george/PrivateBin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into js-unit-testing

Browse Source
This commit is contained in:
El RIDO
2018-01-02 09:37:46 +01:00
parent d80c2f83fa 6eb8822059
commit 85401a1513
17 changed files with 128 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
js/common.js
View File

@@ -16,7 +16,7 @@ require('./prettify');
global.prettyPrint = window.PR.prettyPrint;
global.prettyPrintOne = window.PR.prettyPrintOne;
global.showdown = require('./showdown-1.6.1');
global.DOMPurify = require('./purify.min');
global.DOMPurify = require('./purify-1.0.3');
require('./bootstrap-3.3.7');
require('./privatebin');

2
js/kjua-0.1.2.js Normal file
View File

File diff suppressed because one or more lines are too long

39
js/privatebin.js
View File

@@ -21,6 +21,7 @@
/** global: prettyPrintOne */
/** global: showdown */
/** global: sjcl */
/** global: kjua */
// Immediately start random number generator collector.
sjcl.random.startCollectors();
@@ -1700,7 +1701,7 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
}
// set sanitized and linked text
var sanitizedLinkedText = DOMPurify.sanitize(Helper.urls2links(text), {SAFE_FOR_JQUERY: true});
var sanitizedLinkedText = DOMPurify.sanitize(Helper.urls2links(text));
$plainText.html(sanitizedLinkedText);
$prettyPrint.html(sanitizedLinkedText);
@@ -1713,7 +1714,7 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
});
// let showdown convert the HTML and sanitize HTML *afterwards*!
$plainText.html(
DOMPurify.sanitize(converter.makeHtml(text), {SAFE_FOR_JQUERY: true})
DOMPurify.sanitize(converter.makeHtml(text))
);
// add table classes from bootstrap css
$plainText.find('table').addClass('table-condensed table-bordered');
@@ -1727,8 +1728,7 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
$prettyPrint.html(
DOMPurify.sanitize(
prettyPrintOne(Helper.urls2links(text), null, true),
{SAFE_FOR_JQUERY: true}
prettyPrintOne(Helper.urls2links(text), null, true)
)
);
// fall through, as the rest is the same
@@ -1824,6 +1824,8 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
*/
me.setText = function(newText)
{
// escape HTML entities
newText = $('<div />').text(newText).html();
if (text !== newText) {
text = newText;
isChanged = true;
@@ -2220,8 +2222,7 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
// set & parse text
$commentEntryData.html(
DOMPurify.sanitize(
Helper.urls2links(commentText),
{SAFE_FOR_JQUERY: true}
Helper.urls2links(commentText)
)
);
@@ -2414,6 +2415,7 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
$password,
$passwordInput,
$rawTextButton,
$qrCodeLink,
$sendButton;
var pasteExpiration = '1week';
@@ -2535,7 +2537,7 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
for (var i = 0; i < $head.length; i++) {
newDoc.write($head[i].outerHTML);
}
newDoc.write('</head><body><pre>' + DOMPurify.sanitize(paste, {SAFE_FOR_JQUERY: true}) + '</pre></body></html>');
newDoc.write('</head><body><pre>' + DOMPurify.sanitize(paste) + '</pre></body></html>');
newDoc.close();
}
@@ -2591,6 +2593,22 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
event.preventDefault();
}
/**
* Shows the QR code of the current paste (URL).
*
* @name TopNav.displayQrCode
* @function
* @param {Event} event
*/
function displayQrCode(event)
{
var qrCanvas = kjua({
render: 'canvas',
text: window.location.href
});
$('#qrcode-display').html(qrCanvas);
}
/**
* Shows all elements belonging to viwing an existing pastes
*
@@ -2607,6 +2625,7 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
$newButton.removeClass('hidden');
$cloneButton.removeClass('hidden');
$rawTextButton.removeClass('hidden');
$qrCodeLink.removeClass('hidden');
viewButtonsDisplayed = true;
}
@@ -2627,6 +2646,7 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
$newButton.addClass('hidden');
$cloneButton.addClass('hidden');
$rawTextButton.addClass('hidden');
$qrCodeLink.addClass('hidden');
viewButtonsDisplayed = false;
}
@@ -2877,6 +2897,7 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
$passwordInput = $('#passwordinput');
$rawTextButton = $('#rawtextbutton');
$sendButton = $('#sendbutton');
$qrCodeLink = $('#qrcodelink');
// bootstrap template drop down
$('#language ul.dropdown-menu li a').click(setLanguage);
@@ -2891,6 +2912,7 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
$cloneButton.click(Controller.clonePaste);
$rawTextButton.click(rawText);
$fileRemoveButton.click(removeAttachment);
$qrCodeLink.click(displayQrCode);
// bootstrap template drop downs
$('ul.dropdown-menu li a', $('#expiration').parent()).click(updateExpiration);
@@ -3944,10 +3966,11 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) {
// first load translations
I18n.loadTranslations();
DOMPurify.setConfig({SAFE_FOR_JQUERY: true});
// initialize other modules/"classes"
Alert.init();
Model.init();
AttachmentViewer.init();
DiscussionViewer.init();
Editor.init();

1
js/purify-1.0.3.js Normal file
View File

File diff suppressed because one or more lines are too long

2
js/purify.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
js/test/PasteViewer.js
View File

@@ -48,7 +48,7 @@ describe('PasteViewer', function () {
results.push(
$('#placeholder').hasClass('hidden') &&
!$.PrivateBin.PasteViewer.isPrettyPrinted() &&
$.PrivateBin.PasteViewer.getText() == text
$.PrivateBin.PasteViewer.getText() == $('<div />').text(text).html()
);
if (format == 'markdown') {
results.push(