Commit Graph

22 Commits

Author SHA1 Message Date
rugk e9b10f9e2d
Add CSP sandbox
Fixes https://github.com/PrivateBin/PrivateBin/issues/168

Alos needed to run some Composer stuff, no idea why my diff was different.
2017-02-01 18:34:13 +01:00
El RIDO 67f6c4eb61
turned bootstrap template variants into logic 2017-01-08 10:02:07 +01:00
rugk f5aefa5513 Update for correct spelling 2017-01-07 20:35:23 +01:00
Jordyn Carattini 36f70cad48 Fixed a spelling error in conf.ini
Changed "Mibibytes" to "Megabytes"
2017-01-01 17:47:07 -06:00
El RIDO a5d91298ff
add an option to change the site name, solves #154 2017-01-01 16:33:11 +01:00
rugk 2cd4717bd2
Use default csp value by default
Otherwise the CSP may break updates if we later change the behaviour of PrivateBin somehow.
We should have done this before the v1.0 release, but well...
2016-09-18 12:21:42 +02:00
rugk 1a159c973f
Prevent referrer to be send
Uses both CSP and Referrer-Policy
Fixes #96
2016-09-03 18:12:24 +02:00
rugk 9ff74e8841 Allow manifest loading via CSP 2016-08-27 00:01:19 +02:00
rugk 3d541f867b Update config file header
We really don't need to license the config file....
2016-08-12 18:23:15 +02:00
El RIDO 3988b860b0 implemented Identicon library as new default for comment icons, made Vizhash an optional alternative, refactored Vizhash and removed string lenghtening 2016-08-10 17:41:46 +02:00
El RIDO addb666a23 introducing CSP header to mitigate XSS attacks, closes #10 2016-08-09 14:46:32 +02:00
El RIDO b45bef8388 Renamed classes for full PSR-2 compliance, some cleanup 2016-08-09 11:54:42 +02:00
rugk 38ab755733 Replace HTTP links with HTTPS
Using this regexp: https://regex101.com/r/rZ2dE2/1
2016-07-19 13:56:52 +02:00
El RIDO b53efda635 improving code coverage and unit testing 2016-07-18 14:47:32 +02:00
El RIDO ff0c55c0d6 introduce option to disable vizhash for paranoid admins, resolves #20 point 2.4 2016-07-18 10:14:38 +02:00
El RIDO 20cf678a75 adding default configuration for purging, resolves #3 (again) 2016-07-18 09:13:23 +02:00
El RIDO 79509ad48a renaming the fork to PrivateBin 2016-07-11 11:58:15 +02:00
Gilles a7ef0b54e6 ZeroBin -> PrivateBin
Changing name
2016-07-10 11:02:31 +02:00
El RIDO 0e217a42c5 introduce new zerobincompatibility option, replacing the base64 one, if it is enabled, delete tokens use sha256; added per paste salt with server salt fallback; this resolves the points 2.2 & 2.9 in #103 2016-07-06 11:37:13 +02:00
El RIDO a4ebdbc606 re-introducing (optional) URL shortener support, resolves #58 2016-01-31 09:56:06 +01:00
El RIDO 24a4328c55 incrementing version, updating changelog, added missing phpdoc comments 2015-11-09 21:39:42 +01:00
El RIDO 176dff3b70 renaming config file to make updates easier, resolving #50 2015-10-22 21:13:15 +02:00
Renamed from cfg/conf.ini (Browse further)