, bootstrap, and the hashes 2017-01-23 22:42:05 -06:00
Nathaniel Olsen c5f7c1a3c9 Progress on updating bootstrap 2017-01-23 22:24:24 -06:00
El RIDO 8029c2819f
implementing JS module pattern to expose functions for unit testing 2017-01-22 10:42:11 +01:00
El RIDO 5f09264625
fixing documentation inconsitencies found by Scrutinizer CI 2017-01-14 16:13:22 +01:00
El RIDO db2778c64f
introduced JSDoc: changes for JSDoc compatibility and resolving inconsistencies in documentation, both semantic and in the logic 2017-01-14 15:29:12 +01:00
El RIDO a7de0e095b
added supported language, updated credits and changelog 2017-01-10 20:37:14 +01:00
El RIDO f79c00378b
Choosing correct Occitan plural formula, added unit tests for Occitan and Chinese, corrected casing of languages in unit test 2017-01-08 07:56:56 +01:00
rugk 20fea819cb
Update SRI hashes 2017-01-07 20:35:47 +01:00
Quent-in 427facc456 oc added to supported languages
in order to show occitan translations
2017-01-07 15:48:42 +01:00
El RIDO 4a036aea80
updated SRI hashes, added missing formula for slowene plurals and unit test for it, updated credits and changelog 2017-01-01 14:35:39 +01:00
Alfredo Fabián Altamirano Tena 910c3b3f9d Add Spanish to supported languages 2016-12-30 20:40:23 -06:00
El RIDO 1426d4e371
tagging 1.1 release and updating documentation 2016-12-26 12:13:50 +01:00
El RIDO 1badd5e542
applying HTML entity cleanup to raw paste, too, fixing #137 2016-12-25 13:04:06 +01:00
El RIDO ecd8a51137
writing a unit test for #145 lead to the discovery of two errors in the polish translations: error in formula and missing number placeholders in the translation strings 2016-12-25 11:37:45 +01:00
r4sas aacfe8e5fa added a forgotten option 'ru' in supportedLanguages section 2016-12-19 17:26:04 +03:00
atnaguzin 2847bbc45d added ru plural formula, updated template for edited privatebin.js 2016-12-16 12:21:15 +03:00
rugk 58bd603c7c
Use nice condensed table with border
and alos clean the prettyMessage even without showdown
2016-12-13 23:30:28 +01:00
rugk f755a99ab8
Add table class to parsed Markdown
Fixes https://github.com/PrivateBin/PrivateBin/issues/140
2016-12-12 17:37:51 +01:00
El RIDO 3f2de319f3
should use typesafe comparison in JS and adding forgotten modal dialog in bootstrap-dark-page 2016-11-13 18:22:37 +01:00
El RIDO 3f8d6a592b
refactored modal dialog logic, added the new message IDs to all translation files and added the modal dialog to all bootstrap based templates (page gets the old JS input as a fallback) 2016-11-13 18:12:10 +01:00
Alexander Demenshin 2c8a780c74 Removed unreachable code 2016-11-12 18:30:42 +01:00
Alexander Demenshin c916f33a83 More js for modal password request 2016-11-11 18:46:44 +01:00
Alexander Demenshin 09fa46a651 Added relevant js to modal password form 2016-11-11 18:39:38 +01:00
El RIDO 375dac759f
renamed jQuery file to match projects JS file naming convention 2016-10-29 12:18:03 +02:00
El RIDO f093b05330
update jQuery from 1.11.3 to 3.1.1 2016-10-29 12:12:22 +02:00
stefanomarty af824bbcd6 Update privatebin.js
Added 'it' supported language.
2016-10-23 11:28:04 +02:00
Nathaniel Olsen 3eea03954a Forgot to delete this 2016-10-22 09:47:40 -05:00
Nathaniel Olsen 176d683d1c Forgot to add the file using git 2016-10-21 17:07:55 -05:00
Nathaniel Olsen 0a48c464b4 Update jquery 1.11.3 ==> 3.1.1 2016-10-21 10:31:56 -05:00
Nathaniel Olsen 5639042d12 Update jquery 1.11.3 ==> 3.1.1 2016-10-21 10:31:09 -05:00
El RIDO e925833090 bumping version number to 1.0 2016-08-25 09:53:31 +02:00
El RIDO 47646e056b fixing urlshortening regression caused by CSP introduction, resolves #10 2016-08-18 15:09:58 +02:00
El RIDO f957a1868f push state to history when displaying raw text to allow use of back button, fixes #7 2016-08-16 09:51:36 +02:00
El RIDO 87926ce157 reactivated second error message for comments between textarea and button, fixes #62 2016-08-15 15:38:21 +02:00
El RIDO a0c6222fec Ensuring markdown docs use the unformatted text for raw text and clone, fixes #63 2016-08-15 15:04:12 +02:00
El RIDO 4fa2f7cd22 Initialize state of checkboxes on page load, resolves #79 2016-08-15 14:25:52 +02:00
El RIDO 6144e73405 update preview if format is changed, resolves #60 2016-08-11 11:40:37 +02:00
El RIDO 5ec20c1bc2 making burn-after-reading and discussion mutually exclusive options to improve UI, resolves #11 2016-08-11 11:31:34 +02:00
El RIDO addb666a23 introducing CSP header to mitigate XSS attacks, closes #10 2016-08-09 14:46:32 +02:00
El RIDO a28aebae7d make key size and authentication tag size explicit instead of trusting on defaults 2016-08-09 13:16:15 +02:00
El RIDO 97ed1a5cf4 found a better JS html entity escape function and use it to fix regression introduced by the preview feature, resolves #43 2016-07-19 16:12:11 +02:00
El RIDO 002046cc62 some minor cleanups 2016-07-19 14:44:17 +02:00
rugk bbad92a161 Minor JS code improvments 2016-07-19 14:13:52 +02:00
rugk 38ab755733 Replace HTTP links with HTTPS
Using this regexp: https://regex101.com/r/rZ2dE2/1
2016-07-19 13:56:52 +02:00
El RIDO 6b20836461 upgrading SJCL library to 1.0.4: https://github.com/bitwiseshiftleft/sjcl/releases/tag/1.0.4 2016-07-18 16:54:33 +02:00
El RIDO 615777ffd9 clarifying some code 2016-07-11 16:09:38 +02:00
El RIDO df5150c7f2 found another 2016-07-11 15:55:23 +02:00
El RIDO 90a26d8fcb removing some code smells, found in the various code checker tools 2016-07-11 15:47:42 +02:00
El RIDO 3b3b5277eb refactoring to improve code quality 2016-07-11 14:15:20 +02:00
El RIDO 79509ad48a renaming the fork to PrivateBin 2016-07-11 11:58:15 +02:00
El RIDO 6a663ba07f adding preview feature, resolves #4 2016-07-11 11:09:41 +02:00
El RIDO ad9fdf8892 switching from CCM to GCM, resolves #27 2016-07-09 21:11:39 +02:00
El RIDO 8e11f0873c small code style improvements, trying to get phpunit with hhvm to work in travis 2016-07-05 17:23:25 +02:00
El RIDO 1625aac798 updating showdown library, adding support for tables and strikethrough,
fixing issue with double escaping HTML entities that was causing
blockquotes to be ignored, fixes #75
2016-05-22 16:18:57 +02:00
El RIDO 3ec7002f63 Don't strip space characters of beginning or end of password, while
still ignoring passwords consisting of just spaces, resolves #69
2016-04-26 20:41:15 +02:00
El RIDO 4918bef4dc Although there usually are no plurals in chinese, there's an exception
for words related to persons, when not preceeded by a numeric word.

Sources:
- http://localization-guide.readthedocs.org/en/latest/l10n/pluralforms.html#f3
- https://answers.yahoo.com/question/index?qid=20110606153553AAAW5zX
2016-04-26 20:21:30 +02:00
Jiawei Zhou 4565b72a7d Adding Chinese Translation (#73) 2016-04-26 20:08:35 +02:00
El RIDO a4ebdbc606 re-introducing (optional) URL shortener support, resolves #58 2016-01-31 09:56:06 +01:00
El RIDO a459c6d836 translated to slowene
Conflicts:
	js/zerobin.js
2015-12-26 22:14:10 +01:00
El RIDO ce107c928e supporting disabled password option in the JS part, fixes #55 2015-11-16 19:58:45 +01:00
El RIDO 24a4328c55 incrementing version, updating changelog, added missing phpdoc comments 2015-11-09 21:39:42 +01:00
El RIDO 740d62005e small CSS improvement, partially resolves #48 2015-10-19 19:39:45 +02:00
El RIDO 40019624fd wrap long lines in plaintext format but force horizontal scroll on
syntaxhighlighting, resolves #45
2015-10-18 22:16:15 +02:00
El RIDO 14d08ec56d working on JSON-LD validity, added CORS headers preparing external API
call support
2015-10-18 14:37:58 +02:00
El RIDO 22d0b1ec22 updating comment format to match defined JSON-LD API context 2015-10-18 11:38:48 +02:00
El RIDO f21567133c changing paste read output for API refactoring 2015-10-18 11:08:28 +02:00
El RIDO 87b41a0c3d implemented tab input support from #40, thank you azlux! 2015-10-15 22:06:01 +02:00
El RIDO 2e3bacb699 fixing deletion issue in request refactoring, starting work on API read
refactoring
2015-10-15 22:04:57 +02:00
El RIDO 1d6cfb7f3b refactoring delete API, added external JSON-LD context 2015-10-11 21:22:00 +02:00
El RIDO 7ec94e0db5 implementing request refactoring, beginning JS changes for JSON API, but
discovered that DELETE and PUT are not available on all webservers by
default
2015-09-27 20:34:39 +02:00
El RIDO 9f68658106 incrementing version number, updating changelog 2015-09-21 22:43:00 +02:00
El RIDO 0686087cfd fixing mobile navbar triggered issue and slight adjustement to bootstrap
template for using full width of browser for navbar
2015-09-20 20:05:48 +02:00
El RIDO 608605cd54 incrementing version number, updating docs 2015-09-19 17:23:10 +02:00
El RIDO 844c4d15e9 fixes #30 2015-09-19 14:19:42 +02:00
El RIDO a111357fae add optional (since it uses a session cookie) language selection 2015-09-19 11:21:13 +02:00
El RIDO 39e865ca64 if the uploaded file is an image mime type, display it 2015-09-18 21:41:50 +02:00
El RIDO 50075ea948 fixing issue with attachment, empty paste & empty password 2015-09-18 20:25:53 +02:00
El RIDO ed9c4f45f4 adding file name support for #20, solving issue with unencryptable file 2015-09-18 12:33:10 +02:00
El RIDO e144739dec implement file upload UI on bootstrap templates 2015-09-18 10:49:39 +02:00
El RIDO 106141efa4 merging @vikstrous file upload feature for #20 from
8a6d268278
2015-09-16 22:51:48 +02:00
El RIDO 61903665df logic cleanup 2015-09-16 20:49:28 +02:00
El RIDO 0e53d1ee86 added markdown support and a dropdown for the format selection. The
options other then markdown are plain text and source code (syntax
highlighting). Resolves #25
2015-09-12 17:33:16 +02:00
El RIDO 9dde7f034a moving remaining time / for your eyes only message from nav bar into
status alert in bootstrap theme, to ensure it is seen even with a
collapsed nav bar as in the mobile view
2015-09-12 10:38:04 +02:00
El RIDO 428a9d9c41 toggling mobile nav bar after tap on buttons "New", "Clone" and "Send"
to ensure any messages are visible for #21.
2015-09-12 10:23:12 +02:00
El RIDO b26fb08732 Fixing issues with en translation, thanks @wware for spotting it 2015-09-08 20:48:18 +02:00
El RIDO b060d57524 - implemented php side of plural translation
- using it to generate labels dynamically for the expire options
(deprecating the [expire_labels] configuration).
- added translation of the human readable data sizes to support the
french octet
- fixed IEC label for kibibytes
2015-09-06 19:21:17 +02:00
El RIDO c83ba8256f implementing a plural translation solution, currently only the JS part 2015-09-06 15:54:43 +02:00
El RIDO eee7b0144a covering JS side of translations (#7), added the messages to the
translation files and translated the german ones
2015-09-06 13:07:46 +02:00
El RIDO b883d5eb4c Merge branch 'master' of git@github.com:elrido/ZeroBin.git
Conflicts:
	js/zerobin.js
2015-09-05 17:21:05 +02:00
El RIDO 3099e10dfa refactored JS:
- moved from global namespace into anonymous function
- as onclick has no direct access to the zerobin methods, the events are
now bound in the init() method via bindEvents()
- to simplify maintenance, the functions were wrapped into 3 objects:
zerobin (display logic, event handling), filter (compression,
encryption) and helper (stateless utilities)
- some CSS and template adjustements were also done
2015-09-05 17:12:11 +02:00
Hexalyse d74172064b Hide error message when paste is posted correctly 2015-09-05 14:45:50 +02:00
Hexalyse 9687144c92 Error messages are now replaced and not appended
Error messages are now replaced and not appended in the #errormessage div, without removing the glyphicon (which a .text() would have done).
This way, we don't have HTML code in the JS (which would be ugly). But it's still not a really elegant solution.
2015-09-05 14:38:53 +02:00
El RIDO 2d79ba8243 updating docs, bumping version to 0.20 2015-09-03 22:22:59 +02:00
El RIDO b25022e403 refactored JSON API, its now possible to retrieve pastes as JSON, which
is now used when posting comments, eliminating the need to store the
password in sessionStorage
2015-09-01 22:33:07 +02:00
El RIDO 802a0b26b9 burn after reading messages are only deleted after callback by JS when
successfully decrypted, resolves #11
2015-08-31 22:10:41 +02:00
El RIDO 9fdbba76ce working on password function for #15:
- asking again if password is wrong
- display error if user cancels dialog
- use password to encrypt comments, too (password is "stored" in the
password field)
- store password in sessionStorage when posting a comment so, that it
doesn't have to typed in again, but clear sessionStorage as soon as
password is retrieved
2015-08-31 21:14:12 +02:00
El RIDO d3c4600806 slight configuration changes, template modifications to make discussions
and password configurable, removed generated configuration test as it
grows quite big and a new one can be generated easily if needed
2015-08-31 00:01:35 +02:00
Hexalyse 0198371049 Password input id change in zerobin.js 2015-08-30 15:06:32 +02:00
Hexalyse eadcd60e14 Password input id change in zerobin.js 2015-08-30 15:05:50 +02:00
Hexalyse 95f1db925b Merge branch 'master' of https://github.com/elrido/ZeroBin
Conflicts:
	cfg/conf.ini
	js/zerobin.js
2015-08-30 14:33:09 +02:00
El RIDO be91afa042 - fixing JS errors when syntax highlighting is disabled (point 1. #15)
- fixing missing url conversion in highlighted text (point 2. # 15)
2015-08-27 23:58:28 +02:00
Simon Rupf a34cc562e1 optimized bootstrap comment layout 2015-08-23 15:52:25 +02:00
Hexalyse 3b537eda40 Added an optional password protection 2015-08-22 17:23:41 +02:00
El RIDO b299a6e03e added a bootstrap theme, still needs some work in the comments layout 2015-08-17 23:19:15 +02:00
El RIDO 0c1d5c62d5 updated de/inflate to versions 0.5/0.3, using versions found at
a3725d3bee
kudos Dan Kogai
2015-08-16 13:02:27 +02:00
El RIDO a0107d7eae updated prettify to minified versions found at
6aa04af68e/loader/prettify.js
6aa04af68e/loader/prettify.css
kudos Mike Samuel
2015-08-16 12:46:01 +02:00
El RIDO 49c6e3c1b6 updated base64.js to version 2.1.9, using minified version found at
9192c510f5/base64.min.js
kudos Dan Kogai

small improvements to input checking
implementing default values for most configuration options
switching to versioned JS files to avoid version hack used in template
2015-08-16 12:27:06 +02:00
El RIDO 7bc8c14df6 updated sjcl to version 1.0.2, using minified version found at
11a673d1d3/sjcl.js
kudos Nils Kenneweg
2015-08-16 11:29:01 +02:00
El RIDO 769768d25e updated jquery to 1.11.3 2015-08-16 11:20:06 +02:00
El RIDO 3aa4911991 Small text message changes 2015-08-16 01:56:39 +02:00
Sebastien SAUVAGE daf5522b1e Potentiel security bug corrected
Bug reproduction: 1) paste texte containing html/javascript. 2) send 3)
clic "Raw text"  4) refresh: The html/javascript is interpreted instead
of just displayed.
Under some versions of Chrome, it happens without refreshing.
This bug was corrected.

(cherry picked from commit 4f8750bbddcb137213529875e45e3ace3be9a769)
2015-08-15 22:24:25 +02:00
Sebastien SAUVAGE bc8b23d35e XSS flaw correction
With a client IE < 10 there was a XSS security flaw. Other browsers were
not affected.
Also corrected spacing display with IE<10.

(cherry picked from commit 28813cd82ae47e556b610da3c7302a6709e27431)

Conflicts:
	CHANGELOG.md
	index.php
	js/zerobin.js
	lib/vizhash16x16.php
2015-08-15 22:01:43 +02:00
Sebastien SAUVAGE d9930978ba Make sure there is enough entropy.
This patch will improve key randomness by requiring the user to move the
mouse if there is not enough entropy.

(cherry picked from commit c6e98045aa833dff824f892eb3392744c03a59f7)
2015-08-15 21:52:14 +02:00
El RIDO e646729b2d fixing regressions from cherrypicking 2015-08-15 21:39:08 +02:00
Sebastien SAUVAGE 5f87ea6843 ZeroBin 0.18
(cherry picked from commit 7a8cbee2f99cd74a50bce7e8df8130e2c477d903)

Conflicts:
	CHANGELOG.md
	index.php
	js/zerobin.js
	lib/vizhash16x16.php
2015-08-15 21:06:19 +02:00
Sebastien SAUVAGE ecd2e067f8 replaceState() changed to pushState()
so that the "Back" button works after clicking on "Raw text".

(cherry picked from commit 47fae2b2467df2ab017102d82833cb380c286867)
2015-08-15 20:26:25 +02:00
Sebastien SAUVAGE fdc87a7fcf Added "Raw text" button.
(cherry picked from commit 00cfcafc996c55afd069b665ad3875693e22d36d)

Conflicts:
	css/zerobin.css
	js/zerobin.js
	tpl/page.html
2015-08-15 20:25:46 +02:00
Sebastien SAUVAGE 09bebae286 Removed dead code.
(cherry picked from commit 87e17b36f9b2ec777c14257eb9c8efec0e7bd053)

Conflicts:
	css/zerobin.css
	js/zerobin.js
	tpl/page.html
2015-08-15 20:06:44 +02:00
Sebastien SAUVAGE cff4d99f05 "Burn after reading" as a checkbox
"Burn after reading" option has been moved out of Expiration combo to a
separate checkbox.
Reason is: You can prevent a read-once paste to be available ad vitam
eternam on the net.

(cherry picked from commit 190b278402c086ebc4d1a78aae27d1e2666e3e7a)

Conflicts:
	css/zerobin.css
	index.php
	js/zerobin.js
	tpl/page.html
2015-08-15 19:01:03 +02:00
Sebastien SAUVAGE 1b95d6fff7 base64.js downgraded from 2.6 to 1.7
because otherwise it would have broken compatibility with data files.

(cherry picked from commit 75a27b6243b8cffa69f59c068dac61263574dc5b)
2015-08-15 18:39:47 +02:00
Sebastien SAUVAGE eccd4a816a base64.js updated to 2.6
From https://github.com/dankogai/js-base64

(cherry picked from commit 7e5c36ed5b7fc67ba919973834e015ce92b5708b)
2015-08-15 18:33:58 +02:00
Sebastien SAUVAGE 315c45ed0c Auto-select paste URL
When creating a paste, we auto-select the resulting URL so that the user
only has to press CTRL+C to copy the link.
So you basically click "SEND" then press CTRL+C.

(cherry picked from commit 3feb4641c7892eeeaff2fe61c6e153919687b9c6)

Conflicts:
	css/zerobin.css
2015-08-15 16:56:11 +02:00
Sebastien SAUVAGE 5b253cf77c ZeroBin 0.17
* added deletion link.
* small refactoring.
* improved regex checks.
* larger server alt on installation.
2013-11-01 01:15:14 +01:00
Sébastien SAUVAGE 6c7de8aca8 Libs upgrade
* Upgraded jQuery to 1.9.1
* Upgraded SJCL to Git version 2013-02-22
2013-10-31 22:59:01 +01:00
Sean McGregor 956b82b825 added functions for placing many parameters in the anchor string 2013-10-31 22:42:20 +01:00
Frédérik Paradis 7cb345001a Change URL on clone 2013-10-31 22:41:30 +01:00
Simon Rupf 2b69a862ec moved updated sjcl into place 2012-09-08 16:34:34 +02:00
Simon Rupf 2d4f155064 had to revert to HTML5 instead of XHTML5 because of compatibility
problem with code prettifier, fixed some display bugs
2012-08-28 23:28:41 +02:00
Simon Rupf 907538875b removed leftovers from submodule uglifyjs, added credits file,
cleaned up CSS, changed template to output clean XHTML 5,
added unit tests for 60% of the code, found a few bugs by doing
that and fixed them
2012-08-26 00:49:11 +02:00
Simon Rupf edf95ff56d added autoloading, configurable paste size limit, changed JS to calculate localized comment times instead of UTC 2012-04-30 22:58:08 +02:00
Alexey Gladkov 0057045f51 Add syntax highlighting
Syntax highlighting is done with the use of the library:

http://code.google.com/p/google-code-prettify/

Signed-off-by: Alexey Gladkov <gladkov.alexey@gmail.com>
2012-04-29 20:27:00 +04:00
Sebastien SAUVAGE 241c75a5d5 Removed the shortening url service button. 2012-04-24 14:29:16 +02:00
Erwan 5d02750316 Fix : 404 for Shorten URL image 2012-04-23 16:30:02 +02:00
Sebastien SAUVAGE 50272a678f - Minor fixes following previous merge.
- Fixed regression: "Clone" button was visible for IE.
2012-04-22 20:43:11 +02:00
Thierry Poinot 6083c7a23c refactoring files and directory structure 2012-04-22 13:34:17 +02:00