george/PrivateBin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,553 Commits 14 Branches 20 Tags
76eff6a87afcfbcd184bc875b89d368ab4a2bd38
Commit Graph

528 Commits

Author SHA1 Message Date
El RIDO
76eff6a87a Revert "[TEST] Try to disallow vulnerable cases" to remove accidentally committed file and statement that breaks the tests 
This reverts commit ebc2d649c4.
 2020-01-18 07:12:03 +01:00
El RIDO
fd4492f229 ensuring that both critical branches get tested 2020-01-18 07:09:56 +01:00
rugk
eb549d70d1 Invert conatainsLink logic 2020-01-15 17:52:51 +01:00
rugk
ebc2d649c4 [TEST] Try to disallow vulnerable cases 2020-01-13 19:56:15 +01:00
rugk
01414e43ca Do not double-encode HTML in i18n 
This issue got introduced in 4bf7f86 due to double

Fixes https://github.com/PrivateBin/PrivateBin/issues/557
Fixes https://github.com/PrivateBin/PrivateBin/issues/558

Also _inverted_ the logic/variable name for containsNoLinks to
the more logical one "containsLinks" to avoid too many negations.

Also verified that the attachment name is stil properly displayed
when you clone a paste.
 2020-01-13 19:17:30 +01:00
El RIDO
599264e167 partially address #556 - now comments can only be added after successfull decryption 2020-01-08 19:48:42 +01:00
El RIDO
ed590ee557 incrementing version 2020-01-08 19:31:06 +01:00
El RIDO
ef8943d838 upgrading base-x library to 3.0.7 2020-01-07 20:11:12 +01:00
El RIDO
2fd649db14 upgrading showdown to released 1.9.1 version 2020-01-07 19:58:05 +01:00
El RIDO
a9bf667f8e address error, displayed when paste has attachment, but configuration has them disabled 2020-01-04 13:33:03 +01:00
El RIDO
4bf7f863dc more general solution addressing #554, kudos @rugk for the suggestions 2020-01-04 13:14:53 +01:00
El RIDO
8d0ac336d2 addressing jsverifyRngState 8b8f0d4ec2a67139b5, fixes HTML injection via filename, closes #554 2019-12-25 09:14:32 +01:00
Haocen Xu
853fd906cb Fix unnecessary closure capture 2019-11-21 17:43:10 -05:00
El RIDO
af8d963fd2 updating DOMpurify library, fixes #523 2019-11-02 17:31:45 +01:00
El RIDO
8cf0c86ebb simplify case statement, update documentation 2019-11-02 17:18:22 +01:00
El RIDO
b23fd48d49 Merge branch 'master' of https://github.com/AndriiZ/PrivateBin into AndriiZ-master 2019-11-02 17:11:05 +01:00
Haocen Xu
e079f6c830 Implement Email button 2019-10-31 15:07:13 -04:00
Haocen Xu
63fdd2eba3 Fix missing semi colon 2019-10-30 14:04:10 -04:00
Haocen Xu
56222d6cfb Bugfix when password is disabled in config no new paste can be 
created
 2019-10-25 13:05:09 -04:00
Andriy Zhuk
65b7077756 Added plural rules for ukrainian 2019-10-18 12:31:40 +03:00
El RIDO
71797d1dd4 changes required for jsdoc, adding legacy.js to code coverage 2019-09-22 21:18:19 +02:00
El RIDO
2d4edfe401 incrementing version number in preparation of release 2019-09-22 19:42:04 +02:00
El RIDO
e9eeeacdf0 addressing jsverifyRngState 0f5ea3f961827b0c4d 2019-09-19 20:48:05 +02:00
El RIDO
8da382f7c6 Merge branch 'master' into better-feature-detection 2019-09-19 20:19:35 +02:00
El RIDO
28d70a1b18 upgrading DOMpurify, fixes #520 2019-09-19 20:13:47 +02:00
El RIDO
955317d924 make codacy a bit happier 2019-09-19 19:47:19 +02:00
El RIDO
7c61f59dcd removing untranslated string for non-human entities, moving insecure notice to template, so it can remains translated 2019-09-19 19:14:48 +02:00
El RIDO
70c38db81d adding ES6 and async feature detection to correctly flag old chromes and operas with the modern browser error 2019-09-18 07:47:26 +02:00
El RIDO
4332d0edb0 making legacy.js work even on IE 6 by avoiding jQuery 2019-09-18 07:31:32 +02:00
El RIDO
5810f17c31 fixing HTTP only error detection in Chrome and Android by ensuring all logic is contained in legacy.js 2019-09-17 21:41:25 +02:00
El RIDO
1a42158dd1 address Codacy's concern about missing semicolons 2019-09-14 09:53:22 +02:00
El RIDO
713ce148a4 address Codacy's concern that i is already defined 2019-09-14 09:50:47 +02:00
El RIDO
63426d6f8b splitting out PrivateBin.InitialCheck class into Legacy.Check and working on making it compatible with IE 11 2019-09-14 09:41:52 +02:00
El RIDO
c2962af4f8 trying different approach to convince codacy about false positive 2019-09-08 09:08:21 +02:00
El RIDO
b1c9ca65fa trying to address eslint false positives 2019-09-08 08:39:28 +02:00
El RIDO
5471757fa7 making webassembly optional, ensuring retry button works when wrong password is provided 
Tested configurations:
- browser with WASM support (Firefox 68.0.2)
  - creates paste with zlib compression, no password
  - creates paste with zlib compression, with password
  - reads paste with zlib compression, no password
  - reads paste with zlib compression, with password + retry button works
  - reads paste without compression, no password
  - reads paste without compression, with password + retry button works
- browser without WASM support (Chromium 76.0.3809.100, started via `chromium-browser --js-flags=--noexpose_wasm`)
  - creates paste without compression, no password, but shows WASM warning
  - creates paste without compression, with password, but shows WASM warning
  - fails to read paste with zlib compression, no password + shows WASM error
  - fails to read paste with zlib compression, with password + shows WASM error
  - reads paste without compression, no password
  - reads paste without compression, with password + retry button works
 2019-09-08 08:21:54 +02:00
El RIDO
813e72d871 don't encode HTML entities in translations if they contain links 2019-08-28 20:37:14 +02:00
El RIDO
c56d777c11 fixing logic when there are no icons and warning icons, add more test cases 2019-08-28 20:29:23 +02:00
El RIDO
7f65fe9218 fixing conflicting icons when using error message div for warnings in bootstrap template 2019-08-28 19:25:11 +02:00
El RIDO
ad570c391a extend Alert class unit testing 2019-08-28 19:23:58 +02:00
El RIDO
a6aef109cc making feature detection work as intended in chrome 2019-08-27 23:16:06 +02:00
El RIDO
6fcd82fb85 making the feature detection more robust, let users with no WASM create uncompressed pastes, remove dead & duplicate code 2019-08-27 07:38:27 +02:00
Haocen Xu
00b886c492 Refactor attachment editable logic to avoid undesired assumption 2019-08-25 12:00:59 -04:00
El RIDO
ad096b80a1 refactoring logic, to make intention more clear and reduce complexity 2019-08-25 17:24:22 +02:00
Haocen Xu
ab75b183fb Fix click on new paste on clone paste editing view not removing custom 
attachment

Fix cloning paste with attachment

Update CSP in sample and default configuration

Ensure clone paste also clone format

Fix clone button hiding logic when paste is burn after read

Remove attachment name when new paste clicked on

Enable file operation only when editing
 2019-08-25 02:16:58 -04:00
El RIDO
121b1e75d2 remove debug statement, fixes #462 2019-08-24 08:42:33 +02:00
Haocen Xu
2eed7a8a1c Update SRI 
Remove dejavu
 2019-08-17 15:39:13 -04:00
Haocen Xu
078b8d8fd6 Clear attachment if user cancel file select 2019-08-17 15:14:40 -04:00
Haocen Xu
3a9730f883 Improve file upload UX 
Fix incorrect highlight logic

Fix transition on fileupload highlight

Handle drag leave

Fix draghover

Minor style improvements
 2019-08-17 15:13:58 -04:00
El RIDO
30ddcacca6 fixing unit tests 2019-08-17 10:20:46 +02:00