george/PrivateBin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,063 Commits 14 Branches 20 Tags
93135e0abf92ebce8cafee5299769e1434f24bf2
Commit Graph

323 Commits

Author SHA1 Message Date
El RIDO
93135e0abf improving code coverage 2021-06-13 10:44:26 +02:00
El RIDO
e294145a2b ip-lib doesn't except on the matches interfaces 2021-06-13 08:26:05 +02:00
Mark van Holsteijn
1b88eef356 improved implementation of GoogleStorageBucket 2021-06-10 21:39:15 +02:00
El RIDO
5af069b4f0 Merge pull request #810 from binxio/persistence-into-data 
added purgeValues function
 2021-06-10 08:22:10 +02:00
Mark van Holsteijn
1232717334 added purgeValues to GCS 2021-06-09 22:27:34 +02:00
El RIDO
7b2f0ff302 apply StyleCI recommendation 2021-06-09 19:16:22 +02:00
El RIDO
a203e6322b implementing key/value store of Persistance in Database storage 2021-06-09 07:47:40 +02:00
El RIDO
7901ec74a7 folding Persistance\ServerSalt into Data\Filesystem 2021-06-08 22:01:29 +02:00
El RIDO
b5a6ce323e folding Persistance\TrafficLimiter into Data\Filesystem 2021-06-08 07:49:22 +02:00
El RIDO
3429d293d3 remove configurable dir for traffic & purge limiters 2021-06-08 06:37:27 +02:00
El RIDO
ae486d651b folding Persistance\PurgeLimiter into Data\Filesystem 2021-06-07 21:53:42 +02:00
Mark van Holsteijn
55efc858b5 simplest implementation of kv support on gcs 2021-06-07 09:11:24 +02:00
El RIDO
7bdcc2ae15 conclude scaffolding of AbstractData key/value storage, missing implementation 2021-06-07 07:02:47 +02:00
El RIDO
1a7d0799c0 scaffolding interface for AbstractData key/value storage, folding Persistance\DataStore into Data\Filesystem 2021-06-07 06:53:15 +02:00
El RIDO
de8f40ac1a kudos @StyleCI 2021-06-06 19:35:31 +02:00
El RIDO
c758eca0a4 removed automatic .ini configuration file migration, closes #808 2021-06-06 17:53:08 +02:00
El RIDO
2bc54caa07 fix never matched condition, kudos @ShiftLeftSecurity, found via #807 2021-06-05 10:33:01 +02:00
El RIDO
abb2b90e9b make StyleCI happy 2021-06-05 05:52:13 +02:00
El RIDO
edb8e5e078 handle edge cases with file locking: file needs to exist before it can be locked, fixes #803 2021-06-05 05:48:17 +02:00
Mark van Holsteijn
342270d6dd added Google Cloud Storage support 2021-05-28 22:39:50 +02:00
El RIDO
b6460616ba address Scrutinizer issues 2021-05-22 11:30:17 +02:00
El RIDO
91c8f9f23c use namespaces 2021-05-22 11:02:54 +02:00
El RIDO
3dd01b1f70 testing IP exemption, handle corner cases found in testing 2021-05-22 10:59:47 +02:00
rodehoed
af5a14afc3 Optimized the canPass() functions 2021-05-19 09:01:45 +02:00
rodehoed
5812a6bb68 Optimized the canPass() functions 2021-05-19 08:47:35 +02:00
Rodehoed
502bb5fa15 Put the ip-matching function in a private function 2021-05-06 12:18:44 +02:00
Rodehoed
89bdc92451 Put the ip-matching function in a private function 2021-05-06 12:13:03 +02:00
LinQhost Managed hosting
63d6816c7c Merge branch 'api-ip-exempt' of https://github.com/rodehoed/PrivateBin into api-ip-exempt 2021-05-05 08:43:32 +02:00
rodehoed
a806a6455e QA 2021-05-04 11:20:24 +02:00
rodehoed
4296b43832 QA 2021-05-04 11:19:34 +02:00
rodehoed
c3ad4a4b4d QA 2021-05-04 11:18:06 +02:00
rodehoed
805eb288d9 QA 2021-05-04 11:14:11 +02:00
rodehoed
b21efd8336 Code quality 2021-05-04 11:01:46 +02:00
LinQhost Managed hosting
7d82c82fd9 Make it possible to exempt ips from the rate-limiter 2021-05-04 10:29:25 +02:00
El RIDO
fcb6422663 re-adding CSP directive sandbox allow-forms, it is needed for the password input form to work on the JS side 2021-04-18 21:05:32 +02:00
rugk
3ca01024fd feat: disallow form submission alltogether 
Following the tests and HTTP Observatory, I think we can disable forms altogether.

Fixes https://github.com/PrivateBin/PrivateBin/issues/778
 2021-04-18 14:16:39 +02:00
rugk
5809a7cfa7 feat: add form-action CSP restriction 
This follows a suggestion from HTTP Observatory:
> Restricts where <form> contents may be submitted by using form-action 'none', form-action 'self', or specific URIs

Fixes #778
 2021-04-18 14:14:46 +02:00
El RIDO
9b893f09d7 Merge branch 'master' into floc 2021-04-17 08:35:21 +02:00
El RIDO
7b7a32c0a7 apply StyleCI recommendation 2021-04-17 08:20:08 +02:00
rugk
fd7d05e862 Add base URL as default CSP restriction 
This follows an [HTTP Observatory recommendation](https://observatory.mozilla.org/analyze/privatebin.net):
> Restricts use of the <base> tag by using base-uri 'none', base-uri 'self', or specific origins.

Given we don't use that anywhere, this safe should be safe. (not tested practically though)
 2021-04-16 22:04:28 +02:00
El RIDO
6f3bb25b09 disable Google FloC 2021-04-16 20:25:50 +02:00
El RIDO
1dc8b24665 transmit cookie only over HTTPS, fixes #472 2021-04-16 20:15:12 +02:00
El RIDO
9e6eb50ced adding new security headers, fixes #765 2021-04-16 19:19:11 +02:00
El RIDO
175d14224e set plurals for and credit Estonian translation 2021-04-16 18:27:12 +02:00
El RIDO
458ebcb321 incrementing version 2021-04-05 17:05:14 +02:00
El RIDO
da0896fe42 set plurals for and credit Catalan translation 2021-04-02 09:00:27 +02:00
El RIDO
5a9bcea3a9 set plurals for and credit Indonesian translation 2021-03-09 05:54:06 +01:00
El RIDO
b38ebc503e plural rules and documenting newly added languages 2021-01-07 21:16:03 +01:00
El RIDO
bb6a44ce7a remove double translation, avoid unsupported double quotes in INI file 2020-10-13 07:28:35 +02:00
Andreas Schneider
eb32ea1419 Make it possible to change the info text 
This makes it possible to change the last part of the info text and
replace it with something individual. E.g pointing to the cmdline
client.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2020-10-11 17:04:08 +02:00