skip badges in release export

switching to pre-rendered logo
fixing configuration test generator after PHP refactoring
2019-07-08 20:05:58 +02:00 · 2019-07-08 20:00:32 +02:00 · 2019-07-08 19:56:05 +02:00 · 2019-07-08 18:35:34 +02:00 · 2019-07-08 18:20:09 +02:00 · 2019-07-07 10:39:14 +02:00
166 changed files with 14644 additions and 7143 deletions
--- a/.codeclimate.yml
+++ b/.codeclimate.yml
@@ -1,5 +1,19 @@
 ---
-engines:
+version: "2"
+checks:
+  file-lines:
+    config:
+      threshold: 2000
+  method-complexity:
+    config:
+      threshold: 550
+  method-count:
+    config:
+      threshold: 50
+  method-lines:
+    config:
+      threshold: 250
+plugins:
  csslint:
    enabled: true
  duplication:
@@ -12,6 +26,8 @@ engines:
    enabled: true
  fixme:
    enabled: true
+  nodesecurity:
+    enabled: true
  phpmd:
    enabled: true
    checks:
@@ -29,11 +45,20 @@ engines:
        enabled: false
      CleanCode/StaticAccess:
        enabled: false
-ratings:
-  paths:
-  - "css/privatebin.css"
-  - "css/bootstrap/privatebin.css"
-  - "js/privatebin.js"
-  - "lib/**.php"
-  - "index.php"
-exclude_paths: []
+  sonar-php:
+    enabled: true
+    config:
+      tests_patterns:
+        - tst/**
+exclude_patterns:
+  - "cfg/"
+  - "css/"
+  - "!css/privatebin.css"
+  - "!css/noscript.css"
+  - "!css/bootstrap/privatebin.css"
+  - "js/"
+  - "!js/privatebin.js"
+  - "!js/common.js"
+  - "!js/test/"
+  - "vendor/"
+
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,18 +0,0 @@
-# Documentation, might leak version number
-CHANGELOG.md
-LICENSE.md
-CREDITS.md
-INSTALL.md
-README.md
-doc/
-
-# Dotfiles, pointless
-.codeclimate.yml
-.csslintrc
-.editorconfig
-.eslint*
-.git*
-.php_cs
-.styleci.yml
-.travis.yml
-.github
--- a/.editorconfig
+++ b/.editorconfig
@@ -11,7 +11,6 @@ insert_final_newline = true

 [*.css]
 indent_style = tab
-indent_size = 4

 [*.js]
 indent_style = space
@@ -23,7 +22,6 @@ indent_size = 4

 [*.jsonld]
 indent_style = tab
-indent_size = 4

 [*.php]
 indent_style = space
@@ -31,7 +29,6 @@ indent_size = 4

 [*.{htm,html}]
 indent_style = tab
-indent_size = 4

 [*.{md,markdown}]
 indent_style = space
--- a/.eslintignore
+++ b/.eslintignore
@@ -1 +1,2 @@
-**/*{.,-}min.js
+js/*.js
+!js/privatebin.js
--- a/.eslintrc
+++ b/.eslintrc
@@ -1,3 +1,6 @@
+parserOptions:
+  ecmaVersion: 2017
+
 ecmaFeatures:
  modules: true
  jsx: true
@@ -10,12 +13,22 @@ env:
  node: true

 globals:
-  sjcl: false
+  DOMPurify: false
+  after: true
+  before: true
+  cleanup: true
+  describe: false
+  it: false
+  jsc: false
+  jsdom: true
+  kjua: true

 # http://eslint.org/docs/rules/
 rules:
  # Possible Errors
-  comma-dangle: [2, never]
+  comma-dangle:
+    - error
+    - never
  no-cond-assign: 2
  no-console: 0
  no-constant-condition: 2
@@ -31,7 +44,9 @@ rules:
  no-extra-parens: 0
  no-extra-semi: 2
  no-func-assign: 2
-  no-inner-declarations: [2, functions]
+  no-inner-declarations:
+    - error
+    - functions
  no-invalid-regexp: 2
  no-irregular-whitespace: 2
  no-negated-in-lhs: 2
@@ -47,7 +62,9 @@ rules:
  # Best Practices
  accessor-pairs: 2
  block-scoped-var: 0
-  complexity: [2, 6]
+  complexity:
+    - error
+    - 20
  consistent-return: 0
  curly: 0
  default-case: 0
@@ -60,7 +77,6 @@ rules:
  no-case-declarations: 2
  no-div-regex: 2
  no-else-return: 0
-  no-empty-label: 2
  no-empty-pattern: 2
  no-eq-null: 2
  no-eval: 2
@@ -85,7 +101,7 @@ rules:
  no-octal-escape: 2
  no-octal: 2
  no-proto: 2
-  no-redeclare: 2
+  no-redeclare: 0
  no-return-assign: 2
  no-script-url: 2
  no-self-compare: 2
@@ -99,7 +115,7 @@ rules:
  no-with: 2
  radix: 2
  vars-on-top: 0
-  wrap-iife: 2
+  wrap-iife: 0
  yoda: 0

  # Strict
@@ -152,7 +168,9 @@ rules:
  max-len: 0
  max-nested-callbacks: 0
  max-params: 0
-  max-statements: [2, 30]
+  max-statements:
+    - error
+    - 60
  new-cap: 0
  new-parens: 0
  newline-after-var: 0
@@ -179,7 +197,9 @@ rules:
  operator-linebreak: 0
  padded-blocks: 0
  quote-props: 0
-  quotes: 0
+  quotes:
+    - error
+    - single
  require-jsdoc: 0
  semi-spacing: 0
  semi: 0
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,19 +1,21 @@
 doc/ export-ignore
 tst/ export-ignore
 js/.istanbul.yml export-ignore
-js/test.js export-ignore
-js/mocha-3.2.0.js export-ignore
-css/mocha-3.2.0.css export-ignore
+js/.nycrc.yml export-ignore
+js/common.js export-ignore
+js/test/ export-ignore
 .codeclimate.yml export-ignore
 .csslintrc export-ignore
-.dockerignore export-ignore
 .editorconfig export-ignore
 .eslintignore export-ignore
 .eslintrc export-ignore
 .gitattributes export-ignore
 .github export-ignore
 .gitignore export-ignore
+.jshintrc export-ignore
+.nsprc export-ignore
 .php_cs export-ignore
 .styleci.yml export-ignore
 .travis.yml export-ignore
-Dockerfile export-ignore
+composer.json export-ignore
+BADGES.md export-ignore
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -35,5 +35,4 @@ If you have access to the server log files, also copy them here.
 <!-- The version of PrivateBin, if you use an unstable version paste the commit hash or the GitHub link to the commit here (you can get it by running `git rev-parse HEAD`) -->
 **PrivateBin version:**

-* I can reproduce this issue on <https://privatebin.net>: Yes / No
-
+I can reproduce this issue on <https://privatebin.net>: Yes / No
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,9 @@
 # Ignore server files for safety
 .htaccess
 .htpasswd
+cfg/*
+!cfg/conf.sample.php
+!cfg/.htaccess

 # Ignore data/
 data/
@@ -27,10 +30,13 @@ vendor/**/tests
 vendor/**/build_phar.php
 !vendor/**/*.php

-# Ignore local node modules, unit testing logs, api docs and eclipse project files
+# Ignore local node modules, unit testing logs, api docs and IDE project files
 js/node_modules/
+js/test.log
 tst/log/
+tst/ConfigurationCombinationsTest.php
 .settings
 .buildpath
 .project
 .externalToolBuilders
+.c9
--- a/.htaccess.disabled
+++ b/.htaccess.disabled
@@ -1,3 +1,4 @@
 RewriteEngine on
+RewriteCond !%{HTTP_USER_AGENT} "Let's Encrypt validation server" [NC]
 RewriteCond %{HTTP_USER_AGENT} ^.*(bot|spider|crawl|https?://|WhatsApp|SkypeUriPreview|facebookexternalhit) [NC]
 RewriteRule .* - [R=403,L]
--- a/.jshintrc
+++ b/.jshintrc
@@ -0,0 +1,45 @@
+{
+    "bitwise": true,
+    "curly": true,
+    "eqeqeq": true,
+    "esversion": 6,
+    "forin": true,
+    "freeze": true,
+    "futurehostile": true,
+    "latedef": "nofunc",
+    "maxcomplexity": 25,
+    "maxdepth": 3,
+    "maxparams": 4,
+    "maxstatements": 100,
+    "noarg": true,
+    "nonbsp": true,
+    "nonew": true,
+    "quotmark": "single",
+    "singleGroups": true,
+    "strict": true,
+    "undef": true,
+    "unused": true,
+    "jquery": true,
+    "browser": true,
+    "predef": {
+      "after": true,
+      "before": true,
+      "cleanup": true,
+      "console": true,
+      "describe": false,
+      "document": true,
+      "fs": false,
+      "global": true,
+      "exports": true,
+      "it": false,
+      "jsc": false,
+      "jsdom": true,
+      "require": false,
+      "setTimeout": false,
+      "window": true
+    },
+    "globals": {
+      "DOMPurify": true,
+      "kjua": true
+    }
+}
--- a/.nsprc
+++ b/.nsprc
@@ -0,0 +1 @@
+{}
--- a/.styleci.yml
+++ b/.styleci.yml
@@ -3,14 +3,17 @@ preset: recommended
 risky: false

 enabled:
-  - no_empty_comment
  - align_equals
-  - long_array_syntax
  - concat_with_spaces
+  - long_array_syntax
+  - no_empty_comment
+  - pre_increment

 disabled:
  - blank_line_after_opening_tag
  - blank_line_before_return
+  - blank_line_before_throw
+  - blank_line_before_try
  - concat_without_spaces
  - declare_equal_normalize
  - heredoc_to_nowdoc
@@ -21,6 +24,7 @@ disabled:
  - phpdoc_separation
  - phpdoc_single_line_var_spacing
  - phpdoc_summary
+  - post_increment
  - short_array_syntax
  - single_line_after_imports
  - unalign_equals
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,17 +1,35 @@
 language: php
 sudo: false
 php:
-  - 5.5
-  - 5.6
-  - 7.0
+  - '5.5'
+  - '5.6'
+  - '7.0'
+  - '7.1'
+  - '7.2'
+  - '7.3'
+
+# as this is a php project, node.js (for JS unit testing) isn't installed
+install:
+  - if [ ! -d "$HOME/.nvm" ]; then mkdir -p $HOME/.nvm && curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.34.0/install.sh | NVM_METHOD=script bash; fi
+  - source ~/.nvm/nvm.sh && nvm install --lts

 before_script:
  - composer install -n
+  - npm install -g mocha
+  - cd js && npm install

 script:
-  - cd tst && ../vendor/phpunit/phpunit/phpunit
+  - mocha
+  - cd ../tst && ../vendor/bin/phpunit

 after_script:
-  - cd ..
-  - vendor/bin/codacycoverage clover tst/log/coverage-clover.xml
-  - vendor/bin/test-reporter --coverage-report tst/log/coverage-clover.xml
+  - ../vendor/bin/test-reporter --coverage-report log/coverage-clover.xml
+  - cd .. && vendor/bin/codacycoverage clover tst/log/coverage-clover.xml
+
+cache:
+  directories:
+    - $HOME/.composer/cache/files
+    - $HOME/.composer/cache/vcs
+    - $HOME/.nvm
+    - $HOME/.npm
+    - js/node_modules
--- a/BADGES.md
+++ b/BADGES.md
@@ -0,0 +1,9 @@
+# Badges
+
+[![Build Status](https://travis-ci.org/PrivateBin/PrivateBin.svg?branch=master)](https://travis-ci.org/PrivateBin/PrivateBin) [![Build Status](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/build.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/build-status/master)  
+[![Codacy Badge](https://api.codacy.com/project/badge/Grade/094500f62abf4c9aa0c8a8a4520e4789)](https://www.codacy.com/app/PrivateBin/PrivateBin)
+[![Code Climate](https://codeclimate.com/github/PrivateBin/PrivateBin/badges/gpa.svg)](https://codeclimate.com/github/PrivateBin/PrivateBin)
+[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/?branch=master)
+[![SensioLabsInsight](https://insight.sensiolabs.com/projects/57c9e74e-c6f9-4de6-a876-df66ec2ea1ff/mini.png)](https://insight.sensiolabs.com/projects/57c9e74e-c6f9-4de6-a876-df66ec2ea1ff)  
+[![Codacy Badge](https://api.codacy.com/project/badge/Coverage/094500f62abf4c9aa0c8a8a4520e4789)](https://www.codacy.com/app/PrivateBin/PrivateBin)
+[![Test Coverage](https://codeclimate.com/github/PrivateBin/PrivateBin/badges/coverage.svg)](https://codeclimate.com/github/PrivateBin/PrivateBin/coverage) [![Code Coverage](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/?branch=master)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,9 +1,47 @@
 # PrivateBin version history

-  * **next (not yet released)**
-    * ADDED: Translations for Spanish, Occitan and Norwegian
+  * **1.3 (not yet released)**
+    * ADDED: Translation for Czech (#424)
+    * ADDED: Threat modeled the application (#177)
+    * ADDED: Made compression configurable (#38)
+    * CHANGED: Minimum required PHP version is 5.5, due to a change in the identicon library
+    * CHANGED: Minimum required browser versions are Firefox 54, Chrome 57, Opera 44, Safari 11, Edge 16, due to use of WebCrypto API, async/await, ES6 & WebAssembly features - all Internet Explorer versions are incompatible
+    * CHANGED: JSON and encryption formats were changed to replace SJCL library by browser integrated WebCrypto API (#28, #74)
+    * CHANGED: Replaced rawdeflate.js with zlib.wasm to resolve decompression failures and gain compatibility with standard deflate implementations (#193, #260, #328, #434, #440)
+    * CHANGED: Increase PBKDF2 iterations to 100k (#350)
+    * CHANGED: Replaced last use of MD5 with Fowler–Noll–Vo checksum which produces the exact length we need for the paste ID (#49)
+    * CHANGED: Simplified some PHP code & renamed PrivateBin class into Controller, to make MVC pattern use more obvious (#342)
+    * CHANGED: Upgrading libraries to: identicon 1.2.0, random_compat 2.0.18, jQuery 3.4.1, Showdown 1.9.0, DOMpurify 1.0.11 & kjua 0.6.0
+    * FIXED: Prevent Chrome from sending content of paste to Google for translation (#378)
+    * FIXED: To support attachments larger then 2 MiB in newer Chrome versions, we switched to blob instead of data URIs (#432)
+    * FIXED: Since Outlook strips trailing equal signs in links, the key in URL hash is now base58 encoded, instead of base64 (#377)
+    * FIXED: Facebooks started injecting parameters into shared URLs for tracking that lead to inaccessible pastes (#396)
+    * FIXED: Properly escaped HTML in raw text mode (#358)
+    * FIXED: Made download links better readable in the dark bootstrap theme (#364)
+    * FIXED: Allow Letsencrypt bot to access on apache servers (#413)
+  * **1.2.1 (2018-08-11)**
+    * ADDED: Add support for mega.nz links in pastes and comments (#331)
+    * CHANGED: Added some missing Russian translations (#348)
+    * CHANGED: Minor PHP refactoring: Rename PrivateBin class to Controller, improved logic of some persistence classes (#342)
+    * CHANGED: Upgrading DOMpurify library to 1.0.7
+    * FIXED: Ensure legacy browsers without webcrypto support can't create paste keys with insufficient entropy (#346)
+    * FIXED: Re-add support for old browsers (Firefox&lt;21, Chrome&lt;31, Safari&lt;7, IE&lt;11), broken in 1.2, will be removed again in 1.3
+  * **1.2 (2018-07-22)**
+    * ADDED: Translations for Spanish, Occitan, Norwegian, Portuguese, Dutch and Hungarian
    * ADDED: Option in configuration to change the default "PrivateBin" title of the site
+    * ADDED: Added display of video, audio & PDF, drag & drop, preview of attachments (#182)
+    * ADDED: QR code generation (#169)
+    * ADDED: Introduced DOMpurify library to sanitize generated HTML before display (#183)
+    * CHANGED: Force JSON request for getting paste data & password retry (#216)
+    * CHANGED: Minimum required PHP version is 5.4 (#186)
+    * CHANGED: Shipped .htaccess files were updated for Apache 2.4 (#192)
    * CHANGED: Cleanup of bootstrap template variants and moved icons to `img` directory
+    * CHANGED: Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state
+    * CHANGED: Upgrading libraries to: SJCL 1.0.7, jQuery 3.3.1, Base64 2.4.5, Showdown 1.8.6, DOMpurify 1.0.5 & Prettify 453bd5f
+    * CHANGED: Refactored JavaScript code, making it modular with private and public functions, making it much easier to maintain (#178)
+    * FIXED: To counteract regressions introduced by the refactoring, we finally introduced property based unit testing for the JavaScript code, this caught several regressions, but also some very old bugs not found so far (#32)
+  * **1.1.1 (2017-10-06)**
+    * CHANGED: Switched to `.php` file extension for configuration file, to avoid leaking configuration data in unprotected installation.
  * **1.1 (2016-12-26)**
    * ADDED: Translations for Italian and Russian
    * ADDED: Loading message displayed until decryption succeeded for slower (in terms of CPU or network) systems
--- a/CREDITS.md
+++ b/CREDITS.md
@@ -3,7 +3,8 @@
 ## Active contributors

 Simon Rupf - current developer and maintainer  
-rugk - security review, doc improvment & various other stuff
+rugk - security review, doc improvment, JS refactoring & various other stuff  
+R4SAS - python client, compression, blob URI to support larger attachments

 ## Past contributions

@@ -12,7 +13,7 @@ Sébastien Sauvage - original idea and main developer
 * Alexey Gladkov - syntax highlighting
 * Greg Knaddison - robots.txt
 * MrKooky - HTML5 markup, CSS cleanup
-* Simon Rupf - MVC refactoring, configuration, i18n and unit tests
+* Simon Rupf - WebCrypto, unit tests, current docker containers, MVC, configuration, i18n
 * Hexalyse - Password protection
 * Viktor Stanchev - File upload support
 * azlux - Tab character input support
@@ -21,7 +22,9 @@ Sébastien Sauvage - original idea and main developer
 * Sobak - PSR-4 and PSR-2 refactoring
 * Nathaniel Olsen - jQuery upgrade
 * Alexander Demenshin - modal password dialog
-* PunKeel - Dockerfile
+* PunKeel - first docker container
+* thororm - Display of video, audio & PDF, drag & drop, preview of attachments
+* Harald Leithner - base58 encoding of key

 ## Translations
 * Hexalyse - French
@@ -35,3 +38,7 @@ Sébastien Sauvage - original idea and main developer
 * Alfredo Fabián Altamirano Tena - Spanish
 * Quent-in - Occitan
 * idarlund - Norwegian
+* Tulio Leao - Portuguese
+* Michael van Schaik - Dutch
+* Péter Tabajdi - Hungarian
+* info-path - Czech
--- a/17
+++ b/17
@@ -1,17 +0,0 @@
-FROM php:apache
-
-RUN apt-get update && apt-get install -y \
-        libfreetype6-dev \
-        libjpeg62-turbo-dev \
-        libpng12-dev \
-        wget \
-        zip \
-        unzip; \
-    # We install and enable php-gd
-    docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/; \
-    docker-php-ext-install -j$(nproc) gd; \
-
-    # We enable Apache's mod_rewrite
-    a2enmod rewrite
-
-COPY . .
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -3,14 +3,15 @@
 **TL;DR:** Download the
 [latest release archive](https://github.com/PrivateBin/PrivateBin/releases/latest)
 and extract it in your web hosts folder where you want to install your PrivateBin
-instance. We try to provide a safe default configuration, but we advise you to
-check the options and adjust them as you see fit.
+instance. We try to provide a mostly safe default configuration, but we urge you to
+check the [security section](#hardening-and-security) below and the [configuration
+options](#configuration) to adjust as you see fit.

-## Basic installation
+**NOTE:** See [our FAQ](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-can-i-securely-clonedownload-your-project) for information how to securely download the PrivateBin release files.

-### Requirements
+### Minimal requirements

- PHP version 5.3 or above
+- PHP version 5.5 or above
 - _one_ of the following sources of cryptographically safe randomness is required:
  - PHP 7 or higher
  - [Libsodium](https://download.libsodium.org/libsodium/content/installation/) and it's [PHP extension](https://paragonie.com/book/pecl-libsodium/read/00-intro.md#installing-libsodium)
@@ -20,37 +21,11 @@ check the options and adjust them as you see fit.
  
  Mcrypt needs to be able to access `/dev/urandom`. This means if `open_basedir` is set, it must include this file.
 - GD extension
- some disk space or (optional) a database supported by [PDO](https://secure.php.net/manual/book.pdo.php)
- ability to create files and folders in the installation directory and the PATH
+- some disk space or (optionally) a database supported by [PDO](https://secure.php.net/manual/book.pdo.php)
+- ability to create files and folders in the installation directory and the PATH defined in index.php
 - A web browser with javascript support

-### Configuration
-
-In the file `cfg/conf.ini` you can configure PrivateBin. A `cfg/conf.ini.sample`
-is provided containing all options and default values. You can copy it to
-`cfg/conf.ini` and adapt it as needed. The config file is divided into multiple
-sections, which are enclosed in square brackets.
-
-In the `[main]` section you can enable or disable the discussion feature, set
-the limit of stored pastes and comments in bytes. The `[traffic]` section lets
-you set a time limit in seconds. Users may not post more often then this limit
-to your PrivateBin installation.
-
-More details can be found in the
-[configuration documentation](https://github.com/PrivateBin/PrivateBin/wiki/Configuration).
-
-## Further configuration
-
-After (or before) setting up PrivateBin, also set up HTTPS, as without HTTPS
-PrivateBin is not secure. (
-[More information](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-should-i-setup-https))
-
-If you want to use PrivateBin behind Cloudflare, make sure you disabled Rocket
-loader and unchecked "Javascript" for Auto Minify, found in your domain settings,
-under "Speed". (More information
-[in this FAQ entry](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection))
-
-## Advanced installation
+## Hardening and security

 ### Changing the path

@@ -75,6 +50,35 @@ process (see also
 > PrivateBin will look for your includes / data here:
 > /home/example.com/secret/privatebin

+### Transport security
+
+When setting up PrivateBin, also set up HTTPS, if you haven't already. Without HTTPS
+PrivateBin is not secure, as the javascript files could be manipulated during transmission.
+For more information on this, see our [FAQ entry on HTTPS setup](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-should-i-setup-https).
+
+### File-level permissions
+
+After completing the installation, you should make sure, other users on the system cannot read the config file or the `data/` directory, as – depending on your configuration – potential secret information are saved there.
+
+See [this FAQ item](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#what-are-the-recommended-file-and-folder-permissions-for-privatebin) for a detailed guide on how to "harden" the permissions of files and folders.
+
+## Configuration
+
+In the file `cfg/conf.php` you can configure PrivateBin. A `cfg/conf.sample.php`
+is provided containing all options and default values. You can copy it to
+`cfg/conf.php` and adapt it as needed. The config file is divided into multiple
+sections, which are enclosed in square brackets.
+
+In the `[main]` section you can enable or disable the discussion feature, set
+the limit of stored pastes and comments in bytes. The `[traffic]` section lets
+you set a time limit in seconds. Users may not post more often then this limit
+to your PrivateBin installation.
+
+More details can be found in the
+[configuration documentation](https://github.com/PrivateBin/PrivateBin/wiki/Configuration).
+
+## Advanced installation
+
 ### Web server configuration

 A `robots.txt` file is provided in the root dir of PrivateBin. It disallows all
@@ -88,6 +92,13 @@ some known robots and link-scanning bots. If you use Apache, you can rename the
 file to `.htaccess` to enable this feature. If you use another webserver, you
 have to configure it manually to do the same.

+### When using Cloudflare
+
+If you want to use PrivateBin behind Cloudflare, make sure you have disabled the Rocket
+loader and unchecked "Javascript" for Auto Minify, found in your domain settings,
+under "Speed". (More information
+[in this FAQ entry](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection))
+
 ### Using a database instead of flat files

 In the configuration file the `[model]` and `[model_options]` sections let you
@@ -114,36 +125,47 @@ The table prefix option is called `tbl`.
 > If you gain any experience running PrivateBin on other RDBMS, please let us
 > know.

-For reference or if you want to create the table schema for yourself (replace
-`prefix_` with your own table prefix and create the table schema with phpMyAdmin
-or the MYSQL console):
+The following GRANTs (privileges) are required for the PrivateBin user in **MySQL**. In normal operation:
+- INSERT, SELECT, DELETE on the paste and comment tables
+- SELECT on the config table

-    CREATE TABLE prefix_paste (
-        dataid CHAR(16) NOT NULL,
-        data BLOB,
-        postdate INT,
-        expiredate INT,
-        opendiscussion INT,
-        burnafterreading INT,
-        meta TEXT,
-        attachment MEDIUMBLOB,
-        attachmentname BLOB,
-        PRIMARY KEY (dataid)
-    );
-    
-    CREATE TABLE prefix_comment (
-        dataid CHAR(16),
-        pasteid CHAR(16),
-        parentid CHAR(16),
-        data BLOB,
-        nickname BLOB,
-        vizhash BLOB,
-        postdate INT,
-        PRIMARY KEY (dataid)
-    );
-    CREATE INDEX parent ON prefix_comment(pasteid);
-    
-    CREATE TABLE prefix_config (
-        id CHAR(16) NOT NULL, value TEXT, PRIMARY KEY (id)
-    );
-    INSERT INTO prefix_config VALUES('VERSION', '1.1');
+If you want PrivateBin to handle table creation (when you create the first paste) and updates (after you update PrivateBin to a new release), you need to give the user these additional privileges:
+- CREATE, INDEX and ALTER on the database
+- INSERT and UPDATE on the config table
+
+For reference or if you want to create the table schema for yourself to avoid having to give PrivateBin too many permissions (replace
+`prefix_` with your own table prefix and create the table schema with your favourite MySQL console):
+
+```sql
+CREATE TABLE prefix_paste (
+    dataid CHAR(16) NOT NULL,
+    data BLOB,
+    postdate INT,
+    expiredate INT,
+    opendiscussion INT,
+    burnafterreading INT,
+    meta TEXT,
+    attachment MEDIUMBLOB,
+    attachmentname BLOB,
+    PRIMARY KEY (dataid)
+);
+
+CREATE TABLE prefix_comment (
+    dataid CHAR(16),
+    pasteid CHAR(16),
+    parentid CHAR(16),
+    data BLOB,
+    nickname BLOB,
+    vizhash BLOB,
+    postdate INT,
+    PRIMARY KEY (dataid)
+);
+CREATE INDEX parent ON prefix_comment(pasteid);
+
+CREATE TABLE prefix_config (
+    id CHAR(16) NOT NULL, value TEXT, PRIMARY KEY (id)
+);
+INSERT INTO prefix_config VALUES('VERSION', '1.3');
+```
+
+In **PostgreSQL**, the data, attachment, nickname and vizhash columns needs to be TEXT and not BLOB or MEDIUMBLOB.
--- a/LICENSE.md
+++ b/LICENSE.md
@@ -2,15 +2,15 @@

 PrivateBin consists of PHP and JS code which was originally written by Sébastien
 Sauvage in 2012 and falls unter the Zlib/libpng license. Also included are
-libraries that fall under the GPLv2 (SJCL, rawinflate, rawdeflate), BSD
-2-clause (SJCL), BSD 3-clause (base64.js version 2.1.9, Showdown), MIT
-(base64.js version 1.7, Bootstrap, Identicon, random_compat), Apache
-(prettify.js) and CC-BY (favicon, icon, logo) licenses. All of these license
-terms can be found here below:
+libraries that fall under the GPLv2 (rawinflate), BSD 3-clause (Showdown), MIT
+(base64.js version 1.7, Bootstrap, Identicon, random_compat, composer, kjua,
+base-x), Apache (prettify.js) and CC-BY (favicon, icon, logo) licenses. All of
+these license terms can be found here below:

-## Zlib/libpng license for PrivateBin
+## Zlib/libpng license for PrivateBin and zlib

 Copyright © 2012 Sébastien Sauvage
+Copyright © 1995-2017 Jean-loup Gailly and Mark Adler

 This software is provided 'as-is', without any express or implied warranty. In
 no event will the authors be held liable for any damages arising from the use
@@ -30,7 +30,7 @@ the following restrictions:

 3. This notice may not be removed or altered from any source distribution.

-## GNU General Public License, version 2.0, for SJCL, rawdeflate and rawinflate
+## GNU General Public License, version 2.0, for rawinflate

 _Version 2, June 1991_
 _Copyright © 1989, 1991 Free Software Foundation, Inc.,_
@@ -307,31 +307,6 @@ POSSIBILITY OF SUCH DAMAGES.

 END OF TERMS AND CONDITIONS

-## BSD 2-Clause License for SJCL
-
-_Copyright © 2009-2015, Emily Stark, Mike Hamburg and Dan Boneh at Stanford University._
-_All rights reserved._
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-1. Redistributions of source code must retain the above copyright notice, this
-   list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright notice,
-   this list of conditions and the following disclaimer in the documentation
-   and/or other materials provided with the distribution. 
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS” AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
-ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
 ## BSD 3-Clause License for Showdown

 Showdown Copyright © 2007, John Fraser
@@ -367,61 +342,16 @@ any theory of liability, whether in contract, strict liability, or tort
 (including negligence or otherwise) arising in any way out of the use of this
 software, even if advised of the possibility of such damage.

-## BSD 3-Clause License for base64.js version 2.1.9
-
-Copyright © 2014, Dan Kogai
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-* Redistributions of source code must retain the above copyright notice, this
-  list of conditions and the following disclaimer.
-
-* Redistributions in binary form must reproduce the above copyright notice,
-  this list of conditions and the following disclaimer in the documentation
-  and/or other materials provided with the distribution.
-
-* Neither the name of base64.js nor the names of its contributors may be used
-  to endorse or promote products derived from this software without specific
-  prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-## MIT License for base64.js version 1.7
+## MIT License for base64.js version 1.7, Bootstrap, Identicon, random_compat, Composer, kjua and base-x

 Copyright © 2012 Dan Kogai
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
-
-## MIT License for Bootstrap
-
 Copyright © 2011-2016 Twitter, Inc.
+Copyright © 2013 Benjamin Laugueux <benjamin@yzalis.com>
+Copyright © 2015 Paragon Initiative Enterprises
+Copyright © 2016 Nils Adermann, Jordi Boggiano
+Copyright © 2016 Lars Jung (https://larsjung.de)
+Copyright © 2018 base-x contributors
+Copyright © 2014-2018 The Bitcoin Core developers

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -441,72 +371,6 @@ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.

-## MIT License for Identicon
-
-Copyright © 2013 Benjamin Laugueux <benjamin@yzalis.com>
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is furnished
-to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
-
-## MIT License for random_compat
-
-Copyright © 2015 Paragon Initiative Enterprises
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-
-## MIT license for Composer
-
-Copyright (c) 2016 Nils Adermann, Jordi Boggiano
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is furnished
-to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
-
 ## Apache License for prettify.js

 _Version 2.0, January 2004_
--- a/README.md
+++ b/README.md
@@ -1,25 +1,18 @@
-# [<img alt="PrivateBin" src="https://cdn.rawgit.com/PrivateBin/assets/master/images/minified/logo.svg" width="500" />](https://privatebin.info/)
-[![Build Status](https://travis-ci.org/PrivateBin/PrivateBin.svg?branch=master)](https://travis-ci.org/PrivateBin/PrivateBin) [![Build Status](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/build.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/build-status/master)  
-[![Codacy Badge](https://api.codacy.com/project/badge/Grade/094500f62abf4c9aa0c8a8a4520e4789)](https://www.codacy.com/app/PrivateBin/PrivateBin)
-[![Code Climate](https://codeclimate.com/github/PrivateBin/PrivateBin/badges/gpa.svg)](https://codeclimate.com/github/PrivateBin/PrivateBin)
-[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/?branch=master)
-[![SensioLabsInsight](https://insight.sensiolabs.com/projects/57c9e74e-c6f9-4de6-a876-df66ec2ea1ff/mini.png)](https://insight.sensiolabs.com/projects/57c9e74e-c6f9-4de6-a876-df66ec2ea1ff)  
-[![Codacy Badge](https://api.codacy.com/project/badge/Coverage/094500f62abf4c9aa0c8a8a4520e4789)](https://www.codacy.com/app/PrivateBin/PrivateBin)
-[![Test Coverage](https://codeclimate.com/github/PrivateBin/PrivateBin/badges/coverage.svg)](https://codeclimate.com/github/PrivateBin/PrivateBin/coverage) [![Code Coverage](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/?branch=master)
+# [![PrivateBin](https://cdn.rawgit.com/PrivateBin/assets/master/images/preview/logoSmall.png)](https://privatebin.info/)

-*Current version: 1.1*
+*Current version: 1.3*

-**PrivateBin** is a minimalist, open source online pastebin where the server has
-zero knowledge of pasted data.
+**PrivateBin** is a minimalist, open source online [pastebin](https://en.wikipedia.org/wiki/Pastebin)
+where the server has zero knowledge of pasted data.

-Data is encrypted/decrypted in the browser using 256bit AES in [Galois Counter mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode).
+Data is encrypted and decrypted in the browser using 256bit AES in [Galois Counter mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode).

 This is a fork of ZeroBin, originally developed by
-[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). It was refactored
-to allow easier and cleaner extensions and has now much more features than the
-original. It is however still fully compatible to the original ZeroBin 0.19
-data storage scheme. Therefore such installations can be upgraded to this fork
-without loosing any data.
+[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). ZeroBin was refactored
+to allow easier and cleaner extensions. PrivateBin has many more features than the
+original ZeroBin. It is, however, still fully compatible to the original ZeroBin 0.19
+data storage scheme. Therefore, such installations can be upgraded to PrivateBin
+without losing any data.

 ## What PrivateBin provides

@@ -38,37 +31,37 @@ without loosing any data.

 ## What it doesn't provide

- As a user you have to trust the server administrator, your internet provider
-  and any country the traffic passes not to inject any malicious javascript code.
-  For a basic security the PrivateBin installation *has to provide HTTPS*!
-  Additionally it should be secured by
+- As a user you have to trust the server administrator not to inject any malicious
+  javascript code.
+  For basic security, the PrivateBin installation *has to provide HTTPS*!
+  Otherwise you would also have to trust your internet provider, and any country
+  the traffic passes through.
+  Additionally the instance should be secured by
  [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and
  ideally by [HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a
-  certificate either validated by a trusted third party (check the certificate
-  when first using a new PrivateBin instance) or self-signed by the server
-  operator, validated using a
+  certificate. It can use traditional certificate authorities and/or use
  [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions)
  protected
  [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities)
  record.

 - The "key" used to encrypt the paste is part of the URL. If you publicly post
-  the URL of a paste that is not password-protected, everybody can read it.
-  Use a password if you want your paste to be private. In this case make sure to
-  use a strong password and do only share it privately and end-to-end-encrypted.
+  the URL of a paste that is not password-protected, anyone can read it.
+  Use a password if you want your paste to be private. In this case, make sure to
+  use a strong password and only share it privately and end-to-end-encrypted.

 - A server admin might be forced to hand over access logs to the authorities.
-  PrivateBin encrypts your text and the discussion contents, but who accessed it
-  first might still be disclosed via such access logs.
+  PrivateBin encrypts your text and the discussion contents, but who accessed a
+  paste (first) might still be disclosed via access logs.

 - In case of a server breach your data is secure as it is only stored encrypted
-  on the server. However the server could be misused or the server admin could
+  on the server. However, the server could be misused or the server admin could
  be legally forced into sending malicious JavaScript to all web users, which
-  grabs the decryption key and send it to the server when a user accesses a
+  grabs the decryption key and sends it to the server when a user accesses a
  PrivateBin.  
-  Therefore do not access any PrivateBin instance if you think it has been
+  Therefore, do not access any PrivateBin instance if you think it has been
  compromised. As long as no user accesses this instance with a previously
-  generated URL, the content can''t be decrypted.
+  generated URL, the content can't be decrypted.

 ## Options

@@ -90,17 +83,19 @@ file](https://github.com/PrivateBin/PrivateBin/wiki/Configuration):
  to adjust size limit)

 * Templates: By default there are bootstrap CSS, darkstrap and "classic ZeroBin"
-  themes and it is easy to adapt these to your own websites layout or create
-  your own.
+  to choose from and it is easy to adapt these to your own websites layout or
+  create your own.

 * Translation system and automatic browser language detection (if enabled in
  browser)

 * Language selection (disabled by default, as it uses a session cookie)

+* QR code generation of URL, to easily transfer pastes over to a mobile device
+
 ## Further resources

-* [Installation guide](https://github.com/PrivateBin/PrivateBin/wiki/Installation)
+* [Installation guide](https://github.com/PrivateBin/PrivateBin/blob/master/INSTALL.md#installation)

 * [Upgrading from ZeroBin 0.19 Alpha](https://github.com/PrivateBin/PrivateBin/wiki/Upgrading-from-ZeroBin-0.19-Alpha)

--- a/cfg/.gitignore
+++ b/cfg/.gitignore
@@ -1 +0,0 @@
-/conf.ini
--- a/cfg/.htaccess
+++ b/cfg/.htaccess
@@ -1,2 +1 @@
-Allow from none
-Deny from all
+Require all denied
--- a/cfg/conf.sample.php
+++ b/cfg/conf.sample.php
@@ -1,3 +1,4 @@
+;<?php http_response_code(403); /*
 ; config file for PrivateBin
 ;
 ; An explanation of each setting can be find online at https://github.com/PrivateBin/PrivateBin/wiki/Configuration.
@@ -51,6 +52,10 @@ languageselection = false
 ; the pastes encryption key
 ; urlshortener = "https://shortener.example.com/api?link="

+; (optional) Let users create a QR code for sharing the paste URL with one click.
+; It works both when a new paste is created and when you view a paste.
+; qrcode = true
+
 ; (optional) IP based icons are a weak mechanism to detect if a comment was from
 ; a different user when the same username was used in a comment. It might be
 ; used to get the IP of a non anonymous comment poster if the server salt is
@@ -64,22 +69,31 @@ languageselection = false
 ; scripts or run your site behind certain DDoS-protection services.
 ; Check the documentation at https://content-security-policy.com/
 ; Note: If you use a bootstrap theme, you can remove the allow-popups from the sandbox restrictions.
-; cspheader = "default-src 'none'; manifest-src 'self'; connect-src *; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self' data:; referrer no-referrer; sandbox allow-same-origin allow-scripts allow-forms allow-popups"
+; By default this disallows to load images from third-party servers, e.g. when they are embedded in pastes. If you wish to allow that, you can adjust the policy here. See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-it-load-embedded-images for details.
+; cspheader = "default-src 'none'; manifest-src 'self'; connect-src *; script-src 'self' 'unsafe-eval'; style-src 'self'; font-src 'self'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals"

 ; stay compatible with PrivateBin Alpha 0.19, less secure
 ; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of
 ; sha256 in HMAC for the deletion token
-zerobincompatibility = false
+; zerobincompatibility = false
+
+; Enable or disable the warning message when the site is served over an insecure
+; connection (insecure HTTP instead of HTTPS), defaults to true.
+; Secure transport methods like Tor and I2P domains are automatically whitelisted.
+; It is **strongly discouraged** to disable this.
+; See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-it-show-me-an-error-about-an-insecure-connection for more information.
+; httpwarning = true
+
+; Pick compression algorithm or disable it. Only applies to pastes/comments
+; created after changing the setting.
+; Can be set to one these values: none / zlib (default).
+; compression = zlib

 [expire]
 ; expire value that is selected per default
 ; make sure the value exists in [expire_options]
 default = "1week"

-; optionally the "clone" button can be disabled on expiring pastes
-; note that this only hides the button, copy & paste is still possible
-; clone = false
-
 [expire_options]
 ; Set each one of these to the number of seconds in the expiration period,
 ; or 0 if it should never expire
--- a/composer.json
+++ b/composer.json
@@ -1,38 +1,44 @@
 {
-    "name": "privatebin/privatebin",
-    "description": "PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bit AES in Galois Counter mode (GCM).",
-    "type": "project",
-    "keywords": ["private", "secure", "end-to-end-encrypted", "e2e", "paste", "pastebin", "zero", "zero-knowledge", "encryption", "encrypted", "AES"],
-    "homepage": "https://github.com/PrivateBin",
-    "license":"zlib-acknowledgement",
-    "support": {
-        "issues": "https://github.com/PrivateBin/PrivateBin/issues",
-        "wiki": "https://github.com/PrivateBin/PrivateBin/wiki",
-        "source": "https://github.com/PrivateBin/PrivateBin",
-        "docs": "https://zerobin.dssr.ch/documentation/"
-    },
-    "repositories": [
-        {
-            "type": "vcs",
-            "url": "https://github.com/PrivateBin/PrivateBin"
-        }
-    ],
-    "require": {
-        "php": "^5.3.0 || ^7.0",
-        "paragonie/random_compat": "2.0.4",
-        "yzalis/identicon": "1.1.0"
-    },
-    "require-dev": {
-        "codacy/coverage": "dev-master",
-        "codeclimate/php-test-reporter": "dev-master",
-        "giorgiosironi/eris": "dev-master"
-    },
-    "autoload": {
-        "psr-4": {
-            "PrivateBin\\": "lib/"
-        }
-    },
-    "config": {
-        "autoloader-suffix": "DontChange"
-    }
-}
+	"name" : "privatebin/privatebin",
+	"description" : "PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bit AES in Galois Counter mode (GCM).",
+	"type" : "project",
+	"keywords" : [
+		"private",
+		"secure",
+		"end-to-end-encrypted",
+		"e2e",
+		"paste",
+		"pastebin",
+		"zero",
+		"zero-knowledge",
+		"encryption",
+		"encrypted",
+		"AES"
+	],
+	"homepage" : "https://privatebin.info/",
+	"license" : "zlib-acknowledgement",
+	"support" : {
+		"issues" : "https://github.com/PrivateBin/PrivateBin/issues",
+		"wiki" : "https://github.com/PrivateBin/PrivateBin/wiki",
+		"source" : "https://github.com/PrivateBin/PrivateBin",
+		"docs" : "https://privatebin.info/codedoc/"
+	},
+	"require" : {
+		"php" : "^5.5.0 || ^7.0",
+		"paragonie/random_compat" : "2.0.18",
+		"yzalis/identicon" : "1.2.0"
+	},
+	"require-dev" : {
+		"codacy/coverage" : "dev-master",
+		"codeclimate/php-test-reporter" : "dev-master",
+		"phpunit/phpunit" : "^4.6 || ^5.0"
+	},
+	"autoload" : {
+		"psr-4" : {
+			"PrivateBin\\" : "lib/"
+		}
+	},
+	"config" : {
+		"autoloader-suffix" : "DontChange"
+	}
+}
--- a/css/bootstrap/bootstrap-3.3.5.css
+++ b/css/bootstrap/bootstrap-3.3.5.css
--- a/css/bootstrap/bootstrap-3.4.1.css
+++ b/css/bootstrap/bootstrap-3.4.1.css
--- a/css/bootstrap/bootstrap-theme-3.4.1.css
+++ b/css/bootstrap/bootstrap-theme-3.4.1.css
--- a/css/bootstrap/darkstrap-0.9.3.css
+++ b/css/bootstrap/darkstrap-0.9.3.css
@@ -315,8 +315,8 @@ th {
 }
@font-face {
  font-family: 'Glyphicons Halflings';
-  src: url(fonts/../fonts/glyphicons-halflings-regular.eot?1445975532);
-  src: url(fonts/../fonts/glyphicons-halflings-regular.eot?&1445975532#iefix) format("embedded-opentype"), url(fonts/../fonts/glyphicons-halflings-regular.woff2?1445975532) format("woff2"), url(fonts/../fonts/glyphicons-halflings-regular.woff?1445975532) format("woff"), url(fonts/../fonts/glyphicons-halflings-regular.ttf?1445975532) format("truetype"), url(fonts/../fonts/glyphicons-halflings-regular.svg?1445975532#glyphicons_halflingsregular) format("svg");
+  src: url(fonts/glyphicons-halflings-regular.eot?1445975532);
+  src: url(fonts/glyphicons-halflings-regular.eot?&1445975532#iefix) format("embedded-opentype"), url(fonts/glyphicons-halflings-regular.woff2?1445975532) format("woff2"), url(fonts/glyphicons-halflings-regular.woff?1445975532) format("woff"), url(fonts/glyphicons-halflings-regular.ttf?1445975532) format("truetype"), url(fonts/glyphicons-halflings-regular.svg?1445975532#glyphicons_halflingsregular) format("svg");
 }
 .glyphicon {
  position: relative;
--- a/css/bootstrap/privatebin.css
+++ b/css/bootstrap/privatebin.css
@@ -6,7 +6,7 @@
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.1
+ * @version   1.3
 */

 body {
@@ -17,6 +17,10 @@ body.navbar-spacing {
 	padding-top: 70px;
 }

+body.loading {
+	cursor: wait;
+}
+
 .buttondisabled {
 	opacity: 0.3;
 }
@@ -64,14 +68,36 @@ body.navbar-spacing {
 	margin-right: 8px;
 }

-#image img {
+#attachmentPreview img {
 	max-width: 100%;
 	height: auto;
 	margin-bottom: 20px;
 }

+#attachmentPreview .pdfPreview {
+	width: 100%;
+	height: 100vh;
+	margin-bottom: 20px;
+}
+
+.dragAndDropFile{
+	color:#777;
+	font-size:1em;
+	display:inline;
+}
+
 #deletelink {
 	float: right;
+	margin-left: 5px;
+}
+
+#qrcodemodalClose {
+	float: right;
+}
+#qrcode-display {
+	width: 200px;
+	height: 200px;
+	margin: auto;
 }

 #pastelink {
@@ -102,6 +128,12 @@ body.navbar-spacing {
 	border-left: 1px solid #ccc;
 	padding: 5px 0 5px 10px;
 	white-space: pre-wrap;
+	transition: background-color 0.75s ease-out;
+}
+
+.comment.highlight {
+	background-color: #ffdd86;
+	transition: background-color 0.2s ease-in;
 }

 footer h4 {
@@ -111,3 +143,7 @@ footer h4 {
 li.L0, li.L1, li.L2, li.L3, li.L5, li.L6, li.L7, li.L8 {
 	list-style-type: decimal !important;
 }
+
+.dark-theme .alert-info .alert-link {
+	color: #fff;
+}
--- a/css/noscript.css
+++ b/css/noscript.css
@@ -6,7 +6,7 @@
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.0
+ * @version   1.3
 */

 /* When there is no script at all other */
--- a/css/prettify/desert.css
+++ b/css/prettify/desert.css
@@ -1 +1 @@
-pre.prettyprint{display:block;background-color:#333}pre .nocode{background-color:none;color:#000}pre .str{color:#ffa0a0}pre .kwd{color:#f0e68c;font-weight:bold}pre .com{color:#87ceeb}pre .typ{color:#98fb98}pre .lit{color:#cd5c5c}pre .pun{color:#fff}pre .pln{color:#fff}pre .tag{color:#f0e68c;font-weight:bold}pre .atn{color:#bdb76b;font-weight:bold}pre .atv{color:#ffa0a0}pre .dec{color:#98fb98}ol.linenums{margin-top:0;margin-bottom:0;color:#aeaeae}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{pre.prettyprint{background-color:none}pre .str,code .str{color:#060}pre .kwd,code .kwd{color:#006;font-weight:bold}pre .com,code .com{color:#600;font-style:italic}pre .typ,code .typ{color:#404;font-weight:bold}pre .lit,code .lit{color:#044}pre .pun,code .pun{color:#440}pre .pln,code .pln{color:#000}pre .tag,code .tag{color:#006;font-weight:bold}pre .atn,code .atn{color:#404}pre .atv,code .atv{color:#060}}
+pre .atn,pre .kwd,pre .tag{font-weight:700}pre.prettyprint{display:block;background-color:#333}pre .nocode{background-color:none;color:#000}pre .str{color:#ffa0a0}pre .kwd{color:khaki}pre .com{color:#87ceeb}pre .typ{color:#98fb98}pre .lit{color:#cd5c5c}pre .pln,pre .pun{color:#fff}pre .tag{color:khaki}pre .atn{color:#bdb76b}pre .atv{color:#ffa0a0}pre .dec{color:#98fb98}ol.linenums{margin-top:0;margin-bottom:0;color:#AEAEAE}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{pre.prettyprint{background-color:none}code .str,pre .str{color:#060}code .kwd,pre .kwd{color:#006;font-weight:700}code .com,pre .com{color:#600;font-style:italic}code .typ,pre .typ{color:#404;font-weight:700}code .lit,pre .lit{color:#044}code .pun,pre .pun{color:#440}code .pln,pre .pln{color:#000}code .tag,pre .tag{color:#006;font-weight:700}code .atn,pre .atn{color:#404}code .atv,pre .atv{color:#060}}
--- a/css/prettify/doxy.css
+++ b/css/prettify/doxy.css
@@ -1 +1 @@
-pre .str,code .str{color:#fec243}pre .kwd,code .kwd{color:#8470ff}pre .com,code .com{color:#32cd32;font-style:italic}pre .typ,code .typ{color:#6ecbcc}pre .lit,code .lit{color:#d06}pre .pun,code .pun{color:#8b8970}pre .pln,code .pln{color:#f0f0f0}pre .tag,code .tag{color:#9c9cff}pre .htm,code .htm{color:#dda0dd}pre .xsl,code .xsl{color:#d0a0d0}pre .atn,code .atn{color:#46eeee;font-weight:normal}pre .atv,code .atv{color:#eeb4b4}pre .dec,code .dec{color:#3387cc}a{text-decoration:none}pre.prettyprint,code.prettyprint{font-family:'Droid Sans Mono','CPMono_v07 Bold','Droid Sans';font-weight:bold;font-size:9pt;background-color:#0f0f0f;-moz-border-radius:8px;-webkit-border-radius:8px;-o-border-radius:8px;-ms-border-radius:8px;-khtml-border-radius:8px;border-radius:8px}pre.prettyprint{width:95%;margin:1em auto;padding:1em;white-space:pre-wrap}pre.prettyprint a,code.prettyprint a{text-decoration:none}ol.linenums{margin-top:0;margin-bottom:0;color:#8b8970}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{pre.prettyprint,code.prettyprint{background-color:#fff}pre .str,code .str{color:#088}pre .kwd,code .kwd{color:#006;font-weight:bold}pre .com,code .com{color:#0c3;font-style:italic}pre .typ,code .typ{color:#404;font-weight:bold}pre .lit,code .lit{color:#044}pre .pun,code .pun{color:#440}pre .pln,code .pln{color:#000}pre .tag,code .tag{color:#b66ff7;font-weight:bold}pre .htm,code .htm{color:#606;font-weight:bold}pre .xsl,code .xsl{color:#606;font-weight:bold}pre .atn,code .atn{color:#c71585;font-weight:normal}pre .atv,code .atv{color:#088;font-weight:normal}}
+a,code.prettyprint a,pre.prettyprint a{text-decoration:none}code .str,pre .str{color:#fec243}code .kwd,pre .kwd{color:#8470FF}code .com,pre .com{color:#32cd32;font-style:italic}code .typ,pre .typ{color:#6ecbcc}code .lit,pre .lit{color:#d06}code .pun,pre .pun{color:#8B8970}code .pln,pre .pln{color:#f0f0f0}code .tag,pre .tag{color:#9c9cff}code .htm,pre .htm{color:plum}code .xsl,pre .xsl{color:#d0a0d0}code .atn,pre .atn{color:#46eeee;font-weight:400}code .atv,pre .atv{color:#EEB4B4}code .dec,pre .dec{color:#3387CC}code.prettyprint,pre.prettyprint{font-family:'Droid Sans Mono','CPMono_v07 Bold','Droid Sans';font-weight:700;font-size:9pt;background-color:#0f0f0f;-moz-border-radius:8px;-webkit-border-radius:8px;-o-border-radius:8px;-ms-border-radius:8px;-khtml-border-radius:8px;border-radius:8px}pre.prettyprint{width:95%;margin:1em auto;padding:1em;white-space:pre-wrap}ol.linenums{margin-top:0;margin-bottom:0;color:#8B8970}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{code.prettyprint,pre.prettyprint{background-color:#fff}code .str,pre .str{color:#088}code .kwd,pre .kwd{color:#006;font-weight:700}code .com,pre .com{color:#oc3;font-style:italic}code .typ,pre .typ{color:#404;font-weight:700}code .lit,pre .lit{color:#044}code .pun,pre .pun{color:#440}code .pln,pre .pln{color:#000}code .tag,pre .tag{color:#b66ff7;font-weight:700}code .htm,code .xsl,pre .htm,pre .xsl{color:#606;font-weight:700}code .atn,pre .atn{color:#c71585;font-weight:400}code .atv,pre .atv{color:#088;font-weight:400}}
--- a/css/prettify/prettify.css
+++ b/css/prettify/prettify.css
@@ -1 +1 @@
-.pln{color:#000}@media screen{.str{color:#080}.kwd{color:#008}.com{color:#800}.typ{color:#606}.lit{color:#066}.pun,.opn,.clo{color:#660}.tag{color:#008}.atn{color:#606}.atv{color:#080}.dec,.var{color:#606}.fun{color:red}}@media print,projection{.str{color:#060}.kwd{color:#006;font-weight:bold}.com{color:#600;font-style:italic}.typ{color:#404;font-weight:bold}.lit{color:#044}.pun,.opn,.clo{color:#440}.tag{color:#006;font-weight:bold}.atn{color:#404}.atv{color:#060}}pre.prettyprint{padding:2px;border:1px solid #888}ol.linenums{margin-top:0;margin-bottom:0}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}li.L1,li.L3,li.L5,li.L7,li.L9{background:#eee}
+.pln{color:#000}@media screen{.str{color:#080}.kwd{color:#008}.com{color:#800}.typ{color:#606}.lit{color:#066}.clo,.opn,.pun{color:#660}.tag{color:#008}.atn{color:#606}.atv{color:#080}.dec,.var{color:#606}.fun{color:red}}@media print,projection{.kwd,.tag,.typ{font-weight:700}.str{color:#060}.kwd{color:#006}.com{color:#600;font-style:italic}.typ{color:#404}.lit{color:#044}.clo,.opn,.pun{color:#440}.tag{color:#006}.atn{color:#404}.atv{color:#060}}pre.prettyprint{padding:2px;border:1px solid #888}ol.linenums{margin-top:0;margin-bottom:0}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}li.L1,li.L3,li.L5,li.L7,li.L9{background:#eee}
--- a/css/prettify/sons-of-obsidian.css
+++ b/css/prettify/sons-of-obsidian.css
@@ -1 +1 @@
-.str{color:#ec7600}.kwd{color:#93c763}.com{color:#66747b}.typ{color:#678cb1}.lit{color:#facd22}.pun{color:#f1f2f3}.pln{color:#f1f2f3}.tag{color:#8ac763}.atn{color:#e0e2e4}.atv{color:#ec7600}.dec{color:purple}pre.prettyprint{border:0 solid #888}ol.linenums{margin-top:0;margin-bottom:0}.prettyprint{background:#000}li.L0,li.L1,li.L2,li.L3,li.L4,li.L5,li.L6,li.L7,li.L8,li.L9{color:#555;list-style-type:decimal}li.L1,li.L3,li.L5,li.L7,li.L9{background:#111}@media print{.str{color:#060}.kwd{color:#006;font-weight:bold}.com{color:#600;font-style:italic}.typ{color:#404;font-weight:bold}.lit{color:#044}.pun{color:#440}.pln{color:#000}.tag{color:#006;font-weight:bold}.atn{color:#404}.atv{color:#060}}
+.str{color:#EC7600}.kwd{color:#93C763}.com{color:#66747B}.typ{color:#678CB1}.lit{color:#FACD22}.pln,.pun{color:#F1F2F3}.tag{color:#8AC763}.atn{color:#E0E2E4}.atv{color:#EC7600}.dec{color:purple}pre.prettyprint{border:0 solid #888}ol.linenums{margin-top:0;margin-bottom:0}.prettyprint{background:#000}li.L0,li.L1,li.L2,li.L3,li.L4,li.L5,li.L6,li.L7,li.L8,li.L9{color:#555;list-style-type:decimal}li.L1,li.L3,li.L5,li.L7,li.L9{background:#111}@media print{.kwd,.tag,.typ{font-weight:700}.str{color:#060}.kwd{color:#006}.com{color:#600;font-style:italic}.typ{color:#404}.lit{color:#044}.pun{color:#440}.pln{color:#000}.tag{color:#006}.atn{color:#404}.atv{color:#060}}
--- a/css/prettify/sunburst.css
+++ b/css/prettify/sunburst.css
@@ -1 +1 @@
-pre .str,code .str{color:#65b042}pre .kwd,code .kwd{color:#e28964}pre .com,code .com{color:#aeaeae;font-style:italic}pre .typ,code .typ{color:#89bdff}pre .lit,code .lit{color:#3387cc}pre .pun,code .pun{color:#fff}pre .pln,code .pln{color:#fff}pre .tag,code .tag{color:#89bdff}pre .atn,code .atn{color:#bdb76b}pre .atv,code .atv{color:#65b042}pre .dec,code .dec{color:#3387cc}pre.prettyprint,code.prettyprint{background-color:#000;-moz-border-radius:8px;-webkit-border-radius:8px;-o-border-radius:8px;-ms-border-radius:8px;-khtml-border-radius:8px;border-radius:8px}pre.prettyprint{width:95%;margin:1em auto;padding:1em;white-space:pre-wrap}ol.linenums{margin-top:0;margin-bottom:0;color:#aeaeae}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{pre .str,code .str{color:#060}pre .kwd,code .kwd{color:#006;font-weight:bold}pre .com,code .com{color:#600;font-style:italic}pre .typ,code .typ{color:#404;font-weight:bold}pre .lit,code .lit{color:#044}pre .pun,code .pun{color:#440}pre .pln,code .pln{color:#000}pre .tag,code .tag{color:#006;font-weight:bold}pre .atn,code .atn{color:#404}pre .atv,code .atv{color:#060}}
+code .str,pre .str{color:#65B042}code .kwd,pre .kwd{color:#E28964}code .com,pre .com{color:#AEAEAE;font-style:italic}code .typ,pre .typ{color:#89bdff}code .lit,pre .lit{color:#3387CC}code .pln,code .pun,pre .pln,pre .pun{color:#fff}code .tag,pre .tag{color:#89bdff}code .atn,pre .atn{color:#bdb76b}code .atv,pre .atv{color:#65B042}code .dec,pre .dec{color:#3387CC}code.prettyprint,pre.prettyprint{background-color:#000;border-radius:8px}pre.prettyprint{width:95%;margin:1em auto;padding:1em;white-space:pre-wrap}ol.linenums{margin-top:0;margin-bottom:0;color:#AEAEAE}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{code .str,pre .str{color:#060}code .kwd,pre .kwd{color:#006;font-weight:700}code .com,pre .com{color:#600;font-style:italic}code .typ,pre .typ{color:#404;font-weight:700}code .lit,pre .lit{color:#044}code .pun,pre .pun{color:#440}code .pln,pre .pln{color:#000}code .tag,pre .tag{color:#006;font-weight:700}code .atn,pre .atn{color:#404}code .atv,pre .atv{color:#060}}
--- a/css/privatebin.css
+++ b/css/privatebin.css
@@ -6,7 +6,7 @@
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.1
+ * @version   1.3
 */

 /*  CSS Reset from YUI 3.4.1 (build 4118) - Copyright 2011 Yahoo! Inc. All rights reserved.
@@ -72,13 +72,13 @@ h3.title {
 	bottom: 8px;
 }

-#aboutbox { 
-	color: #94a3b4; 
+#aboutbox {
+	color: #94a3b4;
 	padding: 4px 8px 4px 16px;
-	position: relative; 
+	position: relative;
 	top: 10px;
 	border-left: 2px solid #94a3b4;
-	float: right;  
+	float: right;
 	width: 60%;
 }

@@ -104,17 +104,29 @@ h3.title {
 	font-family: Consolas, "Lucida Console", "DejaVu Sans Mono", Monaco, monospace;
 }

-#image img {
+#attachmentPreview img {
 	max-width: 100%;
 	height: auto;
 }

-#status { 
+#attachmentPreview .pdfPreview {
+	width: 100%;
+	height: 100vh;
+	margin-bottom: 20px;
+}
+
+.dragAndDropFile{
+        color:#777;
+        font-size:1em;
+        display:inline;
+}
+
+#status {
 	clear: both;
 	padding: 5px 10px;
 }

-#pasteresult { 
+#pasteresult {
 	background-color: #1F2833;
 	color: #fff;
 	padding: 4px 12px;
@@ -132,7 +144,7 @@ h3.title {

 #toolbar, #status { margin-bottom: 5px; }

-#copyhint { color: #666; font-size: 0.85em; }
+#copyhint { color: #666; font-size: 0.85em }

 button, .button {
 	color: #fff;
@@ -249,7 +261,7 @@ input {
 	font-weight: bold !important;
 }

-#image, .nonworking {
+#attachmentPreview, .nonworking {
 	background-color: #fff;
 	color: #000;
 	width: 100%;
@@ -278,9 +290,9 @@ input {

 #ienotice a { color: #000; }

-#oldienotice { display: none; }
+#oldnotice, #httpnotice { display: none; }

-.errorMessage {
+#errormessage, .errorMessage {
 	background-color: #f77 !important;
 	color:#ff0;
 }
--- a/doc/README.md
+++ b/doc/README.md
@@ -20,7 +20,7 @@ $ sudo pear install phpdoc/phpDocumentor
 To generate the documentation, change into the main directory and run phpdoc:
 ```console
 $ cd PrivateBin
-$ phpdoc -t doc/phpdoc -d lib/
+$ phpdoc --visibility public,protected,private -t doc/phpdoc -d lib/
 ```

 **Note:** When used with PHP 7, the prerelease of phpDocumentator 2.9 needs to be
@@ -55,6 +55,6 @@ $ ln -s /usr/bin/nodejs /usr/local/bin/node
 To generate the documentation, change into the main directory and run phpdoc:
 ```console
 $ cd PrivateBin
-$ jsdoc -d doc/jsdoc js/privatebin.js
+$ jsdoc -p -d doc/jsdoc js/privatebin.js
 ```

--- a/i18n/cs.json
+++ b/i18n/cs.json
@@ -0,0 +1,165 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s je minimalistický open source 'pastebin' server, který neanalyzuje vložená data. Data jsou šifrována <i>v prohlížeči</i> pomocí 256 bitů AES. Více informací na <a href=\"https://privatebin.info/\">stránce projetu</a>.",
+    "Because ignorance is bliss":
+        "Protože nevědomost je sladká",
+    "en": "cs",
+    "Paste does not exist, has expired or has been deleted.":
+        "Vložený text neexistuje, expiroval nebo byl odstraněn.",
+    "%s requires php %s or above to work. Sorry.":
+        "%s vyžaduje php %s nebo vyšší. Lituji.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s requires configuration section [%s] to be present in configuration file.",
+    "Please wait %d seconds between each post.":
+        "Počet sekund do dalšího příspěvku: %d.",
+    "Paste is limited to %s of encrypted data.":
+        "Příspěvek je limitován na %s šífrovaných dat",
+    "Invalid data.":
+        "Chybná data.",
+    "You are unlucky. Try again.":
+        "Lituji, zkuste to znovu.",
+    "Error saving comment. Sorry.":
+        "Chyba při ukládání komentáře.",
+    "Error saving paste. Sorry.":
+        "Chyba při ukládání příspěvku.",
+    "Invalid paste ID.":
+        "Chybně vložené ID.",
+    "Paste is not of burn-after-reading type.":
+        "Paste is not of burn-after-reading type.",
+    "Wrong deletion token. Paste was not deleted.":
+        "Wrong deletion token. Paste was not deleted.",
+    "Paste was properly deleted.":
+        "Paste was properly deleted.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "JavaScript is required for %s to work.<br />Sorry for the inconvenience.",
+    "%s requires a modern browser to work.":
+        "%%s requires a modern browser to work.",
+    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
+        "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:",
+    "New":
+        "Nový",
+    "Send":
+        "Odeslat",
+    "Clone":
+        "Klonovat",
+    "Raw text":
+        "Pouze Text",
+    "Expires":
+        "Expirace",
+    "Burn after reading":
+        "Po přečtení smazat",
+    "Open discussion":
+        "Povolit komentáře",
+    "Password (recommended)":
+        "Heslo (doporučeno)",
+    "Discussion":
+        "Komentáře",
+    "Toggle navigation":
+        "Toggle navigation",
+    "%d seconds": ["%d sekuda", "%d sekundy", "%d sekund"],
+    "%d minutes": ["%d minuta", "%d minuty", "%d minut"],
+    "%d hours": ["%d hodin", "%d hodiny", "%d hodin"],
+    "%d days": ["%d den", "%d dny", "%d dní"],
+    "%d weeks": ["%d týden", "%d týdeny", "%d týdnů"],
+    "%d months": ["%d měsíc", "%d měsíce", "%d měsíců"],
+    "%d years": ["%d rok", "%d roky", "%d roků"],
+    "Never":
+        "Nikdy",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
+        "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.",
+    "This document will expire in %d seconds.":
+        ["Tento dokument expiruje za %d sekundu.", "Tento dokument expiruje za %d sekundy.", "Tento dokument expiruje za %d sekund."],
+    "This document will expire in %d minutes.":
+        ["Tento dokument expiruje za %d minutu.", "Tento dokument expiruje za %d minuty.", "Tento dokument expiruje za %d minut."],
+    "This document will expire in %d hours.":
+        ["Tento dokument expiruje za %d hodinu.", "Tento dokument expiruje za %d hodiny.", "Tento dokument expiruje za %d hodin."],
+    "This document will expire in %d days.":
+        ["Tento dokument expiruje za %d den.", "Tento dokument expiruje za %d dny.", "Tento dokument expiruje za %d dny."],
+    "This document will expire in %d months.":
+        ["Tento dokument expiruje za %d měsíc.", "Tento dokument expiruje za %d měsíce.", "Tento dokument expiruje za %d měsíců."],
+    "Please enter the password for this paste:":
+        "Zadejte prosím heslo:",
+    "Could not decrypt data (Wrong key?)":
+        "Could not decrypt data (Wrong key?)",
+    "Could not delete the paste, it was not stored in burn after reading mode.":
+        "Could not delete the paste, it was not stored in burn after reading mode.",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
+        "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.",
+    "Could not decrypt comment; Wrong key?":
+        "Could not decrypt comment; Wrong key?",
+    "Reply":
+        "Reply",
+    "Anonymous":
+        "Anonym",
+    "Avatar generated from IP address":
+        "Avatar generated from IP address",
+    "Add comment":
+        "Přidat komentář",
+    "Optional nickname…":
+        "Volitelný nickname…",
+    "Post comment":
+        "Odeslat komentář",
+    "Sending comment…":
+        "Odesílání komentáře…",
+    "Comment posted.":
+        "Komentář odeslán.",
+    "Could not refresh display: %s":
+        "Could not refresh display: %s",
+    "unknown status":
+        "neznámý stav",
+    "server error or not responding":
+        "Chyba na serveru nebo server neodpovídá",
+    "Could not post comment: %s":
+        "Nelze odeslat komentář: %s",
+    "Sending paste…":
+        "Odesílání příspěvku…",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
+        "Váš link je <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Stiskněte [Ctrl]+[c] pro zkopírování)</span>",
+    "Delete data":
+        "Odstranit data",
+    "Could not create paste: %s":
+        "Nelze vytvořit příspěvek: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
+        "Nepodařilo se dešifrovat příspěvek: V adrese chybí dešifrovací klíč (Možnou příčinou může být URL shortener?)",
+    "Format": "Formát",
+    "Plain Text": "Prostý Text",
+    "Source Code": "Zdrojový kód",
+    "Markdown": "Markdown",
+    "Download attachment": "Stáhnout přílohu",
+    "Cloned: '%s'": "Klonováno: '%s'",
+    "The cloned file '%s' was attached to this paste.": "The cloned file '%s' was attached to this paste.",
+    "Attach a file": "Připojit soubor",
+    "alternatively drag & drop a file or paste an image from the clipboard": "alternatively drag & drop a file or paste an image from the clipboard",
+    "File too large, to display a preview. Please download the attachment.": "Soubor je příliš velký pro zobrazení náhledu. Stáhněte si přílohu.",
+    "Remove attachment": "Odstranit přílohu",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.":
+        "Váš prohlížeč nepodporuje nahrávání šifrovaných souborů. Použijte modernější verzi prohlížeče.",
+    "Invalid attachment.": "Chybná příloha.",
+    "Options": "Volby",
+    "Shorten URL": "Shorten URL",
+    "Editor": "Editor",
+    "Preview": "Náhled",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
+    "Decrypt":
+        "Decrypt",
+    "Enter password":
+        "Zadejte heslo",
+    "Loading…": "Loading…",
+    "Decrypting paste…": "Decrypting paste…",
+    "Preparing new paste…": "Preparing new paste…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.",
+    "+++ no paste text +++": "+++ žádný vložený text +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s",
+    "QR code": "QR code",
+    "I love you too, bot…": "I love you too, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "This website is using an insecure HTTP connection! Please use it only for testing.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "For more information <a href=\"%s\">see this FAQ entry</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>."
+}
--- a/i18n/de.json
+++ b/i18n/de.json
@@ -7,8 +7,8 @@
    "en": "de",
    "Paste does not exist, has expired or has been deleted.":
        "Diesen Text gibt es nicht, er ist abgelaufen oder wurde gelöscht.",
-    "%s requires php 5.3.0 or above to work. Sorry.":
-        "%s benötigt PHP 5.3.0 oder höher, um zu funktionieren. Sorry.",
+    "%s requires php %s or above to work. Sorry.":
+        "%s benötigt PHP %s oder höher, um zu funktionieren. Sorry.",
    "%s requires configuration section [%s] to be present in configuration file.":
        "%s benötigt den Konfigurationsabschnitt [%s] in der Konfigurationsdatei um zu funktionieren.",
    "Please wait %d seconds between each post.":
@@ -48,13 +48,13 @@
    "Expires":
        "Ablaufzeit",
    "Burn after reading":
-        "Einmal-Text",
+        "Nach dem Lesen löschen",
    "Open discussion":
-        "Diskussion eröffnen",
+        "Kommentare aktivieren",
    "Password (recommended)":
        "Passwort (empfohlen)",
    "Discussion":
-        "Diskussion",
+        "Kommentare",
    "Toggle navigation":
        "Navigation umschalten",
    "%d seconds": ["%d Sekunde", "%d Sekunden"],
@@ -83,54 +83,55 @@
    "Could not decrypt data (Wrong key?)":
        "Konnte Daten nicht entschlüsseln (Falscher Schlüssel?)",
    "Could not delete the paste, it was not stored in burn after reading mode.":
-        "Konnte den Text nicht löschen, er wurde nicht im Einmal-Modus gespeichert.",
+        "Konnte das Paste nicht löschen, es wurde nicht im Einmal-Modus gespeichert.",
    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
-        "DIESER TEXT IST NUR FÜR DICH GEDACHT. Schliesse das Fenster nicht, diese Nachricht kann nur einmal geöffnet werden.",
+        "DIESER TEXT IST NUR FÜR DICH GEDACHT. Schließe das Fenster nicht, diese Nachricht kann nur einmal geöffnet werden.",
    "Could not decrypt comment; Wrong key?":
        "Konnte Kommentar nicht entschlüsseln; Falscher Schlüssel?",
    "Reply":
        "Antworten",
    "Anonymous":
        "Anonym",
-    "Anonymous avatar (Vizhash of the IP address)":
-        "Anonymer Avatar (Vizhash der IP-Addresse)",
+    "Avatar generated from IP address":
+        "Avatar (generiert aus der IP-Adresse)",
    "Add comment":
        "Kommentar hinzufügen",
-    "Optional nickname...":
-        "Optionales Pseudonym...",
+    "Optional nickname…":
+        "Optionales Pseudonym…",
    "Post comment":
        "Kommentar absenden",
-    "Sending comment...":
-        "Sende Kommentar...",
+    "Sending comment…":
+        "Sende Kommentar…",
    "Comment posted.":
        "Kommentar gesendet.",
    "Could not refresh display: %s":
-        "Konnte Ansicht nicht aktualisieren: %s",
+        "Ansicht konnte nicht aktualisiert werden: %s",
    "unknown status":
        "Unbekannter Grund",
    "server error or not responding":
        "Fehler auf dem Server oder keine Antwort vom Server",
    "Could not post comment: %s":
        "Konnte Kommentar nicht senden: %s",
-    "Sending paste (Please move your mouse for more entropy)...":
-        "Sende Text (Bitte bewege Deine Maus um die Entropie zu erhöhen)...",
-    "Sending paste...":
-        "Sende Text...",
+    "Sending paste…":
+        "Sende Paste…",
    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
        "Dein Text ist unter <a id=\"pasteurl\" href=\"%s\">%s</a> zu finden <span id=\"copyhint\">(Drücke [Strg]+[c] um den Link zu kopieren)</span>",
    "Delete data":
        "Lösche Daten",
    "Could not create paste: %s":
-        "Konnte Text nicht erstellen: %s",
+        "Text konnte nicht erstellt werden: %s",
    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
-        "Konnte Text nicht entschlüsseln: Der Schlüssel fehlt in der Adresse (Hast du eine Umleitung oder einen URL-Verkürzer benutzt, der Teile der Adresse entfernt?)",
+        "Konnte Paste nicht entschlüsseln: Der Schlüssel fehlt in der Adresse (Hast du eine Umleitung oder einen URL-Verkürzer benutzt, der Teile der Adresse entfernt?)",
    "Format": "Format",
    "Plain Text": "Nur Text",
    "Source Code": "Quellcode",
    "Markdown": "Markdown",
    "Download attachment": "Anhang herunterladen",
-    "Cloned file attached.": "Kopierte Datei angehängt.",
+    "Cloned: '%s'": "Geklont: '%s'",
+    "The cloned file '%s' was attached to this paste.": "Die geklonte Datei '%s' wurde angehängt.",
    "Attach a file": "Datei anhängen",
+    "alternatively drag & drop a file or paste an image from the clipboard": "Alternativ Drag & Drop einer Datei oder einfügen eines Bildes aus der Zwischenablage",
+    "File too large, to display a preview. Please download the attachment.": "Datei zu groß, um als Vorschau angezeigt zu werden. Bitte Anhang herunterladen.",
    "Remove attachment": "Anhang entfernen",
    "Your browser does not support uploading encrypted files. Please use a newer browser.":
        "Dein Browser unterstützt das hochladen von verschlüsselten Dateien nicht. Bitte verwende einen neueren Browser.",
@@ -146,6 +147,19 @@
    "Enter password":
        "Passwort eingeben",
    "Loading…": "Lädt…",
-    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
-        "Wenn diese Nachricht nicht mehr verschwindet, schau bitte in <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">die FAQ</a> (englisch), um zu sehen, wie der Fehler behoben werden kann."
+    "Decrypting paste…": "Entschlüssle Text…",
+    "Preparing new paste…": "Bereite neuen Text vor…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "Wenn diese Nachricht nicht mehr verschwindet, schau bitte in <a href=\"%s\">die FAQ</a> (englisch), um zu sehen, wie der Fehler behoben werden kann.",
+    "+++ no paste text +++": "+++ kein Paste-Text +++",
+    "Could not get paste data: %s":
+        "Text konnte nicht geladen werden: %s",
+    "QR code": "QR code",
+    "I love you too, bot…": "Ich mag Dich auch, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "Diese Webseite verwendet eine unsichere HTTP Verbindung! Bitte benutze sie nur zum Testen.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "<a href=\"%s\">Besuche diesen FAQ Eintrag</a> für weitere Informationen dazu.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Dein Browser benötigt möglicherweise eine HTTPS Verbindung um das WebCrypto API nutzen zu können. Versuche <a href=\"%s\">auf HTTPS zu wechseln</a>."
 }
--- a/i18n/es.json
+++ b/i18n/es.json
@@ -1,20 +1,20 @@
 {
    "PrivateBin": "PrivateBin",
    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
-        "%s es un servicio de tipo \"Pastebin\" minimalista de código abierto, donde el servidor no tiene ningún conocimiento de los datos guardados. Los datos son cifrados/descifrados <i>en el navegador</i> usando 256 bits AES. Más información en la <a href=\"https://privatebin.info/\">página del proyecto</a>.",
+        "%s es un \"pastebin\" en línea minimalista de código abierto, donde el servidor no tiene ningún conocimiento de los datos guardados. Los datos son cifrados/descifrados <i>en el navegador</i> usando 256 bits AES. Más información en la <a href=\"https://privatebin.info/\">página del proyecto</a>.",
    "Because ignorance is bliss":
        "Porque la ignorancia es dicha",
    "en": "es",
    "Paste does not exist, has expired or has been deleted.":
-        "El texto no existe, ha caducado o ha sido eliminado.",
-    "%s requires php 5.3.0 or above to work. Sorry.":
-        "%s requiere php 5.3.0 o superior para funcionar. Lo siento.",
+        "El \"paste\" no existe, ha caducado o ha sido eliminado.",
+    "%s requires php %s or above to work. Sorry.":
+        "%s requiere php %s o superior para funcionar. Lo siento.",
    "%s requires configuration section [%s] to be present in configuration file.":
-        "%s requiere que la sección de configuración [% s] esté presente en el archivo de configuración.",
+        "%s requiere que la sección de configuración [%s] esté presente en el archivo de configuración.",
    "Please wait %d seconds between each post.":
        "Por favor espere %d segundos entre cada publicación.",
    "Paste is limited to %s of encrypted data.":
-        "El texto está limitado a %s de datos cifrados.",
+        "El \"paste\" está limitado a %s de datos cifrados.",
    "Invalid data.":
        "Datos inválidos.",
    "You are unlucky. Try again.":
@@ -22,15 +22,15 @@
    "Error saving comment. Sorry.":
        "Error al guardar el comentario. Lo siento.",
    "Error saving paste. Sorry.":
-        "Error al guardar el texto. Lo siento",
+        "Error al guardar el \"paste\". Lo siento",
    "Invalid paste ID.":
-        "ID del texto inválido.",
+        "ID del \"paste\" inválido.",
    "Paste is not of burn-after-reading type.":
-        "El texto no es del tipo \"destruir despues de leer\".",
+        "El \"paste\" no es del tipo \"destruir despues de leer\".",
    "Wrong deletion token. Paste was not deleted.":
-        "Token de eliminación erróneo. El texto no fue eliminado.",
+        "Token de eliminación erróneo. El \"paste\" no fue eliminado.",
    "Paste was properly deleted.":
-        "El texto se ha eliminado correctamente.",
+        "El \"paste\" se ha eliminado correctamente.",
    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
        "JavaScript es necesario para que %s funcione.<br />Sentimos los inconvenientes ocasionados.",
    "%s requires a modern browser to work.":
@@ -67,7 +67,7 @@
    "Never":
        "Nunca",
    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
-        "Nota: Este es un servicio de prueba. Los datos pueden ser eliminados en cualquier momento. Gatitos morirán si se abusa de este servicio.",
+        "Nota: Este es un servicio de prueba. Los datos pueden ser eliminados en cualquier momento. Morirán gatitos si abusas de este servicio.",
    "This document will expire in %d seconds.":
        ["Este documento caducará en un segundo.", "Este documento caducará en %d segundos."],
    "This document will expire in %d minutes.":
@@ -79,29 +79,29 @@
    "This document will expire in %d months.":
        ["Este documento caducará en un mes.", "Este documento caducará en %d meses."],
    "Please enter the password for this paste:":
-        "Por favor ingrese la contraseña para este documento:",
+        "Por favor ingrese la contraseña para este \"paste\":",
    "Could not decrypt data (Wrong key?)":
        "No fue posible descifrar los datos (¿Clave errónea?)",
    "Could not delete the paste, it was not stored in burn after reading mode.":
        "No fue posible eliminar el documento, no fue guardado en modo \"destruir despues de leer\".",
    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
-        "SÓLO PARA TUS OJOS. No cierre esta ventana, este mensaje no se puede volver a mostrar.",
+        "SÓLO PARA TUS OJOS. No cierres esta ventana, este mensaje no se puede volver a mostrar.",
    "Could not decrypt comment; Wrong key?":
        "No se pudo descifrar el comentario; ¿Llave incorrecta?",
    "Reply":
        "Responder",
    "Anonymous":
        "Anónimo",
-    "Anonymous avatar (Vizhash of the IP address)":
-        "Avatar anónimo (Vizhash de la dirección IP)",
+    "Avatar generated from IP address":
+        "Avatar generado a partir de la dirección IP",
    "Add comment":
        "Añadir comentario",
-    "Optional nickname...":
-        "Seudónimo opcional...",
+    "Optional nickname…":
+        "Seudónimo opcional…",
    "Post comment":
        "Publicar comentario",
-    "Sending comment...":
-        "Enviando comentario...",
+    "Sending comment…":
+        "Enviando comentario…",
    "Comment posted.":
        "Comentario publicado.",
    "Could not refresh display: %s":
@@ -112,10 +112,8 @@
        "Error del servidor o el servidor no responde",
    "Could not post comment: %s":
        "No fue posible publicar comentario: %s",
-    "Sending paste (Please move your mouse for more entropy)...":
-        "Enviando texto (Por favor, mueva el ratón para mayor entropía)...",
-    "Sending paste...":
-        "Enviando texto...",
+    "Sending paste…":
+        "Enviando \"paste\"…",
    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
        "Su texto está en <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Presione [Ctrl]+[c] para copiar)</span>",
    "Delete data":
@@ -129,8 +127,11 @@
    "Source Code": "Código fuente",
    "Markdown": "Markdown",
    "Download attachment": "Descargar adjunto",
-    "Cloned file attached.": "Archivo clonado adjunto.",
+    "Cloned: '%s'": "Clonado: '%s'.",
+    "The cloned file '%s' was attached to this paste.": "El archivo clonado '%s' ha sido adjuntado a este texto.",
    "Attach a file": "Adjuntar archivo",
+    "alternatively drag & drop a file or paste an image from the clipboard": "alternatively drag & drop a file or paste an image from the clipboard",
+    "File too large, to display a preview. Please download the attachment.": "File too large, to display a preview. Please download the attachment.",
    "Remove attachment": "Remover adjunto",
    "Your browser does not support uploading encrypted files. Please use a newer browser.":
        "Tu navegador no admite la carga de archivos cifrados. Utilice un navegador más reciente.",
@@ -146,6 +147,19 @@
    "Enter password":
        "Ingrese contraseña",
    "Loading…": "Cargando…",
-    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
-        "En caso de que este mensaje nunca desaparezca por favor revise <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">este FAQ para obtener información para solucionar problemas</a>."
+    "Decrypting paste…": "Descifrando \"paste\"…",
+    "Preparing new paste…": "Preparando \"paste\" nuevo…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "En caso de que este mensaje nunca desaparezca por favor revise <a href=\"%s\">este FAQ para obtener información para solucionar problemas</a>.",
+    "+++ no paste text +++": "+++ \"paste\" sin texto +++",
+    "Could not get paste data: %s":
+        "No se pudieron obtener los datos: %s",
+    "QR code": "Código QR",
+    "I love you too, bot…": "I love you too, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "This website is using an insecure HTTP connection! Please use it only for testing.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "For more information <a href=\"%s\">see this FAQ entry</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>."
 }
--- a/i18n/fr.json
+++ b/i18n/fr.json
@@ -1,14 +1,14 @@
 {
    "PrivateBin": "PrivateBin",
    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
-        "%s est un 'pastebin' (ou gestionnaire d'extraits de texte et de code source) minimaliste et open source, dans lequel le serveur n'a aucune connaissance des données envoyées. Les données sont chiffrées/déchiffrées <i>dans le navigateur</i> par un chiffrage AES 256 bits. Plus d'informations sur <a href=\"https://privatebin.info/\">la page du projet</a>.",
+        "%s est un 'pastebin' (ou gestionnaire d'extraits de texte et de code source) minimaliste et open source, dans lequel le serveur n'a aucune connaissance des données envoyées. Les données sont chiffrées/déchiffrées <i>dans le navigateur</i> par un chiffrement AES 256 bits. Plus d'informations sur <a href=\"https://privatebin.info/\">la page du projet</a>.",
    "Because ignorance is bliss":
        "Parce que l'ignorance c'est le bonheur",
    "en": "fr",
    "Paste does not exist, has expired or has been deleted.":
        "Le paste n'existe pas, a expiré, ou a été supprimé.",
-    "%s requires php 5.3.0 or above to work. Sorry.":
-        "Désolé, %s nécessite php 5.3.0 ou supérieur pour fonctionner.",
+    "%s requires php %s or above to work. Sorry.":
+        "Désolé, %s nécessite php %s ou supérieur pour fonctionner.",
    "%s requires configuration section [%s] to be present in configuration file.":
        "%s a besoin de la section de configuration [%s] dans le fichier de configuration pour fonctionner.",
    "Please wait %d seconds between each post.":
@@ -83,25 +83,25 @@
    "Could not decrypt data (Wrong key?)":
        "Impossible de déchiffrer les données (mauvaise clé ?)",
    "Could not delete the paste, it was not stored in burn after reading mode.":
-        "Impossible de supprimer le paste, car il n'a pas été stoclé en mode \"Effacer après lecture\".",
+        "Impossible de supprimer le paste, car il n'a pas été stocké en mode \"Effacer après lecture\".",
    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
        "POUR VOS YEUX UNIQUEMENT. Ne fermez pas cette fenêtre, ce paste ne pourra plus être affiché.",
    "Could not decrypt comment; Wrong key?":
-        "Impossible de déchiffrer le commentaire ; mauvaise clé ?",
+        "Impossible de déchiffrer le commentaire; mauvaise clé ?",
    "Reply":
        "Répondre",
    "Anonymous":
        "Anonyme",
-    "Anonymous avatar (Vizhash of the IP address)":
-        "Avatar anonyme (Vizhash de l'adresse IP)",
+    "Avatar generated from IP address":
+        "Avatar généré à partir de l'adresse IP",
    "Add comment":
        "Ajouter un commentaire",
-    "Optional nickname...":
-        "Pseudonyme optionnel...",
+    "Optional nickname…":
+        "Pseudonyme optionnel…",
    "Post comment":
        "Poster le commentaire",
-    "Sending comment...":
-        "Envoi du commentaire...",
+    "Sending comment…":
+        "Envoi du commentaire…",
    "Comment posted.":
        "Commentaire posté.",
    "Could not refresh display: %s":
@@ -112,10 +112,8 @@
        "Le serveur ne répond pas ou a rencontré une erreur",
    "Could not post comment: %s":
        "Impossible de poster le commentaire : %s",
-    "Sending paste (Please move your mouse for more entropy)...":
-        "Envoi du paste (Merci de bouger votre souris pour plus d'entropie)...",
-    "Sending paste...":
-        "Envoi du paste...",
+    "Sending paste…":
+        "Envoi du paste…",
    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
        "Votre paste est disponible à l'adresse <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Appuyez sur [Ctrl]+[c] pour copier)</span>",
    "Delete data":
@@ -123,7 +121,7 @@
    "Could not create paste: %s":
        "Impossible de créer le paste : %s",
    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
-        "Impossible de déchiffrer le paste : Clé de déchiffrage manquante dans l'URL (Avez-vous utilisé un redirecteur ou un site de réduction d'URL qui supprime une partie de l'URL ?)",
+        "Impossible de déchiffrer le paste : Clé de déchiffrement manquante dans l'URL (Avez-vous utilisé un redirecteur ou un site de réduction d'URL qui supprime une partie de l'URL ?)",
    "B": "o",
    "KiB": "Kio",
    "MiB": "Mio",
@@ -138,8 +136,11 @@
    "Source Code": "Code source",
    "Markdown": "Markdown",
    "Download attachment": "Télécharger la pièce jointe",
-    "Cloned file attached.": "Cloner le fichier attaché.",
+    "Cloned: '%s'": "Cloner '%s'",
+    "The cloned file '%s' was attached to this paste.": "Le fichier cloné '%s' a été attaché à ce paste.",
    "Attach a file": "Attacher un fichier ",
+    "alternatively drag & drop a file or paste an image from the clipboard": "alternativement, glisser & déposer un fichier ou coller une image à partir du presse-papiers",
+    "File too large, to display a preview. Please download the attachment.": "Fichier trop volumineux, pour afficher un aperçu. Veuillez télécharger la pièce jointe.",
    "Remove attachment": "Enlever l'attachement",
    "Your browser does not support uploading encrypted files. Please use a newer browser.":
        "Votre navigateur ne supporte pas l'envoi de fichiers chiffrés. Merci d'utiliser un navigateur plus récent.",
@@ -149,12 +150,25 @@
    "Editor": "Éditer",
    "Preview": "Prévisualiser",
    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
-        "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
+        "%s requiert que le PATH se termine dans un \"%s\". Veuillez mettre à jour le PATH dans votre index.php.",
    "Decrypt":
-        "Decrypt",
+        "Déchiffrer",
    "Enter password":
        "Entrez le mot de passe",
-    "Loading…": "Loading…",
-    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
-        "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English)."
+    "Loading…": "Chargement…",
+    "Decrypting paste…": "Déchiffrement du paste…",
+    "Preparing new paste…": "Préparation du paste…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "Si ce message ne disparaîssait pas, jetez un oeil à <a href=\"%s\">cette FAQ pour des idées de résolution</a> (en Anglais).",
+    "+++ no paste text +++": "+++ pas de paste-text +++",
+    "Could not get paste data: %s":
+        "Impossible d'obtenir les données du paste: %s",
+    "QR code": "QR code",
+    "I love you too, bot…": "Je t’aime aussi, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "Ce site web utilise une connexion HTTP non sécurisée ! Veuillez l’utiliser uniquement pour des tests.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "Pour plus d'informations <a href=\"%s\">consultez cette rubrique de la FAQ</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Votre navigateur peut nécessiter une connexion HTTPS pour prendre en charge l’API WebCrypto. Essayez <a href=\"%s\">de passer en HTTPS</a>."
 }
--- a/i18n/hu.json
+++ b/i18n/hu.json
@@ -0,0 +1,165 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "A %s egy minimalista, nyílt forráskódú adattároló szoftver, ahol a szerver semmilyen információt nem tárol a feltett adatról. Azt ugyanis a <i>böngésződ</i> segítségével titkosítja és oldja fel 256 bit hosszú titkosítási kulcsú AES-t használva. További információt a <a href=\"https://privatebin.info/\">projekt oldalán</a> találsz.",
+    "Because ignorance is bliss":
+        "A titok egyfajta hatalom.",
+    "en": "hu",
+    "Paste does not exist, has expired or has been deleted.":
+        "A bejegyzés nem létezik, lejárt vagy törölve lett.",
+    "%s requires php %s or above to work. Sorry.":
+        "Bocs, de a %s működéséhez %s vagy ezt meghaladó verziójú php-s környezet szükséges.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "A %s megfelelő működéséhez a konfigurációs fájlban a [%s] résznek léteznie kell.",
+    "Please wait %d seconds between each post.":
+        "Kérlek várj %d másodpercet két beküldés között.",
+    "Paste is limited to %s of encrypted data.":
+        "A bejegyzés maximális hossza: %s",
+    "Invalid data.":
+        "Érvénytelen adat.",
+    "You are unlucky. Try again.":
+        "Peched volt, próbáld újra.",
+    "Error saving comment. Sorry.":
+        "Nem sikerült menteni a hozzászólást. Bocs.",
+    "Error saving paste. Sorry.":
+        "Nem sikerült menteni a bejegyzést. Bocs.",
+    "Invalid paste ID.":
+        "Érvénytelen bejegyzés azonosító.",
+    "Paste is not of burn-after-reading type.":
+        "A bejegyzés nem semmisül meg azonnal olvasás után.",
+    "Wrong deletion token. Paste was not deleted.":
+        "Hibás törlési azonosító. A bejegyzés nem lett törölve.",
+    "Paste was properly deleted.":
+        "A bejegyzés sikeresen törölve.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "JavaScript szükséges a %s működéséhez. Elnézést a fennakadásért.",
+    "%s requires a modern browser to work.":
+        "A %s működéséhez a jelenleginél újabb böngészőre van szükség.",
+    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
+        "Még mindig Internet Explorert használsz? Ideje váltani:",
+    "New":
+        "Új",
+    "Send":
+        "Beküldöm!",
+    "Clone":
+        "Másol",
+    "Raw text":
+        "A nyers szöveg",
+    "Expires":
+        "Lejárati idő",
+    "Burn after reading":
+        "Törlés az első olvasás után",
+    "Open discussion":
+        "Hozzászólások engedélyezése",
+    "Password (recommended)":
+        "Jelszó (ajánlott)",
+    "Discussion":
+        "Hozzászólások",
+    "Toggle navigation":
+        "Navigáció",
+    "%d seconds": ["%d másodperc", "%d másodperc"],
+    "%d minutes": ["%d perc", "%d perc"],
+    "%d hours": ["%d óra", "%d óra"],
+    "%d days": ["%d nap", "%d nap"],
+    "%d weeks": ["%d hét", "%d hét"],
+    "%d months": ["%d hónap", "%d hónap"],
+    "%d years": ["%d év", "%d év"],
+    "Never":
+        "Soha",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
+        "Megjegyzés: ez egy teszt szolgáltatás, az adatok bármikor törlődhetnek. Ha visszaélsz vele, kiscicák bánhatják! :)",
+    "This document will expire in %d seconds.":
+        ["Ez a bejegyzés %d másodperc után megsemmisül.", "Ez a bejegyzés %d másodperc múlva megsemmisül."],
+    "This document will expire in %d minutes.":
+        ["Ez a bejegyzés %d perc után megsemmisül.", "Ez a bejegyzés %d perc múlva megsemmisül."],
+    "This document will expire in %d hours.":
+        ["Ez a bejegyzés %d óra után megsemmisül.", "Ez a bejegyzés %d óra múlva megsemmisül."],
+    "This document will expire in %d days.":
+        ["Ez a bejegyzés %d nap után megsemmisül.", "Ez a bejegyzés %d nap múlva megsemmisül."],
+    "This document will expire in %d months.":
+        ["Ez a bejegyzés %d hónap múlva megsemmisül.", "Ez a bejegyzés %d hónap múlva megsemmisül."],
+    "Please enter the password for this paste:":
+        "Add meg a szükséges jelszót a bejegyzés megtekintéséhez:",
+    "Could not decrypt data (Wrong key?)":
+        "Nem tudtuk dekódolni az adatot. Talán rossz kulcsot adtál meg?",
+    "Could not delete the paste, it was not stored in burn after reading mode.":
+        "Nem tudtuk törölni a bejegyzést, mivel az olvasás után egyből megsemmisült. Így nem is volt tárolva.",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
+        "EZT A BEJEGYZÉST CSAK TE LÁTHATOD!!! Ne csukd be ezt az ablakot, mivel nem tudod újra megnézni. Az ugyanis az első olvasás után rögtön megsemmisül.",
+    "Could not decrypt comment; Wrong key?":
+        "Nem tudtuk dekódolni a hozzászólást. Talán rossz kulcsot adtál meg?",
+    "Reply":
+        "Válasz",
+    "Anonymous":
+        "Anonymous",
+    "Avatar generated from IP address":
+        "Avatar (az IP cím alapján generáljuk)",
+    "Add comment":
+        "Hozzászólok",
+    "Optional nickname…":
+        "Becenév (már ha meg akarod adni)",
+    "Post comment":
+        "Beküld",
+    "Sending comment…":
+        "Beküldés alatt...",
+    "Comment posted.":
+        "A hozzászólás beküldve.",
+    "Could not refresh display: %s":
+        "Nem tudtuk frissíteni: %s",
+    "unknown status":
+        "Ismeretlen státusz.",
+    "server error or not responding":
+        "A szerveren hiba lépett fel vagy nem válaszol.",
+    "Could not post comment: %s":
+        "Nem tudtuk beküldeni a hozzászólást: %s",
+    "Sending paste…":
+        "Bejegyzés elküldése...",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
+        "A bejegyzésed a <a id=\"pasteurl\" href=\"%s\">%s</a> címen elérhető. <span id=\"copyhint\"> [Ctrl]+[c]-vel tudod vágólapra másolni.</span>",
+    "Delete data":
+        "Adat törlése",
+    "Could not create paste: %s":
+        "Nem tudtuk létrehozni a bejegyzést: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
+        "Nem tudjuk dekódolni a bejegyzést: a dekódoláshoz szükséges kulcs hiányzik a címből. Talán URL rövidítőt használtál ami kivágta azt belőle?",
+    "Format": "Formátum",
+    "Plain Text": "Egyszerű szöveg",
+    "Source Code": "Forráskód",
+    "Markdown": "Markdown",
+    "Download attachment": "Csatolmány letöltése",
+    "Cloned: '%s'": "'%s' másolva",
+    "The cloned file '%s' was attached to this paste.": "A másolt '%s' csatolmányt hozzáadtuk ehhez a bejegyzéshez.",
+    "Attach a file": "Fájl csatolása",
+    "alternatively drag & drop a file or paste an image from the clipboard": "vagy húzz ide egy fájlt, netán illessz be egy képet a vágólapról.",
+    "File too large, to display a preview. Please download the attachment.": "A fájl túl nagy ahhoz, hogy előnézete legyen. Töltsd le, hogy megtekinthesd.",
+    "Remove attachment": "Csatolmány eltávolítása",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.":
+        "A böngésződ nem támogatja titkosított fájlok feltöltését. Használj újabbat.",
+    "Invalid attachment.": "Érvénytelen csatolmány.",
+    "Options": "Opciók",
+    "Shorten URL": "URL rövidítés",
+    "Editor": "Szerkesztő felület",
+    "Preview": "Előnézet",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s számára szükséges, hogy a PATH itt végződjön: \"%s\". Kérlek frissítsd a PATH értékét az index.php fájlban.",
+    "Decrypt":
+        "Dekódolás",
+    "Enter password":
+        "Jelszó",
+    "Loading…": "Folyamatban...",
+    "Decrypting paste…": "Bejegyzés dekódolása...",
+    "Preparing new paste…": "Új bejegyzés előkészítése...",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "Abban az esetben, ha ez az üzenet mindig látható lenne, látogass el a <a href=\"%s\">Gyakran Ismételt Kérdések szekcióba a megoldásához</a>.",
+    "+++ no paste text +++": "+++ nincs beillesztett szöveg +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s",
+    "QR code": "QR code",
+    "I love you too, bot…": "I love you too, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "This website is using an insecure HTTP connection! Please use it only for testing.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "For more information <a href=\"%s\">see this FAQ entry</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>."
+}
--- a/i18n/it.json
+++ b/i18n/it.json
@@ -7,8 +7,8 @@
    "en": "it",
    "Paste does not exist, has expired or has been deleted.":
        "Questo messaggio non esiste, è scaduto o è stato cancellato.",
-    "%s requires php 5.3.0 or above to work. Sorry.":
-        "%s richiede PHP 5.3.0 o superiore.",
+    "%s requires php %s or above to work. Sorry.":
+        "%s richiede php %s o superiore per funzionare. Ci spiace.",
    "%s requires configuration section [%s] to be present in configuration file.":
        "%s richiede la presenza della sezione [%s] nei file di configurazione.",
    "Please wait %d seconds between each post.":
@@ -18,7 +18,7 @@
    "Invalid data.":
        "Dati non validi.",
    "You are unlucky. Try again.":
-        "Riprova, sarai più fortunato.",
+        "Ritenta, sarai più fortunato.",
    "Error saving comment. Sorry.":
        "Errore durante il salvataggio del commento.",
    "Error saving paste. Sorry.":
@@ -67,7 +67,7 @@
    "Never":
        "Mai",
    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
-        "Nota: questo è un servizio di prova, i dati possono essere cancellati in qualsiasi momento. Ti preghiamo di non abusare di questo servizio, grazie.",
+        "Nota: questo è un servizio di prova, i messaggi salvati possono essere cancellati in qualsiasi momento. Moriranno dei gattini se abuserai di questo servizio.",
    "This document will expire in %d seconds.":
        ["Questo documento scadrà tra un secondo.", "Questo documento scadrà in %d secondi."],
    "This document will expire in %d minutes.":
@@ -87,41 +87,39 @@
    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
        "FOR YOUR EYES ONLY. Non chiudere questa finestra, il messaggio non può essere visualizzato una seconda volta.",
    "Could not decrypt comment; Wrong key?":
-        "Non riesco a decifrari il commento (Chiave errata?)",
+        "Non riesco a decifrare il commento (Chiave errata?)",
    "Reply":
        "Rispondi",
    "Anonymous":
        "Anonimo",
-    "Anonymous avatar (Vizhash of the IP address)":
-        "Avatar Anonino (Vizhash dell'indirizzo IP)",
+    "Avatar generated from IP address":
+        "Avatar generato dall'indirizzo IP)",
    "Add comment":
        "Aggiungi un commento",
-    "Optional nickname...":
-        "Nickname opzionale...",
+    "Optional nickname…":
+        "Nickname opzionale…",
    "Post comment":
        "Invia commento",
-    "Sending comment...":
-        "Commento in fase di invio...",
+    "Sending comment…":
+        "Commento in fase di invio…",
    "Comment posted.":
        "Commento inviato.",
    "Could not refresh display: %s":
        "Non riesco ad aggiornare il display: %s",
    "unknown status":
-        "errore sconosciuto",
+        "stato sconosciuto",
    "server error or not responding":
        "errore o mancata risposta dal server",
    "Could not post comment: %s":
        "Impossibile inviare il commento: %s",
-    "Sending paste (Please move your mouse for more entropy)...":
-        "Invio messaggio (Muovi il mouse in modo casuale, per generare maggior entropia)...",
-    "Sending paste...":
-        "Messaggio in fase di invio...",
+    "Sending paste…":
+        "Messaggio in fase di invio…",
    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
-        "Il tuo messaggio è qui: <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">([CTRL | CMD]+[C] per copiare il link)</span>",
+        "Il tuo messaggio è qui: <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Premi [Ctrl]+[c] (Windows) o [Cmd]+[c] (Mac) per copiare il link)</span>",
    "Delete data":
        "Cancella i dati",
    "Could not create paste: %s":
-        "Non rieco a creare il messaggio: %s",
+        "Non riesco a creare il messaggio: %s",
    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
        "Non riesco a decifrare il messaggio: manca la chiave di decifrazione nell'URL (La chiave è parte integrante dell'URL. Per caso hai usato un Redirector o un altro servizio che ha rimosso una parte dell'URL?)",
    "Format": "Formato",
@@ -129,8 +127,11 @@
    "Source Code": "Codice Sorgente",
    "Markdown": "Markdown",
    "Download attachment": "Scarica Allegato",
-    "Cloned file attached.": "Copia del file allegata.",
+    "Cloned: '%s'": "Clonato: '%s'",
+    "The cloned file '%s' was attached to this paste.": "Il file clonato '%s' era allegato a questo messaggio.",
    "Attach a file": "Allega un file",
+    "alternatively drag & drop a file or paste an image from the clipboard": "alternatively drag & drop a file or paste an image from the clipboard",
+    "File too large, to display a preview. Please download the attachment.": "File too large, to display a preview. Please download the attachment.",
    "Remove attachment": "Rimuovi allegato",
    "Your browser does not support uploading encrypted files. Please use a newer browser.":
        "Il tuo browser non supporta l'invio di file cifrati. Utilizza un browser più recente.",
@@ -142,10 +143,23 @@
    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
        "%s necessita che PATH termini con \"%s\". Aggiorna la variabile PATH nel tuo index.php.",
    "Decrypt":
-        "Decrypt",
+        "Decifra",
    "Enter password":
        "Inserisci la password",
-    "Loading…": "Loading…",
-    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
-        "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English)."
+    "Loading…": "Carico…",
+    "Decrypting paste…": "Decifro il messaggio…",
+    "Preparing new paste…": "Preparo il nuovo messaggio…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "Nel caso questo messaggio non scompaia, controlla questa <a href=\"%s\">FAQ</a> per trovare informazioni su come risolvere il problema (in Inglese).",
+    "+++ no paste text +++": "+++ nessun testo nel messaggio +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s",
+    "QR code": "QR code",
+    "I love you too, bot…": "I love you too, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "This website is using an insecure HTTP connection! Please use it only for testing.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "For more information <a href=\"%s\">see this FAQ entry</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>."
 }
--- a/i18n/nl.json
+++ b/i18n/nl.json
@@ -0,0 +1,165 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+		"%s is een minimalistische, open source online pastebin waarbij de server geen kennis heeft van de geplakte gegevens. Gegevens worden gecodeerd/gedecodeerd <i> in de browser </i> met behulp van 256 bits AES. Meer informatie is te vinden op de <a href=\"https://privatebin.info/\">projectpagina</a>.",
+    "Because ignorance is bliss":
+        "Onwetendheid is een zegen",
+    "en": "nl",
+    "Paste does not exist, has expired or has been deleted.":
+        "Geplakte tekst bestaat niet, is verlopen of verwijderd.",
+    "%s requires php %s or above to work. Sorry.":
+        "%s vereist PHP %s of hoger om te kunnen werken. Sorry",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s vereist dat de configuratiesectie [%s] aanwezig is in het configuratiebestand",
+    "Please wait %d seconds between each post.":
+	    "Alstublieft %d seconden wachten tussen elk bericht",
+    "Paste is limited to %s of encrypted data.":
+		"Geplakte tekst is beperkt tot %s aan versleutelde gegevens",
+    "Invalid data.":
+        "Ongeldige gegevens",
+    "You are unlucky. Try again.":
+        "Helaas. Probeer het nog eens",
+    "Error saving comment. Sorry.":
+        "Fout bij het opslaan van het commentaar. Sorry",
+    "Error saving paste. Sorry.":
+        "Fout bij het opslaan van de geplakte tekst. Sorry.",
+    "Invalid paste ID.":
+        "Ongeldige ID.",
+    "Paste is not of burn-after-reading type.":
+        "Geplakte tekst is geen 'vernietig na lezen' type",
+    "Wrong deletion token. Paste was not deleted.":
+        "Foutieve verwijdercode. Geplakte tekst is niet verwijderd.",
+    "Paste was properly deleted.":
+        "Geplakte tekst is correct verwijderd.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "JavaScript vereist om %s te laten werken.<br />Sorry voor het ongemak.",
+    "%s requires a modern browser to work.":
+        "%s vereist een moderne browser om te kunnen werken ",
+    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
+        "Gebruik je nog steeds Internet explorer? Doe jezelf een plezier en maak gebruik van een moderne browser:",
+    "New":
+        "Nieuw",
+    "Send":
+        "Verzenden",
+    "Clone":
+        "Clonen",
+    "Raw text":
+        "Onbewerkte tekst",
+    "Expires":
+        "Verloopt",
+    "Burn after reading":
+        "Vernietig na lezen",
+    "Open discussion":
+		"Open discussie",
+    "Password (recommended)":
+        "Wachtwoord (aanbevolen)",
+    "Discussion":
+        "Discussie",
+    "Toggle navigation":
+        "Navigatie openen/sluiten",
+	"%d seconds": ["%d second", "%d seconden"],
+    "%d minutes": ["%d minuut", "%d minuten"],
+    "%d hours": ["%d uur"],
+    "%d days": ["%d dag", "%d dagen"],
+    "%d weeks": ["%d week", "%d weken"],
+    "%d months": ["%d maand", "%d maanden"],
+    "%d years": ["%d jaar"],
+    "Never":
+        "Nooit",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
+        "Opmerking: Dit is een testservice: Gegevens kunnen op elk gegeven moment verwijderd worden.",
+    "This document will expire in %d seconds.":
+        ["Dit document verloopt over %d second.", "Dit document verloopt over %d seconden."],
+    "This document will expire in %d minutes.":
+        ["Dit document verloopt over %d minuut.", "Dit document verloopt over %d minuten"],
+    "This document will expire in %d hours.":
+        ["Dit document verloopt over %d uur."],
+    "This document will expire in %d days.":
+        ["Dit document verloopt over %d dag.", "Dit document verloopt over %d dagen."],
+    "This document will expire in %d months.":
+        ["Dit document verloopt over %d maand.", "Dit document verloopt over %d maanden."],
+    "Please enter the password for this paste:":
+        "Voer het wachtwoord in voor deze  geplakte tekst:",
+    "Could not decrypt data (Wrong key?)":
+        "Kon de gegevens niet decoderen (verkeerde sleutel?)",
+    "Could not delete the paste, it was not stored in burn after reading mode.":
+		"Verwijderen van de geplakte tekst niet mogelijk, deze werd niet opgeslagen in 'vernietig na lezen' modus.",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
+		"FOR YOUR EYES ONLY. Sluit dit venster niet, dit bericht kan niet opnieuw worden weergegeven.",
+    "Could not decrypt comment; Wrong key?":
+		"Kon het commentaar niet decoderen; Verkeerde sleutel?",
+    "Reply":
+        "Beantwoorden",
+    "Anonymous":
+        "Anoniem",
+    "Avatar generated from IP address":
+        "Anonieme avatar (van het IP adres)",
+    "Add comment":
+        "Commentaar toevoegen",
+    "Optional nickname…":
+        "Optionele bijnaam…",
+    "Post comment":
+        "Plaats een commentaar",
+    "Sending comment…":
+        "Commentaar verzenden…",
+    "Comment posted.":
+        "Commentaar geplaatst.",
+    "Could not refresh display: %s":
+        "Kon de weergave niet vernieuwen: %s",
+    "unknown status":
+        "Onbekende status",
+    "server error or not responding":
+        "Serverfout of server reageert niet",
+    "Could not post comment: %s":
+        "Kon het commentaar niet plaatsen: %s",
+     "Sending paste…":
+        "Geplakte tekst verzenden…",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
+        "Uw geplakte tekst is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Druk [Ctrl]+[c] om te kopiëren)</span>",
+    "Delete data":
+        "Gegevens wissen",
+    "Could not create paste: %s":
+        "Kon de geplakte tekst niet aanmaken: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
+        "Kon de  geplakte tekst niet decoderen: Decoderingssleutel ontbreekt in URL (Hebt u een redirector of een URL-verkorter gebruikt die een deel van de URL verwijdert?)",
+    "Format": "Formaat",
+    "Plain Text": "Platte tekst",
+    "Source Code": "Broncode",
+    "Markdown": "Markdown",
+    "Download attachment": "Bijlage downloaden",
+    "Cloned: '%s'": "Gekloond: '%s'",
+    "The cloned file '%s' was attached to this paste.": "Het gekloonde bestand '%s' is bijgevoegd aan de geplakte tekst.",
+    "Attach a file": "Een bestand toevoegen",
+    "alternatively drag & drop a file or paste an image from the clipboard": "U kunt ook een bestand slepen en neerzetten of een afbeelding plakken van het klembord",
+    "File too large, to display a preview. Please download the attachment.": "Het bestand is te groot om voorbeeld weer te geven. Aub de bijlage downloaden",   
+	"Remove attachment": "Bijlage verwijderen",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.":
+		"Uw browser biedt geen ondersteuning voor het uploaden van gecodeerde bestanden. Gebruik alstublieft een nieuwere browser",
+    "Invalid attachment.": "Ongeldige bijlage",
+    "Options": "Opties",
+    "Shorten URL": "URL verkorten",
+    "Editor": "Editor",
+    "Preview": "Preview",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s vereist dat het PATH eindigt in een '%s'. Aub het PATH updaten in uw index.php.",
+    "Decrypt":
+        "Decoderen",
+    "Enter password":
+        "Voer het wachtwoord in",
+    "Loading…": "Laden…",
+    "Decrypting paste…": "Geplakte tekst decoderen…",
+    "Preparing new paste…": "Nieuwe geplakte tekst voorbereiden…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "In het geval dat dit bericht nooit verdwijnt, kijkt u dan eens naar <a href=\"%s\"> veelgestelde vragen voor informatie over het oplossen van problemen </a>.",
+    "+++ no paste text +++": "+++ geen geplakte tekst +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s",
+    "QR code": "QR code",
+    "I love you too, bot…": "I love you too, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "This website is using an insecure HTTP connection! Please use it only for testing.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "For more information <a href=\"%s\">see this FAQ entry</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>."
+}
--- a/i18n/no.json
+++ b/i18n/no.json
@@ -7,8 +7,8 @@
    "en": "no",
    "Paste does not exist, has expired or has been deleted.":
        "Innlegget eksisterer ikke, er utløpt eller har blitt slettet.",
-    "%s requires php 5.3.0 or above to work. Sorry.":
-        "Beklager, %s krever php 5.3.0 eller nyere for å kjøre.",
+    "%s requires php %s or above to work. Sorry.":
+        "Beklager, %s krever php %s eller nyere for å kjøre.",
    "%s requires configuration section [%s] to be present in configuration file.":
        "%s krever konfigurasjonsdel [%s] å være til stede i konfigurasjonsfilen .",
    "Please wait %d seconds between each post.":
@@ -26,13 +26,13 @@
    "Invalid paste ID.":
        "Feil innlegg ID.",
    "Paste is not of burn-after-reading type.":
-        "Innlegg er ikke av type slett-etter-lesing.",
+        "Innlegg er ikke av typen slett etter lesing.",
    "Wrong deletion token. Paste was not deleted.":
        "Feil slettingsnøkkel. Innlegg ble ikke fjernet.",
    "Paste was properly deleted.":
        "Innlegget er slettet.",
    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
-        "Javascript kreves for at %s skal fungere<br />Beklager ulempene.",
+        "Javascript kreves for at %s skal fungere<br />Beklager.",
    "%s requires a modern browser to work.":
        "%s krever en moderne nettleser for å fungere.",
    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
@@ -83,7 +83,7 @@
    "Could not decrypt data (Wrong key?)":
        "Kunne ikke dekryptere data (Feil nøkkel?)",
    "Could not delete the paste, it was not stored in burn after reading mode.":
-        "Kan ikke slette innlegget, det ble ikke lagret i slett-etter-les modus.",
+        "Kan ikke slette innlegget, det ble ikke lagret som 'slett etter les' type.",
    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
        "KUN FOR DINE ØYNE. Ikke lukk dette vinduet, denne meldingen kan ikke bli vist igjen.",
    "Could not decrypt comment; Wrong key?":
@@ -92,30 +92,28 @@
        "Svar",
    "Anonymous":
        "Anonym",
-    "Anonymous avatar (Vizhash of the IP address)":
-        "Anonym avatar (Vizhash av IP adressen)",
+    "Avatar generated from IP address":
+        "Anonym avatar generert med data fra IP adressen)",
    "Add comment":
        "Legg til kommentar",
-    "Optional nickname...":
-        "Valgfritt kallenavn...",
+    "Optional nickname…":
+        "Valgfritt kallenavn…",
    "Post comment":
        "Send kommentar",
-    "Sending comment...":
-        "Sender Kommentar...",
+    "Sending comment…":
+        "Sender Kommentar…",
    "Comment posted.":
        "Kommentar sendt.",
    "Could not refresh display: %s":
-        "Kunne ikke oppdatere skjermen: %s",
+        "Kunne ikke oppdatere bildet: %s",
    "unknown status":
        "ukjent status",
    "server error or not responding":
-        "server feilet eller svarer ikke",
+        "tjener feilet eller svarer ikke",
    "Could not post comment: %s":
        "Kunne ikke sende kommentar: %s",
-    "Sending paste (Please move your mouse for more entropy)...":
-        "Sender innlegg (Flytt musen for mere entropi)...",
-    "Sending paste...":
-        "Sender innlegg...",
+    "Sending paste…":
+        "Sender innlegg…",
    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
        "Ditt innlegg er <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Trykk [Ctrl]+[c] for å kopiere)</span>",
    "Delete data":
@@ -129,14 +127,17 @@
    "Source Code": "Kildekode",
    "Markdown": "Oppmerket",
    "Download attachment": "Last ned vedlegg",
-    "Cloned file attached.": "Kopier vedlegg.",
+    "Cloned: '%s'": "Kopiert: '%s'",
+    "The cloned file '%s' was attached to this paste.": "The cloned file '%s' was attached to this paste.",
    "Attach a file": "Legg til fil",
+    "alternatively drag & drop a file or paste an image from the clipboard": "alternatively drag & drop a file or paste an image from the clipboard",
+    "File too large, to display a preview. Please download the attachment.": "File too large, to display a preview. Please download the attachment.",
    "Remove attachment": "Slett vedlegg",
    "Your browser does not support uploading encrypted files. Please use a newer browser.":
        "Nettleseren din støtter ikke å laste opp krypterte filer. Vennligst bruk en nyere nettleser.",
    "Invalid attachment.": "Ugyldig vedlegg.",
    "Options": "Alternativer",
-    "Shorten URL": "Adresse-forkorter",
+    "Shorten URL": "Adresse forkorter",
    "Editor": "Rediger",
    "Preview": "Forhåndsvis",
    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
@@ -146,6 +147,19 @@
    "Enter password":
        "Skriv inn passord",
    "Loading…": "Laster…",
-    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
-        "Hvis denne meldingen ikke forsvinner kan du ta en titt på siden med <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">ofte stilte spørsmål</a> for informasjon om feilsøking."
+    "Decrypting paste…": "Dekrypterer innlegg…",
+    "Preparing new paste…": "Klargjør nytt innlegg…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "Hvis denne meldingen ikke forsvinner kan du ta en titt på siden med <a href=\"%s\">ofte stilte spørsmål</a> for informasjon om feilsøking.",
+    "+++ no paste text +++": "+++ ingen innleggstekst +++",
+    "Could not get paste data: %s":
+        "Kunne ikke hente utklippsdata: %s",
+    "QR code": "QR code",
+    "I love you too, bot…": "I love you too, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "This website is using an insecure HTTP connection! Please use it only for testing.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "For more information <a href=\"%s\">see this FAQ entry</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>."
 }
--- a/i18n/oc.json
+++ b/i18n/oc.json
@@ -1,14 +1,14 @@
 {
    "PrivateBin": "PrivateBin",
    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
-        "%s es un 'pastebin' (o gestionari d'extrachs de tèxte e còdi font) minimalista e open source, dins lo qual lo servidor a pas cap de coneissença de las donadas mandadas. Las donadas son chifradas/deschifradas <i>dins lo navigator</i> per un chiframent AES 256 bits. Mai informacions sus <a href=\"https://privatebin.info/\">la pagina del projècte</a>.",
+        "%s es un 'pastebin' (o gestionari d’extrachs de tèxte e còdi font) minimalista e open source, dins lo qual lo servidor a pas cap de coneissença de las donadas mandadas. Las donadas son chifradas/deschifradas <i>dins lo navigator</i> per un chiframent AES 256 bits. Mai informacions sus <a href=\"https://privatebin.info/\">la pagina del projècte</a>.",
    "Because ignorance is bliss":
-        "Perque l'ignorància es bonaür",
+        "Perque lo bonaür es l’ignorància",
    "en": "oc",
    "Paste does not exist, has expired or has been deleted.":
        "Lo tèxte existís pas, a expirat, o es estat suprimit.",
-    "%s requires php 5.3.0 or above to work. Sorry.":
-        "O planhèm, %s necessita php 5.3.0 o superior per foncionar.",
+    "%s requires php %s or above to work. Sorry.":
+        "O planhèm, %s necessita php %s o superior per foncionar.",
    "%s requires configuration section [%s] to be present in configuration file.":
        "%s fa besonh de la seccion de configuracion [%s] dins lo fichièr de configuracion per foncionar.",
    "Please wait %d seconds between each post.":
@@ -30,13 +30,13 @@
    "Wrong deletion token. Paste was not deleted.":
        "Geton de supression incorrècte. Lo tèxte es pas estat suprimit.",
    "Paste was properly deleted.":
-        "Lo tèxte es estat correctament suprimit.",
+        "Lo tèxte es estat corrèctament  suprimit.",
    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
-        "JavaScript es requesit per far foncionar %s. <br />O planhèm per l'inconvenient.",
+        "JavaScript es requesit per far foncionar %s. <br />O planhèm per l’inconvenient.",
    "%s requires a modern browser to work.":
        "%s necessita un navigator modèrn per foncionar.",
    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
-        "Encora sus Internet Explorer ? Fasètz-vos una favor, passatz a un navigator modèrn :",
+        "Encora sus Internet Explorer ? Fasètz-vos una favor, passatz a un navigator modèrn :",
    "New":
        "Nòu",
    "Send":
@@ -67,7 +67,7 @@
    "Never":
        "Jamai",
    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
-        "Nota : Aquò es un servici d'espròva : las donadas pòdon èsser suprimidas a cada moment. De catons moriràn s'abusatz d'aqueste servici.",
+        "Nota : Aquò es un servici d’espròva : las donadas pòdon èsser suprimidas a cada moment. De catons moriràn s’abusatz d’aqueste servici.",
    "This document will expire in %d seconds.":
        ["Ce document expirera dans %d seconde.", "Aqueste document expirarà dins %d segondas."],
    "This document will expire in %d minutes.":
@@ -79,51 +79,49 @@
    "This document will expire in %d months.":
        ["Ce document expirera dans %d mois.", "Aqueste document expirarà dins %d meses."],
    "Please enter the password for this paste:":
-        "Picatz lo senhal per aqueste tèxte :",
+        "Picatz lo senhal per aqueste tèxte :",
    "Could not decrypt data (Wrong key?)":
-        "Impossible de deschifrar las donadas (marrida clau ?)",
+        "Impossible de deschifrar las donadas (marrida clau ?)",
    "Could not delete the paste, it was not stored in burn after reading mode.":
        "Impossible de suprimir lo tèxte, perque es pas estat gardat en mòde \"Escafar aprèp lectura\".",
    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
        "PER VÒSTRES UÈLHS SOLAMENT. Tampetz pas aquesta fenèstra, aqueste tèxte poirà pas mai èsser afichat.",
    "Could not decrypt comment; Wrong key?":
-        "Impossible de deschifrar lo comentari ; marrida clau ?",
+        "Impossible de deschifrar lo comentari ; marrida clau ?",
    "Reply":
        "Respondre",
    "Anonymous":
        "Anonime",
-    "Anonymous avatar (Vizhash of the IP address)":
-        "Avatar anonime (Vizhash de l'adreça IP)",
+    "Avatar generated from IP address":
+        "Avatar anonime (Vizhash de l’adreça IP)",
    "Add comment":
        "Apondre un comentari",
-    "Optional nickname...":
-        "Escais opcional...",
+    "Optional nickname…":
+        "Escais opcional…",
    "Post comment":
        "Mandar lo comentari",
-    "Sending comment...":
-        "Mandadís del comentari...",
+    "Sending comment…":
+        "Mandadís del comentari…",
    "Comment posted.":
        "Comentari mandat.",
    "Could not refresh display: %s":
-        "Impossible d'actualizar l'afichatge : %s",
+        "Impossible d’actualizar l’afichatge : %s",
    "unknown status":
        "Estatut desconegut",
    "server error or not responding":
-        "Lo servidor respond pas o a rencontrat una error",
+        "Lo servidor respond pas o a rescontrat una error",
    "Could not post comment: %s":
-        "Impossible de mandar lo comentari : %s",
-    "Sending paste (Please move your mouse for more entropy)...":
-        "Mandadís del tèxte (Mercés de bolegar vòstra mirga per mai entropia)...",
-    "Sending paste...":
-        "Mandadís del tèxte...",
+        "Impossible de mandar lo comentari : %s",
+    "Sending paste…":
+        "Mandadís del tèxte…",
    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
-        "Vòstre tèxte es disponible a l'adreça <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Picatz sus [Ctrl]+[c] per copiar)</span>",
+        "Vòstre tèxte es disponible a l’adreça <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Picatz sus [Ctrl]+[c] per copiar)</span>",
    "Delete data":
        "Supprimir las donadas del tèxte",
    "Could not create paste: %s":
-        "Impossible de crear lo tèxte : %s",
+        "Impossible de crear lo tèxte : %s",
    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
-        "Impossible de deschifrar lo tèxte : Clau de deschiframent absenta de l'URL (Avètz utilizat un redirector o un site de reduccion d'URL que suprimís una partida de l'URL ?)",
+        "Impossible de deschifrar lo tèxte : clau de deschiframent absenta de l’URL (Avètz utilizat un redirector o un site de reduccion d’URL que suprimís una partida de l’URL ?)",
    "B": "o",
    "KiB": "Kio",
    "MiB": "Mio",
@@ -138,14 +136,17 @@
    "Source Code": "Còdi font",
    "Markdown": "Markdown",
    "Download attachment": "Telecargar la pèça junta",
-    "Cloned file attached.": "Clonar lo fichièr junt.",
-    "Attach a file": "Juntar un fichièr ",
-    "Remove attachment": "Levar la pèca junta",
+    "Cloned: '%s'": "Clonar : '%s'",
+    "The cloned file '%s' was attached to this paste.": "Aqueste fichièr clonat '%s' es estat ajustat a aqueste tèxte.",
+    "Attach a file": "Juntar un fichièr",
+    "alternatively drag & drop a file or paste an image from the clipboard": "autrament lisatz lo fichièr o pegatz l’imatge del quichapapièrs",
+    "File too large, to display a preview. Please download the attachment.": "Fichièr tròp pesuc per mostrar un apercebut. Telecargatz la pèca junta.",
+    "Remove attachment": "Levar la pèça junta",
    "Your browser does not support uploading encrypted files. Please use a newer browser.":
-        "Vòstre navigator es pas compatible amb lo mandadís de fichièrs chifrats. Mercés d'emplegar un navigator mai recent.",
+        "Vòstre navigator es pas compatible amb lo mandadís de fichièrs chifrats. Mercés d’emplegar un navigator mai recent.",
    "Invalid attachment.": "Pèça junta invalida.",
    "Options": "Opcions",
-    "Shorten URL": "Acorchir l'URL",
+    "Shorten URL": "Acorchir l’URL",
    "Editor": "Editar",
    "Preview": "Previsualizar",
    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
@@ -155,6 +156,19 @@
    "Enter password":
        "Picatz lo senhal",
    "Loading…": "Cargament…",
-    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
-        "Se per cas aqueste messatge quita pas de s'afichar mercés de gaitar <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">aquesta FAQ per las solucions</a> (en Anglés)."
+    "Decrypting paste…": "Deschirament del tèxte…",
+    "Preparing new paste…": "Preparacion…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "Se per cas aqueste messatge quite pas de s’afichar mercés de gaitar <a href=\"%s\">aquesta FAQ per las solucions</a> (en anglés).",
+    "+++ no paste text +++": "+++ cap de tèxte pegat +++",
+    "Could not get paste data: %s":
+        "Recuperacion impossibla de las donadas copiadas : %s",
+    "QR code": "Còdi QR",
+    "I love you too, bot…": "T’aimi tanben, robòt…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "Aqueste site utiliza una connexion HTTP pas segura ! Mercés de l’utilizar pas que per d’ensages.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "Per mai d’informacions <a href=\"%s\">vejatz aqueste article de FAQ</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Se pòt que vòstre navigator faga besonh d’una connexion HTTPS per èsser compatible amb l’API WebCrypto. Ensajatz de <a href=\"%s\">passar al HTTPS</a>."
 }
--- a/i18n/pl.json
+++ b/i18n/pl.json
@@ -7,8 +7,8 @@
    "en": "pl",
    "Paste does not exist, has expired or has been deleted.":
        "Wklejka nie istnieje, wygasła albo została usunięta.",
-    "%s requires php 5.3.0 or above to work. Sorry.":
-        "%s wymaga PHP w wersji 5.3.0 lub nowszej, sorry.",
+    "%s requires php %s or above to work. Sorry.":
+        "%s wymaga PHP w wersji %s lub nowszej. Przykro mi.",
    "%s requires configuration section [%s] to be present in configuration file.":
        "%s wymaga obecności sekcji [%s] w pliku konfiguracyjnym.",
    "Please wait %d seconds between each post.":
@@ -92,16 +92,16 @@
        "Odpowiedz",
    "Anonymous":
        "Anonim",
-    "Anonymous avatar (Vizhash of the IP address)":
+    "Avatar generated from IP address":
        "Anonimowy avatar (Vizhash z adresu IP)",
    "Add comment":
        "Dodaj komentarz",
-    "Optional nickname...":
-        "Opcjonalny nick...",
+    "Optional nickname…":
+        "Opcjonalny nick…",
    "Post comment":
        "Wyślij komentarz",
-    "Sending comment...":
-        "Wysyłanie komentarza...",
+    "Sending comment…":
+        "Wysyłanie komentarza…",
    "Comment posted.":
        "Wysłano komentarz.",
    "Could not refresh display: %s":
@@ -109,13 +109,11 @@
    "unknown status":
        "nieznany status",
    "server error or not responding":
-        "bląd serwera lub brak odpowiedzi",
+        "błąd serwera lub brak odpowiedzi",
    "Could not post comment: %s":
        "Nie udało się wysłać komentarza: %s",
-    "Sending paste (Please move your mouse for more entropy)...":
-        "Wysyłanie wklejki (proszę poruszać myszą aby uzyskać większą entropię)...",
-    "Sending paste...":
-        "Wysyłanie wklejki...",
+    "Sending paste…":
+        "Wysyłanie wklejki…",
    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
        "Twoja wklejka to <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(wciśnij [Ctrl]+[c] aby skopiować)</span>",
    "Delete data":
@@ -129,8 +127,11 @@
    "Source Code": "Kod źródłowy",
    "Markdown": "Markdown",
    "Download attachment": "Pobierz załącznik",
-    "Cloned file attached.": "Sklonowano załączony plik.",
+    "Cloned: '%s'": "Sklonowano: '%s'",
+    "The cloned file '%s' was attached to this paste.": "Sklonowany plik '%s' był dołączony do tej wklejki.",
    "Attach a file": "Załącz plik",
+    "alternatively drag & drop a file or paste an image from the clipboard": "Alternatywnie przeciągnij i upuść plik albo wklej obraz ze schowka",
+    "File too large, to display a preview. Please download the attachment.": "Plik zbyt duży aby wyświetlić podgląd. Proszę pobrać załącznik.",
    "Remove attachment": "Usuń załącznik",
    "Your browser does not support uploading encrypted files. Please use a newer browser.":
        "Twoja przeglądarka nie wspiera wysyłania zaszyfrowanych plików. Użyj nowszej przeglądarki.",
@@ -138,14 +139,27 @@
    "Options": "Opcje",
    "Shorten URL": "Skróć adres URL",
    "Editor": "Edytować",
-    "Preview": "Zapowiedź",
+    "Preview": "Podgląd",
    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
        "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
    "Decrypt":
-        "Decrypt",
+        "Odszyfruj",
    "Enter password":
        "Wpisz hasło",
-    "Loading…": "Loading…",
-    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
-        "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English)."
+    "Loading…": "Wczytywanie…",
+    "Decrypting paste…": "Odszyfrowywanie wklejki…",
+    "Preparing new paste…": "Przygotowywanie nowej wklejki…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "W przypadku gdy ten komunikat nigdy nie znika, proszę spójrz na <a href=\"%s\">to FAQ aby rozwiązać problem</a> (po angielsku).",
+    "+++ no paste text +++": "+++ brak wklejonego tekstu +++",
+    "Could not get paste data: %s":
+        "Nie można było pobrać danych wklejki: %s",
+    "QR code": "Kod QR",
+    "I love you too, bot…": "I love you too, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "This website is using an insecure HTTP connection! Please use it only for testing.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "For more information <a href=\"%s\">see this FAQ entry</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>."
 }
--- a/i18n/pt.json
+++ b/i18n/pt.json
@@ -0,0 +1,165 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s é um serviço minimalista e de código aberto do tipo \"pastebin\", em que o servidor tem zero conhecimento dos dados copiados. Os dados são cifrados e decifrados <i>no navegador</i> usando 256 bits AES. Mais informações na <a href=\"https://privatebin.info/\">página do projeto</a>.",
+    "Because ignorance is bliss":
+        "Porque a ignorância é uma benção",
+    "en": "pt",
+    "Paste does not exist, has expired or has been deleted.":
+        "A cópia não existe, expirou ou já foi excluída.",
+    "%s requires php %s or above to work. Sorry.":
+        "%s requer php %s ou superior para funcionar. Desculpa.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s requer que a seção de configuração [% s] esteja no arquivo de configuração.",
+    "Please wait %d seconds between each post.":
+        "Por favor espere %d segundos entre cada publicação.",
+    "Paste is limited to %s of encrypted data.":
+        "A cópia está limitada a %s de dados cifrados.",
+    "Invalid data.":
+        "Dados inválidos.",
+    "You are unlucky. Try again.":
+        "Você é azarado. Tente novamente",
+    "Error saving comment. Sorry.":
+        "Erro ao salvar comentário. Desculpa.",
+    "Error saving paste. Sorry.":
+        "Erro ao salvar cópia. Desculpa.",
+    "Invalid paste ID.":
+        "ID de cópia inválido.",
+    "Paste is not of burn-after-reading type.":
+        "Cópia não é do tipo \"queime após ler\".",
+    "Wrong deletion token. Paste was not deleted.":
+        "Token de remoção inválido. A cópia não foi excluída.",
+    "Paste was properly deleted.":
+        "A cópia foi devidamente excluída.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "JavaScript é necessário para que %s funcione.<br />Pedimos desculpas pela inconveniência.",
+    "%s requires a modern browser to work.":
+        "%s requer um navegador moderno para funcionar.",
+    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
+        "Ainda usando Internet Explorer? Faça-se um favor, mude para um navegador moderno:",
+    "New":
+        "Novo",
+    "Send":
+        "Enviar",
+    "Clone":
+        "Clonar",
+    "Raw text":
+        "Texto sem formato",
+    "Expires":
+        "Expirar em",
+    "Burn after reading":
+        "Queime após ler",
+    "Open discussion":
+        "Discussão aberta",
+    "Password (recommended)":
+        "Senha (recomendada)",
+    "Discussion":
+        "Discussão",
+    "Toggle navigation":
+        "Mudar navegação",
+    "%d seconds": ["%d segundo", "%d segundos"],
+    "%d minutes": ["%d minuto", "%d minutos"],
+    "%d hours": ["%d hora", "%d horas"],
+    "%d days": ["%d dia", "%d dias"],
+    "%d weeks": ["%d semana", "%d semanas"],
+    "%d months": ["%d mês", "%d meses"],
+    "%d years": ["%d ano", "%d anos"],
+    "Never":
+        "Nunca",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
+        "Nota: Este é um serviço de teste. Dados podem ser perdidos a qualquer momento. Gatinhos morrerão se você abusar desse serviço.",
+    "This document will expire in %d seconds.":
+        ["Este documento irá expirar em um segundo.", "Este documento irá expirar em %d segundos."],
+    "This document will expire in %d minutes.":
+        ["Este documento irá expirar em um minuto.", "Este documento irá expirar em %d minutos."],
+    "This document will expire in %d hours.":
+        ["Este documento irá expirar em uma hora.", "Este documento irá expirar em %d horas."],
+    "This document will expire in %d days.":
+        ["Este documento irá expirar em um dia.", "Este documento irá expirar em %d dias."],
+    "This document will expire in %d months.":
+        ["Este documento irá expirar em um mês.", "Este documento irá expirar em %d meses."],
+    "Please enter the password for this paste:":
+        "Por favor, digite a senha para essa cópia:",
+    "Could not decrypt data (Wrong key?)":
+        "Não foi possível decifrar os dados (Chave errada?)",
+    "Could not delete the paste, it was not stored in burn after reading mode.":
+        "Não foi possível excluir a cópia, ela não foi salva no modo de \"queime após ler\".",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
+        "APENAS PARA SEUS OLHOS. Não feche essa janela, essa mensagem não pode ser exibida novamente.",
+    "Could not decrypt comment; Wrong key?":
+        "Não foi possível decifrar o comentário; Chave errada?",
+    "Reply":
+        "Responder",
+    "Anonymous":
+        "Anônimo",
+    "Avatar generated from IP address":
+        "Avatar gerado à partir do endereço IP",
+    "Add comment":
+        "Adicionar comentário",
+    "Optional nickname…":
+        "Apelido opcional…",
+    "Post comment":
+        "Publicar comentário",
+    "Sending comment…":
+        "Enviando comentário…",
+    "Comment posted.":
+        "Comentário publicado.",
+    "Could not refresh display: %s":
+        "Não foi possível atualizar a tela: %s",
+    "unknown status":
+        "Estado desconhecido",
+    "server error or not responding":
+        "Servidor em erro ou não responsivo",
+    "Could not post comment: %s":
+        "Não foi possível publicar o comentário: %s",
+    "Sending paste…":
+        "Enviando cópia…",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
+        "Sua cópia é <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Pressione [Ctrl]+[c] para copiar)</span>",
+    "Delete data":
+        "Excluir dados",
+    "Could not create paste: %s":
+        "Não foi possível criar cópia: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
+        "Não foi possível decifrar a cópia: chave de decriptografia ausente na URL (Você utilizou um redirecionador ou encurtador de URL que removeu parte dela?)",
+    "Format": "Formato",
+    "Plain Text": "Texto sem formato",
+    "Source Code": "Código fonte",
+    "Markdown": "Markdown",
+    "Download attachment": "Baixar anexo",
+    "Cloned: '%s'": "Clonado: '%s'",
+    "The cloned file '%s' was attached to this paste.": "O arquivo clonado '%s' foi anexado a essa cópia.",
+    "Attach a file": "Anexar um arquivo",
+    "alternatively drag & drop a file or paste an image from the clipboard": "alternatively drag & drop a file or paste an image from the clipboard",
+    "File too large, to display a preview. Please download the attachment.": "File too large, to display a preview. Please download the attachment.",
+    "Remove attachment": "Remover anexo",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.":
+        "Seu navegador não permite subir arquivos cifrados. Por favor, utilize um navegador mais recente.",
+    "Invalid attachment.": "Anexo inválido.",
+    "Options": "Opções",
+    "Shorten URL": "Encurtar URL",
+    "Editor": "Editor",
+    "Preview": "Visualizar",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s requer que o PATH termine em \"%s\". Por favor, atualize o PATH em seu index.php.",
+    "Decrypt":
+        "Decifrar",
+    "Enter password":
+        "Digite a senha",
+    "Loading…": "Carregando…",
+    "Decrypting paste…": "Decifrando cópia…",
+    "Preparing new paste…": "Preparando nova cópia…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "Caso essa mensagem nunca desapareça, por favor veja <a href=\"%s\">este FAQ para saber como resolver os problemas</a>.",
+    "+++ no paste text +++": "+++ sem texto de cópia +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s",
+    "QR code": "QR code",
+    "I love you too, bot…": "I love you too, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "This website is using an insecure HTTP connection! Please use it only for testing.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "For more information <a href=\"%s\">see this FAQ entry</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>."
+}
--- a/i18n/ru.json
+++ b/i18n/ru.json
@@ -7,12 +7,12 @@
    "en": "ru",
    "Paste does not exist, has expired or has been deleted.":
        "Запись не существует, просрочена или была удалена.",
-    "%s requires php 5.3.0 or above to work. Sorry.":
-        "Для работы %s требуется PHP 5.3.0 или выше. Извините.",
+    "%s requires php %s or above to work. Sorry.":
+        "Для работы %s требуется php %s или выше. Извините.",
    "%s requires configuration section [%s] to be present in configuration file.":
        "%s необходимо наличие секции [%s] в конфигурационном файле.",
    "Please wait %d seconds between each post.":
-        ["Пожалуйста ожидайте %d секунду между каждыми записями.", "Пожалуйста ожидайте %d секунды между каждыми записями.", "Пожалуйста ожидайте %d секунд между каждыми записями."],
+        ["Пожалуйста, ожидайте %d секунду между каждыми записями.", "Пожалуйста, ожидайте %d секунды между каждыми записями.", "Пожалуйста, ожидайте %d секунд между каждыми записями."],
    "Paste is limited to %s of encrypted data.":
        "Размер записи ограничен %s зашифрованных данных.",
    "Invalid data.":
@@ -28,11 +28,11 @@
    "Paste is not of burn-after-reading type.":
        "Тип записи не \"Удалить после прочтения\".",
    "Wrong deletion token. Paste was not deleted.":
-        "Неверный ключ удаления записи. Запись не удалена",
+        "Неверный ключ удаления записи. Запись не удалена.",
    "Paste was properly deleted.":
        "Запись была успешно удалена.",
    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
-        "Для работы %s требуется включенный JavaScript.<br />Приносим извинения за неудобства..",
+        "Для работы %s требуется включенный JavaScript.<br />Приносим извинения за неудобства.",
    "%s requires a modern browser to work.":
        "Для работы %s требуется более современный браузер.",
    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
@@ -79,11 +79,11 @@
    "This document will expire in %d months.":
        ["Документ будет удален через %d месяц.", "Документ будет удален через %d месяца.", "Документ будет удален через %d месяцев."],
    "Please enter the password for this paste:":
-        "Пожалуйста введите пароль от записи:",
+        "Пожалуйста, введите пароль от записи:",
    "Could not decrypt data (Wrong key?)":
        "Невозможно расшифровать данные (Неверный ключ?)",
    "Could not delete the paste, it was not stored in burn after reading mode.":
-        "Невозможно удалить запись, она не была сохранена в режиме удаления после прочтения",
+        "Невозможно удалить запись, она не была сохранена в режиме удаления после прочтения.",
    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
        "ТОЛЬКО ДЛЯ ВАШИХ ГЛАЗ. Не закрывайте это окно, это сообщение не может быть показано снова.",
    "Could not decrypt comment; Wrong key?":
@@ -92,38 +92,36 @@
        "Ответить",
    "Anonymous":
        "Аноним",
-    "Anonymous avatar (Vizhash of the IP address)":
-        "Анонимный аватар (Vizhash IP адреса)",
+    "Avatar generated from IP address":
+        "Аватар, сгенерированный из IP-адреса",
    "Add comment":
        "Добавить комментарий",
-    "Optional nickname...":
-        "Опциональный никнейм...",
+    "Optional nickname…":
+        "Опциональный никнейм…",
    "Post comment":
        "Отправить комментарий",
-    "Sending comment...":
-        "Отправка комментария...",
+    "Sending comment…":
+        "Отправка комментария…",
    "Comment posted.":
        "Комментарий опубликован.",
    "Could not refresh display: %s":
-        "Невозможно обновить данные: %s",
+        "Не удалось обновить отображение: %s",
    "unknown status":
        "неизвестная причина",
    "server error or not responding":
        "ошибка сервера или нет ответа",
    "Could not post comment: %s":
        "Не удалось опубликовать комментарий: %s",
-    "Sending paste (Please move your mouse for more entropy)...":
-        "Отправка записи (Пожалуйста двигайте мышкой для большей энтропии)...",
-    "Sending paste...":
-        "Отправка записи...",
+    "Sending paste…":
+        "Отправка записи…",
    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
-        "Ссылка на запись <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Нажмите [Ctrl]+[c] чтобы скопировать ссылку)</span>",
+        "Ссылка на запись <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Нажмите [Ctrl]+[c], чтобы скопировать ссылку)</span>",
    "Delete data":
        "Удалить запись",
    "Could not create paste: %s":
        "Не удалось опубликовать запись: %s",
    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
-        "Невозможно расшифровать запись: Ключ расшифровки отсутствует в ссылке (Может быть вы используете сокращатель ссылок, который удаляет часть ссылки?)",
+        "Невозможно расшифровать запись: Ключ расшифровки отсутствует в ссылке (Может быть, вы используете сокращатель ссылок, который удаляет часть ссылки?)",
    "B": "байт",
    "KiB": "Кбайт",
    "MiB": "Мбайт",
@@ -138,8 +136,12 @@
    "Source Code": "Исходный код",
    "Markdown": "Язык разметки",
    "Download attachment": "Скачать прикрепленный файл",
-    "Cloned file attached.": "Дубль файла прикреплен.",
+    "Cloned: '%s'": "Дублировано: '%s'",
+    "The cloned file '%s' was attached to this paste.":
+        "Дубликат файла '%s' был прикреплен к этой записи.",
    "Attach a file": "Прикрепить файл",
+    "alternatively drag & drop a file or paste an image from the clipboard": "так же можно перенести файл в окно браузера или вставить изображение из буфера",
+    "File too large, to display a preview. Please download the attachment.": "Файл слишком большой для отображения предпросмотра. Пожалуйста, скачайте прикрепленный файл.",
    "Remove attachment": "Удалить вложение",
    "Your browser does not support uploading encrypted files. Please use a newer browser.":
        "Ваш браузер не поддерживает отправку зашифрованных файлов. Используйте более новый браузер.",
@@ -149,11 +151,25 @@
    "Editor": "Редактор",
    "Preview": "Предпросмотр",
    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
-        "Переменная PATH необходима %s в конце \"%s\". Пожалуйста обновите переменную PATH в вашем index.php.",
+        "Переменная PATH необходима %s в конце \"%s\". Пожалуйста, обновите переменную PATH в вашем index.php.",
    "Decrypt":
        "Расшифровать",
    "Enter password":
        "Введите пароль",
-    "Uploading paste… Please wait.":
-        "Отправка записи... Пожалуйста подождите."
+    "Loading…": "Загрузка…",
+    "Decrypting paste…": "Расшифровка записи…",
+    "Preparing new paste…": "Подготовка новой записи…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "Если данное сообщение не исчезает длительное время, посмотрите <a href=\"%s\">этот FAQ с информацией о возможном решении проблемы (на английском)</a>.",
+    "+++ no paste text +++": "+++ в записи нет текста +++",
+    "Could not get paste data: %s":
+        "Не удалось получить данные записи: %s",
+    "QR code": "QR code",
+    "I love you too, bot…": "I love you too, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "This website is using an insecure HTTP connection! Please use it only for testing.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "For more information <a href=\"%s\">see this FAQ entry</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>."
 }
--- a/i18n/sl.json
+++ b/i18n/sl.json
@@ -7,8 +7,8 @@
    "en": "sl",
    "Paste does not exist, has expired or has been deleted.":
        "Prilepek ne obstaja, mu je potekla življenjska doba, ali pa je izbrisan.",
-    "%s requires php 5.3.0 or above to work. Sorry.":
-        "Oprosti, %s za delovanje potrebuje vsaj php 5.3.0.",
+    "%s requires php %s or above to work. Sorry.":
+        "Oprosti, %s za delovanje potrebuje vsaj php %s.",
    "%s requires configuration section [%s] to be present in configuration file.":
        "%s potrebuje sekcijo konfiguracij [%s] v konfiguracijski datoteki.",
    "Please wait %d seconds between each post.":
@@ -92,16 +92,16 @@
        "Odgovori",
    "Anonymous":
        "Aninomno",
-    "Anonymous avatar (Vizhash of the IP address)":
+    "Avatar generated from IP address":
        "Anonimen avatar (Vizhash IP naslova)",
    "Add comment":
        "Dodaj komentar",
-    "Optional nickname...":
+    "Optional nickname…":
        "Uporabniško ime (lahko izpustiš)",
    "Post comment":
        "Objavi komentar",
-    "Sending comment...":
-        "Pošiljam komentar ...",
+    "Sending comment…":
+        "Pošiljam komentar …",
    "Comment posted.":
        "Komentar poslan.",
    "Could not refresh display: %s":
@@ -112,10 +112,8 @@
        "napaka na strežniku, ali pa se strežnik ne odziva",
    "Could not post comment: %s":
        "Komentarja ni bilo mogoče objaviti : %s",
-    "Sending paste (Please move your mouse for more entropy)...":
-        "Pošiljam prilepek (prosim premakni svojo miško za več entropije) ...",
-    "Sending paste...":
-        "Pošiljam prilepek...",
+    "Sending paste…":
+        "Pošiljam prilepek…",
    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
        "Tvoj prilepek je dostopen na naslovu: <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Pritisni [Ctrl]+[c] ali [Cmd] + [c] in skopiraj)</span>",
    "Delete data":
@@ -138,8 +136,11 @@
    "Source Code": "Odprta koda",
    "Markdown": "Markdown",
    "Download attachment": "Pretoči priponko",
-    "Cloned file attached.": "Pripeta datoteka klonirana",
+    "Cloned: '%s'": "'%s' klonirana",
+    "The cloned file '%s' was attached to this paste.": "The cloned file '%s' was attached to this paste.",
    "Attach a file": "Pripni datoteko",
+    "alternatively drag & drop a file or paste an image from the clipboard": "alternatively drag & drop a file or paste an image from the clipboard",
+    "File too large, to display a preview. Please download the attachment.": "File too large, to display a preview. Please download the attachment.",
    "Remove attachment": "Odstrani priponko",
    "Your browser does not support uploading encrypted files. Please use a newer browser.":
        "Tvoj brskalnik ne omogoča nalaganje zakodiranih datotek. Prosim uporabi novejši brskalnik.",
@@ -155,6 +156,19 @@
    "Enter password":
        "Prosim vnesi geslo",
    "Loading…": "Loading…",
-    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
-        "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English)."
+    "Decrypting paste…": "Decrypting paste…",
+    "Preparing new paste…": "Preparing new paste…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a> (in English).",
+    "+++ no paste text +++": "+++ no paste text +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s",
+    "QR code": "QR code",
+    "I love you too, bot…": "I love you too, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "This website is using an insecure HTTP connection! Please use it only for testing.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "For more information <a href=\"%s\">see this FAQ entry</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>."
 }
--- a/i18n/zh.json
+++ b/i18n/zh.json
@@ -1,16 +1,16 @@
 {
    "PrivateBin": "PrivateBin",
    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
-        "%s是一个极简，开源，对粘贴内容毫不知情的在线粘贴板，数据<i>在浏览器内</i>进行AES-256加密。更多信息请查看<a href=\"https://privatebin.info/\">项目主页</a>。",
+        "%s是一个极简、开源、对粘贴内容毫不知情的在线粘贴板，数据<i>在浏览器内</i>进行AES-256加密。更多信息请查看<a href=\"https://privatebin.info/\">项目主页</a>。",
    "Because ignorance is bliss":
        "因为无知是福",
    "en": "zh",
    "Paste does not exist, has expired or has been deleted.":
-        "粘贴不存在，已过期或者已被删除。",
-    "%s requires php 5.3.0 or above to work. Sorry.":
-        "%s需要工作于PHP 5.3.0及以上版本，抱歉。",
+        "粘贴内容不存在，已过期或已被删除。",
+    "%s requires php %s or above to work. Sorry.":
+        "%s需要PHP %s及以上版本来工作，抱歉。",
    "%s requires configuration section [%s] to be present in configuration file.":
-        "%s需要设置配置文件中 [%s] 的部分。",
+        "%s需要设置配置文件中 [%s] 部分。",
    "Please wait %d seconds between each post.":
        "每 %d 秒只能粘贴一次。",
    "Paste is limited to %s of encrypted data.":
@@ -20,29 +20,29 @@
    "You are unlucky. Try again.":
        "请再试一次。",
    "Error saving comment. Sorry.":
-        "存储评论时出现错误，抱歉。",
+        "保存评论时出现错误，抱歉。",
    "Error saving paste. Sorry.":
-        "存储粘贴时出现错误，抱歉。",
+        "保存粘贴内容时出现错误，抱歉。",
    "Invalid paste ID.":
        "无效的ID。",
    "Paste is not of burn-after-reading type.":
-        "粘贴不是阅后即焚类型。",
+        "粘贴内容不是阅后即焚类型。",
    "Wrong deletion token. Paste was not deleted.":
-        "错误的删除token，粘贴没有被删除。",
+        "错误的删除token，粘贴内容没有被删除。",
    "Paste was properly deleted.":
-        "粘贴已被正确删除。",
+        "粘贴内容已被正确删除。",
    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
-        "%s需要JavaScript来进行加解密。<br />带来的不便敬请谅解。",
+        "%s需要JavaScript来进行加解密。<br />给你带来的不便敬请谅解。",
    "%s requires a modern browser to work.":
-        "%s需要工作于现代化的浏览器。",
+        "%s需要在现代浏览器上工作。",
    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
-        "还在使用Internet Explorer？帮自己个忙，换上一个现代化的浏览器：",
+        "还在使用Internet Explorer？对自己好点，换一个现代浏览器：",
    "New":
        "新建",
    "Send":
        "送出",
    "Clone":
-        "克隆",
+        "复制",
    "Raw text":
        "纯文本",
    "Expires":
@@ -52,7 +52,7 @@
    "Open discussion":
        "开放讨论",
    "Password (recommended)":
-        "密码 (推荐)",
+        "密码（推荐）",
    "Discussion":
        "讨论",
    "Toggle navigation":
@@ -79,73 +79,87 @@
    "This document will expire in %d months.":
        ["这份文档将在一个月后过期。", "这份文档将在 %d 个月后过期。"],
    "Please enter the password for this paste:":
-        "请输入这份粘贴的密码：",
+        "请输入这份粘贴内容的密码：",
    "Could not decrypt data (Wrong key?)":
-        "无法解密数据 (密钥错误？)",
+        "无法解密数据（密钥错误？）",
    "Could not delete the paste, it was not stored in burn after reading mode.":
-        "无法删除此粘贴，它没有以阅后即焚模式存储。",
+        "无法删除此粘贴内容，它没有以阅后即焚模式保存。",
    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
-        "看！仔！细！了！ 不要关闭窗口，否则你再也见不到这条消息了。",
+        "看！仔！细！了！不要关闭窗口，否则你再也见不到这条消息了。",
    "Could not decrypt comment; Wrong key?":
        "无法解密评论; 密钥错误？",
    "Reply":
        "回复",
    "Anonymous":
        "匿名",
-    "Anonymous avatar (Vizhash of the IP address)":
-        "匿名头像 (由IP地址生成Vizhash)",
+    "Avatar generated from IP address":
+        "由IP生成的头像",
    "Add comment":
        "添加评论",
-    "Optional nickname...":
-        "可选昵称...",
+    "Optional nickname…":
+        "可选昵称…",
    "Post comment":
        "评论",
-    "Sending comment...":
-        "评论发送中...",
+    "Sending comment…":
+        "评论发送中…",
    "Comment posted.":
        "评论已发送。",
    "Could not refresh display: %s":
-        "无法刷新显示： %s",
+        "无法刷新显示：%s",
    "unknown status":
        "未知状态",
    "server error or not responding":
        "服务器错误或无回应",
    "Could not post comment: %s":
        "无法发送评论： %s",
-    "Sending paste (Please move your mouse for more entropy)...":
-        "粘贴提交中 (请移动鼠标以产生更多熵)...",
-    "Sending paste...":
-        "粘贴提交中...",
+    "Sending paste…":
+        "粘贴内容提交中…",
    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
-        "您的粘贴的链接是<a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(按下 [Ctrl]+[c] 以复制)</span>",
+        "您粘贴内容的链接是<a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(按下 [Ctrl]+[c] 以复制)</span>",
    "Delete data":
        "删除数据",
    "Could not create paste: %s":
-        "无法创建粘贴： %s",
+        "无法创建粘贴：%s",
    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
-        "无法解密粘贴： URL中缺失解密密钥 (是否使用了重定向或者短链接导致密钥丢失？)",
+        "无法解密粘贴：URL中缺失解密密钥（是否使用了重定向或者短链接导致密钥丢失？）",
    "Format": "格式",
    "Plain Text": "纯文本",
    "Source Code": "源代码",
    "Markdown": "Markdown",
    "Download attachment": "下载附件",
-    "Cloned file attached.": "已附加克隆的文件",
+    "Cloned: '%s'": "副本: '%s'",
+    "The cloned file '%s' was attached to this paste.": "副本 '%s' 已附加到此粘贴内容。",
    "Attach a file": "添加一个附件",
+    "alternatively drag & drop a file or paste an image from the clipboard": "拖放文件或从剪贴板粘贴图片",
+    "File too large, to display a preview. Please download the attachment.": "文件过大。要显示预览，请下载附件。",
    "Remove attachment": "移除附件",
    "Your browser does not support uploading encrypted files. Please use a newer browser.":
        "您的浏览器不支持上传加密的文件，请使用更新的浏览器。",
    "Invalid attachment.": "无效的附件",
    "Options": "选项",
    "Shorten URL": "缩短链接",
-    "Editor": "編輯",
-    "Preview": "預習",
+    "Editor": "编辑",
+    "Preview": "预览",
    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
-        "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
+        "%s 的 PATH 变量必须结束于 \"%s\"。 请修改你的 index.php 中的 PATH 变量。",
    "Decrypt":
-        "Decrypt",
+        "解密",
    "Enter password":
-        "Enter password",
-    "Loading…": "Loading…",
-    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
-        "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English)."
+        "输入密码",
+    "Loading…": "载入中…",
+    "Decrypting paste…": "正在解密",
+    "Preparing new paste…": "正在准备新的粘贴内容",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.":
+        "如果这个消息一直存在，请参考 <a href=\"%s\">这里的 FAQ （英文版）</a>进行故障排除。",
+    "+++ no paste text +++": "+++ 没有粘贴内容 +++",
+    "Could not get paste data: %s":
+        "无法获取粘贴数据：%s",
+    "QR code": "二维码",
+    "I love you too, bot…": "I love you too, bot…",
+    "This website is using an insecure HTTP connection! Please use it only for testing.":
+        "This website is using an insecure HTTP connection! Please use it only for testing.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.":
+        "For more information <a href=\"%s\">see this FAQ entry</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.":
+        "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>."
 }
--- a/img/icon_qr.png
+++ b/img/icon_qr.png
--- a/index.php
+++ b/index.php
@@ -7,7 +7,7 @@
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.1
+ * @version   1.3
 */

 // change this, if your php files and data is outside of your webservers document root
@@ -15,4 +15,4 @@ define('PATH', '');

 define('PUBLIC_PATH', __DIR__);
 require PATH . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
-new PrivateBin\PrivateBin;
+new PrivateBin\Controller;
--- a/js/.nycrc.yml
+++ b/js/.nycrc.yml
@@ -0,0 +1,8 @@
+---
+include:
+  - privatebin.js
+reporter:
+  - text
+  - html
+report-dir: ../tst/log/js-coverage-report
+temp-dir: /tmp/nyc-output
--- a/js/base-x-3.0.5.1.js
+++ b/js/base-x-3.0.5.1.js
@@ -0,0 +1,151 @@
+// base-x encoding / decoding
+// based on https://github.com/cryptocoinjs/base-x 3.0.5
+// modification: removed Buffer dependency and node.modules entry
+// Copyright (c) 2018 base-x contributors
+// Copyright (c) 2014-2018 The Bitcoin Core developers (base58.cpp)
+// Distributed under the MIT software license, see the accompanying
+// file LICENSE or http://www.opensource.org/licenses/mit-license.php.
+
+(function(){
+'use strict';
+this.baseX = function base (ALPHABET) {
+  if (ALPHABET.length >= 255) throw new TypeError('Alphabet too long')
+
+  const BASE_MAP = new Uint8Array(256)
+  BASE_MAP.fill(255)
+
+  for (let i = 0; i < ALPHABET.length; i++) {
+    const x = ALPHABET.charAt(i)
+    const xc = x.charCodeAt(0)
+
+    if (BASE_MAP[xc] !== 255) throw new TypeError(x + ' is ambiguous')
+    BASE_MAP[xc] = i
+  }
+
+  const BASE = ALPHABET.length
+  const LEADER = ALPHABET.charAt(0)
+  const FACTOR = Math.log(BASE) / Math.log(256) // log(BASE) / log(256), rounded up
+  const iFACTOR = Math.log(256) / Math.log(BASE) // log(256) / log(BASE), rounded up
+
+  function encode (source) {
+    if (source.length === 0) return ''
+
+    // Skip & count leading zeroes.
+    let zeroes = 0
+    let length = 0
+    let pbegin = 0
+    const pend = source.length
+
+    while (pbegin !== pend && source[pbegin] === 0) {
+      pbegin++
+      zeroes++
+    }
+
+    // Allocate enough space in big-endian base58 representation.
+    const size = ((pend - pbegin) * iFACTOR + 1) >>> 0
+    const b58 = new Uint8Array(size)
+
+    // Process the bytes.
+    while (pbegin !== pend) {
+      let carry = source[pbegin]
+
+      // Apply "b58 = b58 * 256 + ch".
+      let i = 0
+      for (let it = size - 1; (carry !== 0 || i < length) && (it !== -1); it--, i++) {
+        carry += (256 * b58[it]) >>> 0
+        b58[it] = (carry % BASE) >>> 0
+        carry = (carry / BASE) >>> 0
+      }
+
+      if (carry !== 0) throw new Error('Non-zero carry')
+      length = i
+      pbegin++
+    }
+
+    // Skip leading zeroes in base58 result.
+    let it = size - length
+    while (it !== size && b58[it] === 0) {
+      it++
+    }
+
+    // Translate the result into a string.
+    let str = LEADER.repeat(zeroes)
+    for (; it < size; ++it) str += ALPHABET.charAt(b58[it])
+
+    return str
+  }
+
+  function decodeUnsafe (source) {
+    if (typeof source !== 'string') throw new TypeError('Expected String')
+    if (source.length === 0) return ''
+
+    let psz = 0
+
+    // Skip leading spaces.
+    if (source[psz] === ' ') return
+
+    // Skip and count leading '1's.
+    let zeroes = 0
+    let length = 0
+    while (source[psz] === LEADER) {
+      zeroes++
+      psz++
+    }
+
+    // Allocate enough space in big-endian base256 representation.
+    const size = (((source.length - psz) * FACTOR) + 1) >>> 0 // log(58) / log(256), rounded up.
+    const b256 = new Uint8Array(size)
+
+    // Process the characters.
+    while (source[psz]) {
+      // Decode character
+      let carry = BASE_MAP[source.charCodeAt(psz)]
+
+      // Invalid character
+      if (carry === 255) return
+
+      let i = 0
+      for (let it = size - 1; (carry !== 0 || i < length) && (it !== -1); it--, i++) {
+        carry += (BASE * b256[it]) >>> 0
+        b256[it] = (carry % 256) >>> 0
+        carry = (carry / 256) >>> 0
+      }
+
+      if (carry !== 0) throw new Error('Non-zero carry')
+      length = i
+      psz++
+    }
+
+    // Skip trailing spaces.
+    if (source[psz] === ' ') return
+
+    // Skip leading zeroes in b256.
+    let it = size - length
+    while (it !== size && b256[it] === 0) {
+      it++
+    }
+
+    var vch = [];
+
+    let j = zeroes
+    while (it !== size) {
+      vch[j++] = b256[it++]
+    }
+
+    return vch
+  }
+
+  function decode (string) {
+    const buffer = decodeUnsafe(string)
+    if (buffer) return buffer
+
+    throw new Error('Non-base' + BASE + ' character')
+  }
+
+  return {
+    encode: encode,
+    decodeUnsafe: decodeUnsafe,
+    decode: decode
+  }
+}
+}).call(this);
--- a/js/base64-2.1.9.js
+++ b/js/base64-2.1.9.js
@@ -1 +0,0 @@
-(function(global){"use strict";var _Base64=global.Base64;var version="2.1.9";var buffer;if(typeof module!=="undefined"&&module.exports){try{buffer=require("buffer").Buffer}catch(err){}}var b64chars="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";var b64tab=function(bin){var t={};for(var i=0,l=bin.length;i<l;i++)t[bin.charAt(i)]=i;return t}(b64chars);var fromCharCode=String.fromCharCode;var cb_utob=function(c){if(c.length<2){var cc=c.charCodeAt(0);return cc<128?c:cc<2048?fromCharCode(192|cc>>>6)+fromCharCode(128|cc&63):fromCharCode(224|cc>>>12&15)+fromCharCode(128|cc>>>6&63)+fromCharCode(128|cc&63)}else{var cc=65536+(c.charCodeAt(0)-55296)*1024+(c.charCodeAt(1)-56320);return fromCharCode(240|cc>>>18&7)+fromCharCode(128|cc>>>12&63)+fromCharCode(128|cc>>>6&63)+fromCharCode(128|cc&63)}};var re_utob=/[\uD800-\uDBFF][\uDC00-\uDFFFF]|[^\x00-\x7F]/g;var utob=function(u){return u.replace(re_utob,cb_utob)};var cb_encode=function(ccc){var padlen=[0,2,1][ccc.length%3],ord=ccc.charCodeAt(0)<<16|(ccc.length>1?ccc.charCodeAt(1):0)<<8|(ccc.length>2?ccc.charCodeAt(2):0),chars=[b64chars.charAt(ord>>>18),b64chars.charAt(ord>>>12&63),padlen>=2?"=":b64chars.charAt(ord>>>6&63),padlen>=1?"=":b64chars.charAt(ord&63)];return chars.join("")};var btoa=global.btoa?function(b){return global.btoa(b)}:function(b){return b.replace(/[\s\S]{1,3}/g,cb_encode)};var _encode=buffer?function(u){return(u.constructor===buffer.constructor?u:new buffer(u)).toString("base64")}:function(u){return btoa(utob(u))};var encode=function(u,urisafe){return!urisafe?_encode(String(u)):_encode(String(u)).replace(/[+\/]/g,function(m0){return m0=="+"?"-":"_"}).replace(/=/g,"")};var encodeURI=function(u){return encode(u,true)};var re_btou=new RegExp(["[À-ß][-¿]","[à-ï][-¿]{2}","[ð-÷][-¿]{3}"].join("|"),"g");var cb_btou=function(cccc){switch(cccc.length){case 4:var cp=(7&cccc.charCodeAt(0))<<18|(63&cccc.charCodeAt(1))<<12|(63&cccc.charCodeAt(2))<<6|63&cccc.charCodeAt(3),offset=cp-65536;return fromCharCode((offset>>>10)+55296)+fromCharCode((offset&1023)+56320);case 3:return fromCharCode((15&cccc.charCodeAt(0))<<12|(63&cccc.charCodeAt(1))<<6|63&cccc.charCodeAt(2));default:return fromCharCode((31&cccc.charCodeAt(0))<<6|63&cccc.charCodeAt(1))}};var btou=function(b){return b.replace(re_btou,cb_btou)};var cb_decode=function(cccc){var len=cccc.length,padlen=len%4,n=(len>0?b64tab[cccc.charAt(0)]<<18:0)|(len>1?b64tab[cccc.charAt(1)]<<12:0)|(len>2?b64tab[cccc.charAt(2)]<<6:0)|(len>3?b64tab[cccc.charAt(3)]:0),chars=[fromCharCode(n>>>16),fromCharCode(n>>>8&255),fromCharCode(n&255)];chars.length-=[0,0,2,1][padlen];return chars.join("")};var atob=global.atob?function(a){return global.atob(a)}:function(a){return a.replace(/[\s\S]{1,4}/g,cb_decode)};var _decode=buffer?function(a){return(a.constructor===buffer.constructor?a:new buffer(a,"base64")).toString()}:function(a){return btou(atob(a))};var decode=function(a){return _decode(String(a).replace(/[-_]/g,function(m0){return m0=="-"?"+":"/"}).replace(/[^A-Za-z0-9\+\/]/g,""))};var noConflict=function(){var Base64=global.Base64;global.Base64=_Base64;return Base64};global.Base64={VERSION:version,atob:atob,btoa:btoa,fromBase64:decode,toBase64:encode,utob:utob,encode:encode,encodeURI:encodeURI,btou:btou,decode:decode,noConflict:noConflict};if(typeof Object.defineProperty==="function"){var noEnum=function(v){return{value:v,enumerable:false,writable:true,configurable:true}};global.Base64.extendString=function(){Object.defineProperty(String.prototype,"fromBase64",noEnum(function(){return decode(this)}));Object.defineProperty(String.prototype,"toBase64",noEnum(function(urisafe){return encode(this,urisafe)}));Object.defineProperty(String.prototype,"toBase64URI",noEnum(function(){return encode(this,true)}))}}if(global["Meteor"]){Base64=global.Base64}})(this);
--- a/js/comment.jsonld
+++ b/js/comment.jsonld
@@ -1,16 +1,35 @@
 {
 	"@context": {
 		"so": "https://schema.org/",
-		"status": "so:Integer",
-		"id": "so:name",
-		"parentid": "so:name",
-		"url: {
-			"@id": "so:url",
-			"@type": "@id"
+		"pb": "?jsonld=types#",
+		"cm": "?jsonld=commentmeta#",
+		"status": {
+			"@type": "so:Integer"
+		},
+		"id": {
+			"@type": "so:name"
+		},
+		"pasteid": {
+			"@type": "so:name"
+		},
+		"parentid": {
+			"@type": "so:name"
+		},
+		"url": {
+			"@type": "so:url"
+		},
+		"v": {
+			"@type": "so:Integer",
+			"@value": 2
+		},
+		"ct": {
+			"@type": "pb:CipherText"
+		},
+		"adata": {
+			"@type": "pb:CipherParameters"
 		},
-		"data": "so:Text",
 		"meta": {
-			"@id": "?jsonld=commentmeta"
+			"@type": "cm:MetaData"
 		}
 	}
 }
--- a/js/commentmeta.jsonld
+++ b/js/commentmeta.jsonld
@@ -1,8 +1,14 @@
 {
 	"@context": {
 		"so": "https://schema.org/",
-		"postdate": "so:Integer",
-		"nickname": "so:Text",
-		"vizhash": "so:Text"
+		"pb": "?jsonld=types#"
+	},
+	"MetaData": {
+		"created": {
+			"@type": "CreationTime"
+		},
+		"icon": {
+			"@type": "so:url"
+		}
 	}
 }
--- a/js/common.js
+++ b/js/common.js
@@ -0,0 +1,164 @@
+'use strict';
+
+// testing prerequisites
+global.assert = require('assert');
+global.jsc = require('jsverify');
+global.jsdom = require('jsdom-global');
+global.cleanup = global.jsdom();
+global.URL = require('jsdom-url').URL;
+global.fs = require('fs');
+global.WebCrypto = require('node-webcrypto-ossl');
+
+// application libraries to test
+global.$ = global.jQuery = require('./jquery-3.4.1');
+global.RawDeflate = require('./rawinflate-0.3').RawDeflate;
+global.zlib = require('./zlib-1.2.11').zlib;
+require('./prettify');
+global.prettyPrint = window.PR.prettyPrint;
+global.prettyPrintOne = window.PR.prettyPrintOne;
+global.showdown = require('./showdown-1.9.0');
+global.DOMPurify = require('./purify-1.0.11');
+global.baseX = require('./base-x-3.0.5.1').baseX;
+require('./bootstrap-3.3.7');
+require('./privatebin');
+
+// internal variables
+var a2zString    = ['a','b','c','d','e','f','g','h','i','j','k','l','m',
+                    'n','o','p','q','r','s','t','u','v','w','x','y','z'],
+    digitString  = ['0','1','2','3','4','5','6','7','8','9'],
+    alnumString  = a2zString.concat(digitString),
+    hexString    = digitString.concat(['a','b','c','d','e','f']),
+    queryString  = alnumString.concat(['+','%','&','.','*','-','_']),
+    hashString   = queryString.concat(['!']),
+    base64String = alnumString.concat(['+','/','=']).concat(
+        a2zString.map(function(c) {
+            return c.toUpperCase();
+        })
+    ),
+    schemas = ['ftp','gopher','http','https','ws','wss'],
+    supportedLanguages = ['de', 'es', 'fr', 'it', 'no', 'pl', 'pt', 'oc', 'ru', 'sl', 'zh'],
+    mimeTypes = ['image/png', 'application/octet-stream'],
+    formats = ['plaintext', 'markdown', 'syntaxhighlighting'],
+    /**
+     * character to HTML entity lookup table
+     *
+     * @see    {@link https://github.com/janl/mustache.js/blob/master/mustache.js#L60}
+     */
+    entityMap = {
+        '&': '&amp;',
+        '<': '&lt;',
+        '>': '&gt;',
+        '"': '&quot;',
+        "'": '&#39;',
+        '/': '&#x2F;',
+        '`': '&#x60;',
+        '=': '&#x3D;'
+    },
+    mimeFile = fs.createReadStream('/etc/mime.types'),
+    mimeLine = '';
+
+// populate mime types from environment
+mimeFile.on('data', function(data) {
+    mimeLine += data;
+    var index = mimeLine.indexOf('\n');
+    while (index > -1) {
+        var line = mimeLine.substring(0, index);
+        mimeLine = mimeLine.substring(index + 1);
+        parseMime(line);
+        index = mimeLine.indexOf('\n');
+    }
+});
+
+mimeFile.on('end', function() {
+    if (mimeLine.length > 0) {
+        parseMime(mimeLine);
+    }
+});
+
+function parseMime(line) {
+    // ignore comments
+    var index = line.indexOf('#');
+    if (index > -1) {
+        line = line.substring(0, index);
+    }
+
+    // ignore bits after tabs
+    index = line.indexOf('\t');
+    if (index > -1) {
+        line = line.substring(0, index);
+    }
+    if (line.length > 0) {
+        mimeTypes.push(line);
+    }
+}
+
+// common testing helper functions
+exports.atob = atob;
+exports.btoa = btoa;
+
+/**
+ * convert all applicable characters to HTML entities
+ *
+ * @see    {@link https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content}
+ * @name   htmlEntities
+ * @function
+ * @param  {string} str
+ * @return {string} escaped HTML
+ */
+exports.htmlEntities = function(str) {
+    return String(str).replace(
+        /[&<>"'`=\/]/g, function(s) {
+            return entityMap[s];
+        });
+};
+
+// provides random lowercase characters from a to z
+exports.jscA2zString = function() {
+    return jsc.elements(a2zString);
+};
+
+// provides random lowercase alpha numeric characters (a to z and 0 to 9)
+exports.jscAlnumString = function() {
+    return jsc.elements(alnumString);
+};
+
+//provides random characters allowed in hexadecimal notation
+exports.jscHexString = function() {
+    return jsc.elements(hexString);
+};
+
+// provides random characters allowed in GET queries
+exports.jscQueryString = function() {
+    return jsc.elements(queryString);
+};
+
+// provides random characters allowed in hash queries
+exports.jscHashString = function() {
+    return jsc.elements(hashString);
+};
+
+// provides random characters allowed in base64 encoded strings
+exports.jscBase64String = function() {
+    return jsc.elements(base64String);
+};
+
+// provides a random URL schema supported by the whatwg-url library
+exports.jscSchemas = function() {
+    return jsc.elements(schemas);
+};
+
+// provides a random supported language string
+exports.jscSupportedLanguages = function() {
+    return jsc.elements(supportedLanguages);
+};
+
+// provides a random mime type
+exports.jscMimeTypes = function() {
+    return jsc.elements(mimeTypes);
+};
+
+// provides a random PrivateBin paste formatter
+exports.jscFormats = function() {
+    return jsc.elements(formats);
+};
+
--- a/js/jquery-3.1.1.js
+++ b/js/jquery-3.1.1.js
--- a/js/jquery-3.4.1.js
+++ b/js/jquery-3.4.1.js
--- a/js/kjua-0.6.0.js
+++ b/js/kjua-0.6.0.js
--- a/js/package.json
+++ b/js/package.json
@@ -0,0 +1,43 @@
+{
+  "name": "privatebin",
+  "version": "1.3",
+  "description": "PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bit AES in Galois Counter mode (GCM).",
+  "main": "privatebin.js",
+  "directories": {
+    "test": "test"
+  },
+  "dependencies": {},
+  "devDependencies": {
+    "jsdom": "^9.12.0",
+    "jsdom-global": "^2.1.1",
+    "jsdom-url": "^2.2.1",
+    "jsverify": "^0.8.3",
+    "node-webcrypto-ossl": "^1.0.37"
+  },
+  "scripts": {
+    "test": "mocha"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/PrivateBin/PrivateBin.git"
+  },
+  "keywords": [
+    "private",
+    "secure",
+    "end-to-end-encrypted",
+    "e2e",
+    "paste",
+    "pastebin",
+    "zero",
+    "zero-knowledge",
+    "encryption",
+    "encrypted",
+    "AES"
+  ],
+  "author": "",
+  "license": "zlib-acknowledgement",
+  "bugs": {
+    "url": "https://github.com/PrivateBin/PrivateBin/issues"
+  },
+  "homepage": "https://privatebin.info/"
+}
--- a/js/paste.jsonld
+++ b/js/paste.jsonld
@@ -1,24 +1,42 @@
 {
 	"@context": {
 		"so": "https://schema.org/",
-		"status": {"@id": "so:Integer"},
-		"id": {"@id": "so:name"},
-		"deletetoken": {"@id": "so:Text"},
-		"url": {
-			"@type": "@id",
-			"@id": "so:url"
+		"pb": "?jsonld=types#",
+		"pm": "?jsonld=pastemeta#",
+		"status": {
+			"@type": "so:Integer"
+		},
+		"id": {
+			"@type": "so:name"
+		},
+		"deletetoken": {
+			"@type": "so:Text"
+		},
+		"url": {
+			"@type": "so:url"
+		},
+		"v": {
+			"@type": "so:Integer",
+			"@value": 2
+		},
+		"ct": {
+			"@type": "pb:CipherText"
+		},
+		"adata": {
+			"@type": "pm:AuthenticatedData"
 		},
-		"data": {"@id": "so:Text"},
-		"attachment": {"@id": "so:Text"},
-		"attachmentname": {"@id": "so:Text"},
 		"meta": {
-			"@id": "?jsonld=pastemeta"
+			"@type": "pm:MetaData"
 		},
 		"comments": {
-			"@id": "?jsonld=comment",
+			"@type": "?jsonld=comment",
 			"@container": "@list"
 		},
-		"comment_count": {"@id": "so:Integer"},
-		"comment_offset": {"@id": "so:Integer"}
+		"comment_count": {
+			"@type": "so:Integer"
+		},
+		"comment_offset": {
+			"@type": "so:Integer"
+		}
 	}
 }
--- a/js/pastemeta.jsonld
+++ b/js/pastemeta.jsonld
@@ -1,11 +1,31 @@
 {
 	"@context": {
 		"so": "https://schema.org/",
-		"formatter": {"@id": "so:Text"},
-		"postdate": {"@id": "so:Integer"},
-		"opendiscussion": {"@id": "so:True"},
-		"burnafterreading": {"@id": "so:True"},
-		"expire_date": {"@id": "so:Integer"},
-		"remaining_time": {"@id": "so:Integer"}
+		"pb": "?jsonld=types#"
+	},
+	"AuthenticatedData": {
+		"@container": "@list",
+		"@value": [
+			{
+				"@type": "pb:CipherParameters"
+			},
+			{
+				"@type": "pb:Formatter"
+			},
+			{
+				"@type": "pb:OpenDiscussion"
+			},
+			{
+				"@type": "pb:BurnAfterReading"
+			}
+		]
+	},
+	"MetaData": {
+		"expire": {
+			"@type": "pb:Expiration"
+		},
+		"time_to_live": {
+			"@type": "pb:RemainingSeconds"
+		}
 	}
 }
--- a/js/prettify.js
+++ b/js/prettify.js
@@ -1,30 +1,30 @@
-!function(){var q=null;window.PR_SHOULD_USE_CONTINUATION=!0;
-(function(){function R(a){function d(e){var b=e.charCodeAt(0);if(b!==92)return b;var a=e.charAt(1);return(b=r[a])?b:"0"<=a&&a<="7"?parseInt(e.substring(1),8):a==="u"||a==="x"?parseInt(e.substring(2),16):e.charCodeAt(1)}function g(e){if(e<32)return(e<16?"\\x0":"\\x")+e.toString(16);e=String.fromCharCode(e);return e==="\\"||e==="-"||e==="]"||e==="^"?"\\"+e:e}function b(e){var b=e.substring(1,e.length-1).match(/\\u[\dA-Fa-f]{4}|\\x[\dA-Fa-f]{2}|\\[0-3][0-7]{0,2}|\\[0-7]{1,2}|\\[\S\s]|[^\\]/g),e=[],a=
-b[0]==="^",c=["["];a&&c.push("^");for(var a=a?1:0,f=b.length;a<f;++a){var h=b[a];if(/\\[bdsw]/i.test(h))c.push(h);else{var h=d(h),l;a+2<f&&"-"===b[a+1]?(l=d(b[a+2]),a+=2):l=h;e.push([h,l]);l<65||h>122||(l<65||h>90||e.push([Math.max(65,h)|32,Math.min(l,90)|32]),l<97||h>122||e.push([Math.max(97,h)&-33,Math.min(l,122)&-33]))}}e.sort(function(e,a){return e[0]-a[0]||a[1]-e[1]});b=[];f=[];for(a=0;a<e.length;++a)h=e[a],h[0]<=f[1]+1?f[1]=Math.max(f[1],h[1]):b.push(f=h);for(a=0;a<b.length;++a)h=b[a],c.push(g(h[0])),
-h[1]>h[0]&&(h[1]+1>h[0]&&c.push("-"),c.push(g(h[1])));c.push("]");return c.join("")}function s(e){for(var a=e.source.match(/\[(?:[^\\\]]|\\[\S\s])*]|\\u[\dA-Fa-f]{4}|\\x[\dA-Fa-f]{2}|\\\d+|\\[^\dux]|\(\?[!:=]|[()^]|[^()[\\^]+/g),c=a.length,d=[],f=0,h=0;f<c;++f){var l=a[f];l==="("?++h:"\\"===l.charAt(0)&&(l=+l.substring(1))&&(l<=h?d[l]=-1:a[f]=g(l))}for(f=1;f<d.length;++f)-1===d[f]&&(d[f]=++x);for(h=f=0;f<c;++f)l=a[f],l==="("?(++h,d[h]||(a[f]="(?:")):"\\"===l.charAt(0)&&(l=+l.substring(1))&&l<=h&&
-(a[f]="\\"+d[l]);for(f=0;f<c;++f)"^"===a[f]&&"^"!==a[f+1]&&(a[f]="");if(e.ignoreCase&&m)for(f=0;f<c;++f)l=a[f],e=l.charAt(0),l.length>=2&&e==="["?a[f]=b(l):e!=="\\"&&(a[f]=l.replace(/[A-Za-z]/g,function(a){a=a.charCodeAt(0);return"["+String.fromCharCode(a&-33,a|32)+"]"}));return a.join("")}for(var x=0,m=!1,j=!1,k=0,c=a.length;k<c;++k){var i=a[k];if(i.ignoreCase)j=!0;else if(/[a-z]/i.test(i.source.replace(/\\u[\da-f]{4}|\\x[\da-f]{2}|\\[^UXux]/gi,""))){m=!0;j=!1;break}}for(var r={b:8,t:9,n:10,v:11,
-f:12,r:13},n=[],k=0,c=a.length;k<c;++k){i=a[k];if(i.global||i.multiline)throw Error(""+i);n.push("(?:"+s(i)+")")}return RegExp(n.join("|"),j?"gi":"g")}function S(a,d){function g(a){var c=a.nodeType;if(c==1){if(!b.test(a.className)){for(c=a.firstChild;c;c=c.nextSibling)g(c);c=a.nodeName.toLowerCase();if("br"===c||"li"===c)s[j]="\n",m[j<<1]=x++,m[j++<<1|1]=a}}else if(c==3||c==4)c=a.nodeValue,c.length&&(c=d?c.replace(/\r\n?/g,"\n"):c.replace(/[\t\n\r ]+/g," "),s[j]=c,m[j<<1]=x,x+=c.length,m[j++<<1|1]=
-a)}var b=/(?:^|\s)nocode(?:\s|$)/,s=[],x=0,m=[],j=0;g(a);return{a:s.join("").replace(/\n$/,""),d:m}}function H(a,d,g,b){d&&(a={a:d,e:a},g(a),b.push.apply(b,a.g))}function T(a){for(var d=void 0,g=a.firstChild;g;g=g.nextSibling)var b=g.nodeType,d=b===1?d?a:g:b===3?U.test(g.nodeValue)?a:d:d;return d===a?void 0:d}function D(a,d){function g(a){for(var j=a.e,k=[j,"pln"],c=0,i=a.a.match(s)||[],r={},n=0,e=i.length;n<e;++n){var z=i[n],w=r[z],t=void 0,f;if(typeof w==="string")f=!1;else{var h=b[z.charAt(0)];
-if(h)t=z.match(h[1]),w=h[0];else{for(f=0;f<x;++f)if(h=d[f],t=z.match(h[1])){w=h[0];break}t||(w="pln")}if((f=w.length>=5&&"lang-"===w.substring(0,5))&&!(t&&typeof t[1]==="string"))f=!1,w="src";f||(r[z]=w)}h=c;c+=z.length;if(f){f=t[1];var l=z.indexOf(f),B=l+f.length;t[2]&&(B=z.length-t[2].length,l=B-f.length);w=w.substring(5);H(j+h,z.substring(0,l),g,k);H(j+h+l,f,I(w,f),k);H(j+h+B,z.substring(B),g,k)}else k.push(j+h,w)}a.g=k}var b={},s;(function(){for(var g=a.concat(d),j=[],k={},c=0,i=g.length;c<i;++c){var r=
-g[c],n=r[3];if(n)for(var e=n.length;--e>=0;)b[n.charAt(e)]=r;r=r[1];n=""+r;k.hasOwnProperty(n)||(j.push(r),k[n]=q)}j.push(/[\S\s]/);s=R(j)})();var x=d.length;return g}function v(a){var d=[],g=[];a.tripleQuotedStrings?d.push(["str",/^(?:'''(?:[^'\\]|\\[\S\s]|''?(?=[^']))*(?:'''|$)|"""(?:[^"\\]|\\[\S\s]|""?(?=[^"]))*(?:"""|$)|'(?:[^'\\]|\\[\S\s])*(?:'|$)|"(?:[^"\\]|\\[\S\s])*(?:"|$))/,q,"'\""]):a.multiLineStrings?d.push(["str",/^(?:'(?:[^'\\]|\\[\S\s])*(?:'|$)|"(?:[^"\\]|\\[\S\s])*(?:"|$)|`(?:[^\\`]|\\[\S\s])*(?:`|$))/,
-q,"'\"`"]):d.push(["str",/^(?:'(?:[^\n\r'\\]|\\.)*(?:'|$)|"(?:[^\n\r"\\]|\\.)*(?:"|$))/,q,"\"'"]);a.verbatimStrings&&g.push(["str",/^@"(?:[^"]|"")*(?:"|$)/,q]);var b=a.hashComments;b&&(a.cStyleComments?(b>1?d.push(["com",/^#(?:##(?:[^#]|#(?!##))*(?:###|$)|.*)/,q,"#"]):d.push(["com",/^#(?:(?:define|e(?:l|nd)if|else|error|ifn?def|include|line|pragma|undef|warning)\b|[^\n\r]*)/,q,"#"]),g.push(["str",/^<(?:(?:(?:\.\.\/)*|\/?)(?:[\w-]+(?:\/[\w-]+)+)?[\w-]+\.h(?:h|pp|\+\+)?|[a-z]\w*)>/,q])):d.push(["com",
-/^#[^\n\r]*/,q,"#"]));a.cStyleComments&&(g.push(["com",/^\/\/[^\n\r]*/,q]),g.push(["com",/^\/\*[\S\s]*?(?:\*\/|$)/,q]));if(b=a.regexLiterals){var s=(b=b>1?"":"\n\r")?".":"[\\S\\s]";g.push(["lang-regex",RegExp("^(?:^^\\.?|[+-]|[!=]=?=?|\\#|%=?|&&?=?|\\(|\\*=?|[+\\-]=|->|\\/=?|::?|<<?=?|>>?>?=?|,|;|\\?|@|\\[|~|{|\\^\\^?=?|\\|\\|?=?|break|case|continue|delete|do|else|finally|instanceof|return|throw|try|typeof)\\s*("+("/(?=[^/*"+b+"])(?:[^/\\x5B\\x5C"+b+"]|\\x5C"+s+"|\\x5B(?:[^\\x5C\\x5D"+b+"]|\\x5C"+
-s+")*(?:\\x5D|$))+/")+")")])}(b=a.types)&&g.push(["typ",b]);b=(""+a.keywords).replace(/^ | $/g,"");b.length&&g.push(["kwd",RegExp("^(?:"+b.replace(/[\s,]+/g,"|")+")\\b"),q]);d.push(["pln",/^\s+/,q," \r\n\t\u00a0"]);b="^.[^\\s\\w.$@'\"`/\\\\]*";a.regexLiterals&&(b+="(?!s*/)");g.push(["lit",/^@[$_a-z][\w$@]*/i,q],["typ",/^(?:[@_]?[A-Z]+[a-z][\w$@]*|\w+_t\b)/,q],["pln",/^[$_a-z][\w$@]*/i,q],["lit",/^(?:0x[\da-f]+|(?:\d(?:_\d+)*\d*(?:\.\d*)?|\.\d\+)(?:e[+-]?\d+)?)[a-z]*/i,q,"0123456789"],["pln",/^\\[\S\s]?/,
-q],["pun",RegExp(b),q]);return D(d,g)}function J(a,d,g){function b(a){var c=a.nodeType;if(c==1&&!x.test(a.className))if("br"===a.nodeName)s(a),a.parentNode&&a.parentNode.removeChild(a);else for(a=a.firstChild;a;a=a.nextSibling)b(a);else if((c==3||c==4)&&g){var d=a.nodeValue,i=d.match(m);if(i)c=d.substring(0,i.index),a.nodeValue=c,(d=d.substring(i.index+i[0].length))&&a.parentNode.insertBefore(j.createTextNode(d),a.nextSibling),s(a),c||a.parentNode.removeChild(a)}}function s(a){function b(a,c){var d=
-c?a.cloneNode(!1):a,e=a.parentNode;if(e){var e=b(e,1),g=a.nextSibling;e.appendChild(d);for(var i=g;i;i=g)g=i.nextSibling,e.appendChild(i)}return d}for(;!a.nextSibling;)if(a=a.parentNode,!a)return;for(var a=b(a.nextSibling,0),d;(d=a.parentNode)&&d.nodeType===1;)a=d;c.push(a)}for(var x=/(?:^|\s)nocode(?:\s|$)/,m=/\r\n?|\n/,j=a.ownerDocument,k=j.createElement("li");a.firstChild;)k.appendChild(a.firstChild);for(var c=[k],i=0;i<c.length;++i)b(c[i]);d===(d|0)&&c[0].setAttribute("value",d);var r=j.createElement("ol");
-r.className="linenums";for(var d=Math.max(0,d-1|0)||0,i=0,n=c.length;i<n;++i)k=c[i],k.className="L"+(i+d)%10,k.firstChild||k.appendChild(j.createTextNode("\u00a0")),r.appendChild(k);a.appendChild(r)}function p(a,d){for(var g=d.length;--g>=0;){var b=d[g];F.hasOwnProperty(b)?E.console&&console.warn("cannot override language handler %s",b):F[b]=a}}function I(a,d){if(!a||!F.hasOwnProperty(a))a=/^\s*</.test(d)?"default-markup":"default-code";return F[a]}function K(a){var d=a.h;try{var g=S(a.c,a.i),b=g.a;
-a.a=b;a.d=g.d;a.e=0;I(d,b)(a);var s=/\bMSIE\s(\d+)/.exec(navigator.userAgent),s=s&&+s[1]<=8,d=/\n/g,x=a.a,m=x.length,g=0,j=a.d,k=j.length,b=0,c=a.g,i=c.length,r=0;c[i]=m;var n,e;for(e=n=0;e<i;)c[e]!==c[e+2]?(c[n++]=c[e++],c[n++]=c[e++]):e+=2;i=n;for(e=n=0;e<i;){for(var p=c[e],w=c[e+1],t=e+2;t+2<=i&&c[t+1]===w;)t+=2;c[n++]=p;c[n++]=w;e=t}c.length=n;var f=a.c,h;if(f)h=f.style.display,f.style.display="none";try{for(;b<k;){var l=j[b+2]||m,B=c[r+2]||m,t=Math.min(l,B),A=j[b+1],G;if(A.nodeType!==1&&(G=x.substring(g,
-t))){s&&(G=G.replace(d,"\r"));A.nodeValue=G;var L=A.ownerDocument,o=L.createElement("span");o.className=c[r+1];var v=A.parentNode;v.replaceChild(o,A);o.appendChild(A);g<l&&(j[b+1]=A=L.createTextNode(x.substring(t,l)),v.insertBefore(A,o.nextSibling))}g=t;g>=l&&(b+=2);g>=B&&(r+=2)}}finally{if(f)f.style.display=h}}catch(u){E.console&&console.log(u&&u.stack||u)}}var E=window,y=["break,continue,do,else,for,if,return,while"],C=[[y,"auto,case,char,const,default,double,enum,extern,float,goto,inline,int,long,register,short,signed,sizeof,static,struct,switch,typedef,union,unsigned,void,volatile"],
-"catch,class,delete,false,import,new,operator,private,protected,public,this,throw,true,try,typeof"],M=[C,"alignof,align_union,asm,axiom,bool,concept,concept_map,const_cast,constexpr,decltype,delegate,dynamic_cast,explicit,export,friend,generic,late_check,mutable,namespace,nullptr,property,reinterpret_cast,static_assert,static_cast,template,typeid,typename,using,virtual,where"],V=[C,"abstract,assert,boolean,byte,extends,final,finally,implements,import,instanceof,interface,null,native,package,strictfp,super,synchronized,throws,transient"],
-N=[C,"abstract,as,base,bool,by,byte,checked,decimal,delegate,descending,dynamic,event,finally,fixed,foreach,from,group,implicit,in,interface,internal,into,is,let,lock,null,object,out,override,orderby,params,partial,readonly,ref,sbyte,sealed,stackalloc,string,select,uint,ulong,unchecked,unsafe,ushort,var,virtual,where"],C=[C,"debugger,eval,export,function,get,null,set,undefined,var,with,Infinity,NaN"],O=[y,"and,as,assert,class,def,del,elif,except,exec,finally,from,global,import,in,is,lambda,nonlocal,not,or,pass,print,raise,try,with,yield,False,True,None"],
-P=[y,"alias,and,begin,case,class,def,defined,elsif,end,ensure,false,in,module,next,nil,not,or,redo,rescue,retry,self,super,then,true,undef,unless,until,when,yield,BEGIN,END"],W=[y,"as,assert,const,copy,drop,enum,extern,fail,false,fn,impl,let,log,loop,match,mod,move,mut,priv,pub,pure,ref,self,static,struct,true,trait,type,unsafe,use"],y=[y,"case,done,elif,esac,eval,fi,function,in,local,set,then,until"],Q=/^(DIR|FILE|vector|(de|priority_)?queue|list|stack|(const_)?iterator|(multi)?(set|map)|bitset|u?(int|float)\d*)\b/,
-U=/\S/,X=v({keywords:[M,N,C,"caller,delete,die,do,dump,elsif,eval,exit,foreach,for,goto,if,import,last,local,my,next,no,our,print,package,redo,require,sub,undef,unless,until,use,wantarray,while,BEGIN,END",O,P,y],hashComments:!0,cStyleComments:!0,multiLineStrings:!0,regexLiterals:!0}),F={};p(X,["default-code"]);p(D([],[["pln",/^[^<?]+/],["dec",/^<!\w[^>]*(?:>|$)/],["com",/^<\!--[\S\s]*?(?:--\>|$)/],["lang-",/^<\?([\S\s]+?)(?:\?>|$)/],["lang-",/^<%([\S\s]+?)(?:%>|$)/],["pun",/^(?:<[%?]|[%?]>)/],["lang-",
-/^<xmp\b[^>]*>([\S\s]+?)<\/xmp\b[^>]*>/i],["lang-js",/^<script\b[^>]*>([\S\s]*?)(<\/script\b[^>]*>)/i],["lang-css",/^<style\b[^>]*>([\S\s]*?)(<\/style\b[^>]*>)/i],["lang-in.tag",/^(<\/?[a-z][^<>]*>)/i]]),["default-markup","htm","html","mxml","xhtml","xml","xsl"]);p(D([["pln",/^\s+/,q," \t\r\n"],["atv",/^(?:"[^"]*"?|'[^']*'?)/,q,"\"'"]],[["tag",/^^<\/?[a-z](?:[\w-.:]*\w)?|\/?>$/i],["atn",/^(?!style[\s=]|on)[a-z](?:[\w:-]*\w)?/i],["lang-uq.val",/^=\s*([^\s"'>]*(?:[^\s"'/>]|\/(?=\s)))/],["pun",/^[/<->]+/],
-["lang-js",/^on\w+\s*=\s*"([^"]+)"/i],["lang-js",/^on\w+\s*=\s*'([^']+)'/i],["lang-js",/^on\w+\s*=\s*([^\s"'>]+)/i],["lang-css",/^style\s*=\s*"([^"]+)"/i],["lang-css",/^style\s*=\s*'([^']+)'/i],["lang-css",/^style\s*=\s*([^\s"'>]+)/i]]),["in.tag"]);p(D([],[["atv",/^[\S\s]+/]]),["uq.val"]);p(v({keywords:M,hashComments:!0,cStyleComments:!0,types:Q}),["c","cc","cpp","cxx","cyc","m"]);p(v({keywords:"null,true,false"}),["json"]);p(v({keywords:N,hashComments:!0,cStyleComments:!0,verbatimStrings:!0,types:Q}),
-["cs"]);p(v({keywords:V,cStyleComments:!0}),["java"]);p(v({keywords:y,hashComments:!0,multiLineStrings:!0}),["bash","bsh","csh","sh"]);p(v({keywords:O,hashComments:!0,multiLineStrings:!0,tripleQuotedStrings:!0}),["cv","py","python"]);p(v({keywords:"caller,delete,die,do,dump,elsif,eval,exit,foreach,for,goto,if,import,last,local,my,next,no,our,print,package,redo,require,sub,undef,unless,until,use,wantarray,while,BEGIN,END",hashComments:!0,multiLineStrings:!0,regexLiterals:2}),["perl","pl","pm"]);p(v({keywords:P,
-hashComments:!0,multiLineStrings:!0,regexLiterals:!0}),["rb","ruby"]);p(v({keywords:C,cStyleComments:!0,regexLiterals:!0}),["javascript","js"]);p(v({keywords:"all,and,by,catch,class,else,extends,false,finally,for,if,in,is,isnt,loop,new,no,not,null,of,off,on,or,return,super,then,throw,true,try,unless,until,when,while,yes",hashComments:3,cStyleComments:!0,multilineStrings:!0,tripleQuotedStrings:!0,regexLiterals:!0}),["coffee"]);p(v({keywords:W,cStyleComments:!0,multilineStrings:!0}),["rc","rs","rust"]);
-p(D([],[["str",/^[\S\s]+/]]),["regex"]);var Y=E.PR={createSimpleLexer:D,registerLangHandler:p,sourceDecorator:v,PR_ATTRIB_NAME:"atn",PR_ATTRIB_VALUE:"atv",PR_COMMENT:"com",PR_DECLARATION:"dec",PR_KEYWORD:"kwd",PR_LITERAL:"lit",PR_NOCODE:"nocode",PR_PLAIN:"pln",PR_PUNCTUATION:"pun",PR_SOURCE:"src",PR_STRING:"str",PR_TAG:"tag",PR_TYPE:"typ",prettyPrintOne:E.prettyPrintOne=function(a,d,g){var b=document.createElement("div");b.innerHTML="<pre>"+a+"</pre>";b=b.firstChild;g&&J(b,g,!0);K({h:d,j:g,c:b,i:1});
-return b.innerHTML},prettyPrint:E.prettyPrint=function(a,d){function g(){for(var b=E.PR_SHOULD_USE_CONTINUATION?c.now()+250:Infinity;i<p.length&&c.now()<b;i++){for(var d=p[i],j=h,k=d;k=k.previousSibling;){var m=k.nodeType,o=(m===7||m===8)&&k.nodeValue;if(o?!/^\??prettify\b/.test(o):m!==3||/\S/.test(k.nodeValue))break;if(o){j={};o.replace(/\b(\w+)=([\w%+\-.:]+)/g,function(a,b,c){j[b]=c});break}}k=d.className;if((j!==h||e.test(k))&&!v.test(k)){m=!1;for(o=d.parentNode;o;o=o.parentNode)if(f.test(o.tagName)&&
-o.className&&e.test(o.className)){m=!0;break}if(!m){d.className+=" prettyprinted";m=j.lang;if(!m){var m=k.match(n),y;if(!m&&(y=T(d))&&t.test(y.tagName))m=y.className.match(n);m&&(m=m[1])}if(w.test(d.tagName))o=1;else var o=d.currentStyle,u=s.defaultView,o=(o=o?o.whiteSpace:u&&u.getComputedStyle?u.getComputedStyle(d,q).getPropertyValue("white-space"):0)&&"pre"===o.substring(0,3);u=j.linenums;if(!(u=u==="true"||+u))u=(u=k.match(/\blinenums\b(?::(\d+))?/))?u[1]&&u[1].length?+u[1]:!0:!1;u&&J(d,u,o);r=
-{h:m,c:d,j:u,i:o};K(r)}}}i<p.length?setTimeout(g,250):"function"===typeof a&&a()}for(var b=d||document.body,s=b.ownerDocument||document,b=[b.getElementsByTagName("pre"),b.getElementsByTagName("code"),b.getElementsByTagName("xmp")],p=[],m=0;m<b.length;++m)for(var j=0,k=b[m].length;j<k;++j)p.push(b[m][j]);var b=q,c=Date;c.now||(c={now:function(){return+new Date}});var i=0,r,n=/\blang(?:uage)?-([\w.]+)(?!\S)/,e=/\bprettyprint\b/,v=/\bprettyprinted\b/,w=/pre|xmp/i,t=/^code$/i,f=/^(?:pre|code|xmp)$/i,
-h={};g()}};typeof define==="function"&&define.amd&&define("google-code-prettify",[],function(){return Y})})();}()
+!function(){"undefined"!==typeof window&&(window.PR_SHOULD_USE_CONTINUATION=!0);
+(function(){function T(a){function d(e){var a=e.charCodeAt(0);if(92!==a)return a;var c=e.charAt(1);return(a=w[c])?a:"0"<=c&&"7">=c?parseInt(e.substring(1),8):"u"===c||"x"===c?parseInt(e.substring(2),16):e.charCodeAt(1)}function f(e){if(32>e)return(16>e?"\\x0":"\\x")+e.toString(16);e=String.fromCharCode(e);return"\\"===e||"-"===e||"]"===e||"^"===e?"\\"+e:e}function c(e){var c=e.substring(1,e.length-1).match(RegExp("\\\\u[0-9A-Fa-f]{4}|\\\\x[0-9A-Fa-f]{2}|\\\\[0-3][0-7]{0,2}|\\\\[0-7]{1,2}|\\\\[\\s\\S]|-|[^-\\\\]","g"));
+e=[];var a="^"===c[0],b=["["];a&&b.push("^");for(var a=a?1:0,g=c.length;a<g;++a){var h=c[a];if(/\\[bdsw]/i.test(h))b.push(h);else{var h=d(h),k;a+2<g&&"-"===c[a+1]?(k=d(c[a+2]),a+=2):k=h;e.push([h,k]);65>k||122<h||(65>k||90<h||e.push([Math.max(65,h)|32,Math.min(k,90)|32]),97>k||122<h||e.push([Math.max(97,h)&-33,Math.min(k,122)&-33]))}}e.sort(function(e,a){return e[0]-a[0]||a[1]-e[1]});c=[];g=[];for(a=0;a<e.length;++a)h=e[a],h[0]<=g[1]+1?g[1]=Math.max(g[1],h[1]):c.push(g=h);for(a=0;a<c.length;++a)h=
+c[a],b.push(f(h[0])),h[1]>h[0]&&(h[1]+1>h[0]&&b.push("-"),b.push(f(h[1])));b.push("]");return b.join("")}function m(e){for(var a=e.source.match(RegExp("(?:\\[(?:[^\\x5C\\x5D]|\\\\[\\s\\S])*\\]|\\\\u[A-Fa-f0-9]{4}|\\\\x[A-Fa-f0-9]{2}|\\\\[0-9]+|\\\\[^ux0-9]|\\(\\?[:!=]|[\\(\\)\\^]|[^\\x5B\\x5C\\(\\)\\^]+)","g")),b=a.length,d=[],g=0,h=0;g<b;++g){var k=a[g];"("===k?++h:"\\"===k.charAt(0)&&(k=+k.substring(1))&&(k<=h?d[k]=-1:a[g]=f(k))}for(g=1;g<d.length;++g)-1===d[g]&&(d[g]=++E);for(h=g=0;g<b;++g)k=a[g],
+"("===k?(++h,d[h]||(a[g]="(?:")):"\\"===k.charAt(0)&&(k=+k.substring(1))&&k<=h&&(a[g]="\\"+d[k]);for(g=0;g<b;++g)"^"===a[g]&&"^"!==a[g+1]&&(a[g]="");if(e.ignoreCase&&q)for(g=0;g<b;++g)k=a[g],e=k.charAt(0),2<=k.length&&"["===e?a[g]=c(k):"\\"!==e&&(a[g]=k.replace(/[a-zA-Z]/g,function(a){a=a.charCodeAt(0);return"["+String.fromCharCode(a&-33,a|32)+"]"}));return a.join("")}for(var E=0,q=!1,l=!1,n=0,b=a.length;n<b;++n){var p=a[n];if(p.ignoreCase)l=!0;else if(/[a-z]/i.test(p.source.replace(/\\u[0-9a-f]{4}|\\x[0-9a-f]{2}|\\[^ux]/gi,
+""))){q=!0;l=!1;break}}for(var w={b:8,t:9,n:10,v:11,f:12,r:13},r=[],n=0,b=a.length;n<b;++n){p=a[n];if(p.global||p.multiline)throw Error(""+p);r.push("(?:"+m(p)+")")}return new RegExp(r.join("|"),l?"gi":"g")}function U(a,d){function f(a){var b=a.nodeType;if(1==b){if(!c.test(a.className)){for(b=a.firstChild;b;b=b.nextSibling)f(b);b=a.nodeName.toLowerCase();if("br"===b||"li"===b)m[l]="\n",q[l<<1]=E++,q[l++<<1|1]=a}}else if(3==b||4==b)b=a.nodeValue,b.length&&(b=d?b.replace(/\r\n?/g,"\n"):b.replace(/[ \t\r\n]+/g,
+" "),m[l]=b,q[l<<1]=E,E+=b.length,q[l++<<1|1]=a)}var c=/(?:^|\s)nocode(?:\s|$)/,m=[],E=0,q=[],l=0;f(a);return{a:m.join("").replace(/\n$/,""),c:q}}function J(a,d,f,c,m){f&&(a={h:a,l:1,j:null,m:null,a:f,c:null,i:d,g:null},c(a),m.push.apply(m,a.g))}function V(a){for(var d=void 0,f=a.firstChild;f;f=f.nextSibling)var c=f.nodeType,d=1===c?d?a:f:3===c?W.test(f.nodeValue)?a:d:d;return d===a?void 0:d}function G(a,d){function f(a){for(var l=a.i,n=a.h,b=[l,"pln"],p=0,q=a.a.match(m)||[],r={},e=0,t=q.length;e<
+t;++e){var z=q[e],v=r[z],g=void 0,h;if("string"===typeof v)h=!1;else{var k=c[z.charAt(0)];if(k)g=z.match(k[1]),v=k[0];else{for(h=0;h<E;++h)if(k=d[h],g=z.match(k[1])){v=k[0];break}g||(v="pln")}!(h=5<=v.length&&"lang-"===v.substring(0,5))||g&&"string"===typeof g[1]||(h=!1,v="src");h||(r[z]=v)}k=p;p+=z.length;if(h){h=g[1];var A=z.indexOf(h),C=A+h.length;g[2]&&(C=z.length-g[2].length,A=C-h.length);v=v.substring(5);J(n,l+k,z.substring(0,A),f,b);J(n,l+k+A,h,K(v,h),b);J(n,l+k+C,z.substring(C),f,b)}else b.push(l+
+k,v)}a.g=b}var c={},m;(function(){for(var f=a.concat(d),l=[],n={},b=0,p=f.length;b<p;++b){var w=f[b],r=w[3];if(r)for(var e=r.length;0<=--e;)c[r.charAt(e)]=w;w=w[1];r=""+w;n.hasOwnProperty(r)||(l.push(w),n[r]=null)}l.push(/[\0-\uffff]/);m=T(l)})();var E=d.length;return f}function x(a){var d=[],f=[];a.tripleQuotedStrings?d.push(["str",/^(?:\'\'\'(?:[^\'\\]|\\[\s\S]|\'{1,2}(?=[^\']))*(?:\'\'\'|$)|\"\"\"(?:[^\"\\]|\\[\s\S]|\"{1,2}(?=[^\"]))*(?:\"\"\"|$)|\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$))/,
+null,"'\""]):a.multiLineStrings?d.push(["str",/^(?:\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$)|\`(?:[^\\\`]|\\[\s\S])*(?:\`|$))/,null,"'\"`"]):d.push(["str",/^(?:\'(?:[^\\\'\r\n]|\\.)*(?:\'|$)|\"(?:[^\\\"\r\n]|\\.)*(?:\"|$))/,null,"\"'"]);a.verbatimStrings&&f.push(["str",/^@\"(?:[^\"]|\"\")*(?:\"|$)/,null]);var c=a.hashComments;c&&(a.cStyleComments?(1<c?d.push(["com",/^#(?:##(?:[^#]|#(?!##))*(?:###|$)|.*)/,null,"#"]):d.push(["com",/^#(?:(?:define|e(?:l|nd)if|else|error|ifn?def|include|line|pragma|undef|warning)\b|[^\r\n]*)/,
+null,"#"]),f.push(["str",/^<(?:(?:(?:\.\.\/)*|\/?)(?:[\w-]+(?:\/[\w-]+)+)?[\w-]+\.h(?:h|pp|\+\+)?|[a-z]\w*)>/,null])):d.push(["com",/^#[^\r\n]*/,null,"#"]));a.cStyleComments&&(f.push(["com",/^\/\/[^\r\n]*/,null]),f.push(["com",/^\/\*[\s\S]*?(?:\*\/|$)/,null]));if(c=a.regexLiterals){var m=(c=1<c?"":"\n\r")?".":"[\\S\\s]";f.push(["lang-regex",RegExp("^(?:^^\\.?|[+-]|[!=]=?=?|\\#|%=?|&&?=?|\\(|\\*=?|[+\\-]=|->|\\/=?|::?|<<?=?|>>?>?=?|,|;|\\?|@|\\[|~|{|\\^\\^?=?|\\|\\|?=?|break|case|continue|delete|do|else|finally|instanceof|return|throw|try|typeof)\\s*("+
+("/(?=[^/*"+c+"])(?:[^/\\x5B\\x5C"+c+"]|\\x5C"+m+"|\\x5B(?:[^\\x5C\\x5D"+c+"]|\\x5C"+m+")*(?:\\x5D|$))+/")+")")])}(c=a.types)&&f.push(["typ",c]);c=(""+a.keywords).replace(/^ | $/g,"");c.length&&f.push(["kwd",new RegExp("^(?:"+c.replace(/[\s,]+/g,"|")+")\\b"),null]);d.push(["pln",/^\s+/,null," \r\n\t\u00a0"]);c="^.[^\\s\\w.$@'\"`/\\\\]*";a.regexLiterals&&(c+="(?!s*/)");f.push(["lit",/^@[a-z_$][a-z_$@0-9]*/i,null],["typ",/^(?:[@_]?[A-Z]+[a-z][A-Za-z_$@0-9]*|\w+_t\b)/,null],["pln",/^[a-z_$][a-z_$@0-9]*/i,
+null],["lit",/^(?:0x[a-f0-9]+|(?:\d(?:_\d+)*\d*(?:\.\d*)?|\.\d\+)(?:e[+\-]?\d+)?)[a-z]*/i,null,"0123456789"],["pln",/^\\[\s\S]?/,null],["pun",new RegExp(c),null]);return G(d,f)}function L(a,d,f){function c(a){var b=a.nodeType;if(1==b&&!t.test(a.className))if("br"===a.nodeName.toLowerCase())m(a),a.parentNode&&a.parentNode.removeChild(a);else for(a=a.firstChild;a;a=a.nextSibling)c(a);else if((3==b||4==b)&&f){var e=a.nodeValue,d=e.match(q);d&&(b=e.substring(0,d.index),a.nodeValue=b,(e=e.substring(d.index+
+d[0].length))&&a.parentNode.insertBefore(l.createTextNode(e),a.nextSibling),m(a),b||a.parentNode.removeChild(a))}}function m(a){function c(a,b){var e=b?a.cloneNode(!1):a,k=a.parentNode;if(k){var k=c(k,1),d=a.nextSibling;k.appendChild(e);for(var f=d;f;f=d)d=f.nextSibling,k.appendChild(f)}return e}for(;!a.nextSibling;)if(a=a.parentNode,!a)return;a=c(a.nextSibling,0);for(var e;(e=a.parentNode)&&1===e.nodeType;)a=e;b.push(a)}for(var t=/(?:^|\s)nocode(?:\s|$)/,q=/\r\n?|\n/,l=a.ownerDocument,n=l.createElement("li");a.firstChild;)n.appendChild(a.firstChild);
+for(var b=[n],p=0;p<b.length;++p)c(b[p]);d===(d|0)&&b[0].setAttribute("value",d);var w=l.createElement("ol");w.className="linenums";d=Math.max(0,d-1|0)||0;for(var p=0,r=b.length;p<r;++p)n=b[p],n.className="L"+(p+d)%10,n.firstChild||n.appendChild(l.createTextNode("\u00a0")),w.appendChild(n);a.appendChild(w)}function t(a,d){for(var f=d.length;0<=--f;){var c=d[f];I.hasOwnProperty(c)?D.console&&console.warn("cannot override language handler %s",c):I[c]=a}}function K(a,d){a&&I.hasOwnProperty(a)||(a=/^\s*</.test(d)?
+"default-markup":"default-code");return I[a]}function M(a){var d=a.j;try{var f=U(a.h,a.l),c=f.a;a.a=c;a.c=f.c;a.i=0;K(d,c)(a);var m=/\bMSIE\s(\d+)/.exec(navigator.userAgent),m=m&&8>=+m[1],d=/\n/g,t=a.a,q=t.length,f=0,l=a.c,n=l.length,c=0,b=a.g,p=b.length,w=0;b[p]=q;var r,e;for(e=r=0;e<p;)b[e]!==b[e+2]?(b[r++]=b[e++],b[r++]=b[e++]):e+=2;p=r;for(e=r=0;e<p;){for(var x=b[e],z=b[e+1],v=e+2;v+2<=p&&b[v+1]===z;)v+=2;b[r++]=x;b[r++]=z;e=v}b.length=r;var g=a.h;a="";g&&(a=g.style.display,g.style.display="none");
+try{for(;c<n;){var h=l[c+2]||q,k=b[w+2]||q,v=Math.min(h,k),A=l[c+1],C;if(1!==A.nodeType&&(C=t.substring(f,v))){m&&(C=C.replace(d,"\r"));A.nodeValue=C;var N=A.ownerDocument,u=N.createElement("span");u.className=b[w+1];var B=A.parentNode;B.replaceChild(u,A);u.appendChild(A);f<h&&(l[c+1]=A=N.createTextNode(t.substring(v,h)),B.insertBefore(A,u.nextSibling))}f=v;f>=h&&(c+=2);f>=k&&(w+=2)}}finally{g&&(g.style.display=a)}}catch(y){D.console&&console.log(y&&y.stack||y)}}var D="undefined"!==typeof window?
+window:{},B=["break,continue,do,else,for,if,return,while"],F=[[B,"auto,case,char,const,default,double,enum,extern,float,goto,inline,int,long,register,restrict,short,signed,sizeof,static,struct,switch,typedef,union,unsigned,void,volatile"],"catch,class,delete,false,import,new,operator,private,protected,public,this,throw,true,try,typeof"],H=[F,"alignas,alignof,align_union,asm,axiom,bool,concept,concept_map,const_cast,constexpr,decltype,delegate,dynamic_cast,explicit,export,friend,generic,late_check,mutable,namespace,noexcept,noreturn,nullptr,property,reinterpret_cast,static_assert,static_cast,template,typeid,typename,using,virtual,where"],
+O=[F,"abstract,assert,boolean,byte,extends,finally,final,implements,import,instanceof,interface,null,native,package,strictfp,super,synchronized,throws,transient"],P=[F,"abstract,add,alias,as,ascending,async,await,base,bool,by,byte,checked,decimal,delegate,descending,dynamic,event,finally,fixed,foreach,from,get,global,group,implicit,in,interface,internal,into,is,join,let,lock,null,object,out,override,orderby,params,partial,readonly,ref,remove,sbyte,sealed,select,set,stackalloc,string,select,uint,ulong,unchecked,unsafe,ushort,value,var,virtual,where,yield"],
+F=[F,"abstract,async,await,constructor,debugger,enum,eval,export,from,function,get,import,implements,instanceof,interface,let,null,of,set,undefined,var,with,yield,Infinity,NaN"],Q=[B,"and,as,assert,class,def,del,elif,except,exec,finally,from,global,import,in,is,lambda,nonlocal,not,or,pass,print,raise,try,with,yield,False,True,None"],R=[B,"alias,and,begin,case,class,def,defined,elsif,end,ensure,false,in,module,next,nil,not,or,redo,rescue,retry,self,super,then,true,undef,unless,until,when,yield,BEGIN,END"],
+B=[B,"case,done,elif,esac,eval,fi,function,in,local,set,then,until"],S=/^(DIR|FILE|array|vector|(de|priority_)?queue|(forward_)?list|stack|(const_)?(reverse_)?iterator|(unordered_)?(multi)?(set|map)|bitset|u?(int|float)\d*)\b/,W=/\S/,X=x({keywords:[H,P,O,F,"caller,delete,die,do,dump,elsif,eval,exit,foreach,for,goto,if,import,last,local,my,next,no,our,print,package,redo,require,sub,undef,unless,until,use,wantarray,while,BEGIN,END",Q,R,B],hashComments:!0,cStyleComments:!0,multiLineStrings:!0,regexLiterals:!0}),
+I={};t(X,["default-code"]);t(G([],[["pln",/^[^<?]+/],["dec",/^<!\w[^>]*(?:>|$)/],["com",/^<\!--[\s\S]*?(?:-\->|$)/],["lang-",/^<\?([\s\S]+?)(?:\?>|$)/],["lang-",/^<%([\s\S]+?)(?:%>|$)/],["pun",/^(?:<[%?]|[%?]>)/],["lang-",/^<xmp\b[^>]*>([\s\S]+?)<\/xmp\b[^>]*>/i],["lang-js",/^<script\b[^>]*>([\s\S]*?)(<\/script\b[^>]*>)/i],["lang-css",/^<style\b[^>]*>([\s\S]*?)(<\/style\b[^>]*>)/i],["lang-in.tag",/^(<\/?[a-z][^<>]*>)/i]]),"default-markup htm html mxml xhtml xml xsl".split(" "));t(G([["pln",/^[\s]+/,
+null," \t\r\n"],["atv",/^(?:\"[^\"]*\"?|\'[^\']*\'?)/,null,"\"'"]],[["tag",/^^<\/?[a-z](?:[\w.:-]*\w)?|\/?>$/i],["atn",/^(?!style[\s=]|on)[a-z](?:[\w:-]*\w)?/i],["lang-uq.val",/^=\s*([^>\'\"\s]*(?:[^>\'\"\s\/]|\/(?=\s)))/],["pun",/^[=<>\/]+/],["lang-js",/^on\w+\s*=\s*\"([^\"]+)\"/i],["lang-js",/^on\w+\s*=\s*\'([^\']+)\'/i],["lang-js",/^on\w+\s*=\s*([^\"\'>\s]+)/i],["lang-css",/^style\s*=\s*\"([^\"]+)\"/i],["lang-css",/^style\s*=\s*\'([^\']+)\'/i],["lang-css",/^style\s*=\s*([^\"\'>\s]+)/i]]),["in.tag"]);
+t(G([],[["atv",/^[\s\S]+/]]),["uq.val"]);t(x({keywords:H,hashComments:!0,cStyleComments:!0,types:S}),"c cc cpp cxx cyc m".split(" "));t(x({keywords:"null,true,false"}),["json"]);t(x({keywords:P,hashComments:!0,cStyleComments:!0,verbatimStrings:!0,types:S}),["cs"]);t(x({keywords:O,cStyleComments:!0}),["java"]);t(x({keywords:B,hashComments:!0,multiLineStrings:!0}),["bash","bsh","csh","sh"]);t(x({keywords:Q,hashComments:!0,multiLineStrings:!0,tripleQuotedStrings:!0}),["cv","py","python"]);t(x({keywords:"caller,delete,die,do,dump,elsif,eval,exit,foreach,for,goto,if,import,last,local,my,next,no,our,print,package,redo,require,sub,undef,unless,until,use,wantarray,while,BEGIN,END",
+hashComments:!0,multiLineStrings:!0,regexLiterals:2}),["perl","pl","pm"]);t(x({keywords:R,hashComments:!0,multiLineStrings:!0,regexLiterals:!0}),["rb","ruby"]);t(x({keywords:F,cStyleComments:!0,regexLiterals:!0}),["javascript","js","ts","typescript"]);t(x({keywords:"all,and,by,catch,class,else,extends,false,finally,for,if,in,is,isnt,loop,new,no,not,null,of,off,on,or,return,super,then,throw,true,try,unless,until,when,while,yes",hashComments:3,cStyleComments:!0,multilineStrings:!0,tripleQuotedStrings:!0,
+regexLiterals:!0}),["coffee"]);t(G([],[["str",/^[\s\S]+/]]),["regex"]);var Y=D.PR={createSimpleLexer:G,registerLangHandler:t,sourceDecorator:x,PR_ATTRIB_NAME:"atn",PR_ATTRIB_VALUE:"atv",PR_COMMENT:"com",PR_DECLARATION:"dec",PR_KEYWORD:"kwd",PR_LITERAL:"lit",PR_NOCODE:"nocode",PR_PLAIN:"pln",PR_PUNCTUATION:"pun",PR_SOURCE:"src",PR_STRING:"str",PR_TAG:"tag",PR_TYPE:"typ",prettyPrintOne:D.prettyPrintOne=function(a,d,f){f=f||!1;d=d||null;var c=document.createElement("div");c.innerHTML="<pre>"+a+"</pre>";
+c=c.firstChild;f&&L(c,f,!0);M({j:d,m:f,h:c,l:1,a:null,i:null,c:null,g:null});return c.innerHTML},prettyPrint:D.prettyPrint=function(a,d){function f(){for(var c=D.PR_SHOULD_USE_CONTINUATION?b.now()+250:Infinity;p<x.length&&b.now()<c;p++){for(var d=x[p],l=g,n=d;n=n.previousSibling;){var m=n.nodeType,u=(7===m||8===m)&&n.nodeValue;if(u?!/^\??prettify\b/.test(u):3!==m||/\S/.test(n.nodeValue))break;if(u){l={};u.replace(/\b(\w+)=([\w:.%+-]+)/g,function(a,b,c){l[b]=c});break}}n=d.className;if((l!==g||r.test(n))&&
+!e.test(n)){m=!1;for(u=d.parentNode;u;u=u.parentNode)if(v.test(u.tagName)&&u.className&&r.test(u.className)){m=!0;break}if(!m){d.className+=" prettyprinted";m=l.lang;if(!m){var m=n.match(w),q;!m&&(q=V(d))&&z.test(q.tagName)&&(m=q.className.match(w));m&&(m=m[1])}if(B.test(d.tagName))u=1;else var u=d.currentStyle,y=t.defaultView,u=(u=u?u.whiteSpace:y&&y.getComputedStyle?y.getComputedStyle(d,null).getPropertyValue("white-space"):0)&&"pre"===u.substring(0,3);y=l.linenums;(y="true"===y||+y)||(y=(y=n.match(/\blinenums\b(?::(\d+))?/))?
+y[1]&&y[1].length?+y[1]:!0:!1);y&&L(d,y,u);M({j:m,h:d,m:y,l:u,a:null,i:null,c:null,g:null})}}}p<x.length?D.setTimeout(f,250):"function"===typeof a&&a()}for(var c=d||document.body,t=c.ownerDocument||document,c=[c.getElementsByTagName("pre"),c.getElementsByTagName("code"),c.getElementsByTagName("xmp")],x=[],q=0;q<c.length;++q)for(var l=0,n=c[q].length;l<n;++l)x.push(c[q][l]);var c=null,b=Date;b.now||(b={now:function(){return+new Date}});var p=0,w=/\blang(?:uage)?-([\w.]+)(?!\S)/,r=/\bprettyprint\b/,
+e=/\bprettyprinted\b/,B=/pre|xmp/i,z=/^code$/i,v=/^(?:pre|code|xmp)$/i,g={};f()}},H=D.define;"function"===typeof H&&H.amd&&H("google-code-prettify",[],function(){return Y})})();}()
--- a/js/privatebin.js
+++ b/js/privatebin.js
--- a/js/purify-1.0.11.js
+++ b/js/purify-1.0.11.js
--- a/js/rawdeflate-0.5.js
+++ b/js/rawdeflate-0.5.js
--- a/js/showdown-1.6.1.js
+++ b/js/showdown-1.6.1.js
--- a/js/showdown-1.9.0.js
+++ b/js/showdown-1.9.0.js
--- a/js/sjcl-1.0.6.js
+++ b/js/sjcl-1.0.6.js
@@ -1,60 +0,0 @@
-"use strict";var sjcl={cipher:{},hash:{},keyexchange:{},mode:{},misc:{},codec:{},exception:{corrupt:function(a){this.toString=function(){return"CORRUPT: "+this.message};this.message=a},invalid:function(a){this.toString=function(){return"INVALID: "+this.message};this.message=a},bug:function(a){this.toString=function(){return"BUG: "+this.message};this.message=a},notReady:function(a){this.toString=function(){return"NOT READY: "+this.message};this.message=a}}};
-sjcl.cipher.aes=function(a){this.s[0][0][0]||this.O();var b,c,d,e,f=this.s[0][4],g=this.s[1];b=a.length;var h=1;if(4!==b&&6!==b&&8!==b)throw new sjcl.exception.invalid("invalid aes key size");this.b=[d=a.slice(0),e=[]];for(a=b;a<4*b+28;a++){c=d[a-1];if(0===a%b||8===b&&4===a%b)c=f[c>>>24]<<24^f[c>>16&255]<<16^f[c>>8&255]<<8^f[c&255],0===a%b&&(c=c<<8^c>>>24^h<<24,h=h<<1^283*(h>>7));d[a]=d[a-b]^c}for(b=0;a;b++,a--)c=d[b&3?a:a-4],e[b]=4>=a||4>b?c:g[0][f[c>>>24]]^g[1][f[c>>16&255]]^g[2][f[c>>8&255]]^g[3][f[c&
-255]]};
-sjcl.cipher.aes.prototype={encrypt:function(a){return t(this,a,0)},decrypt:function(a){return t(this,a,1)},s:[[[],[],[],[],[]],[[],[],[],[],[]]],O:function(){var a=this.s[0],b=this.s[1],c=a[4],d=b[4],e,f,g,h=[],k=[],l,n,m,p;for(e=0;0x100>e;e++)k[(h[e]=e<<1^283*(e>>7))^e]=e;for(f=g=0;!c[f];f^=l||1,g=k[g]||1)for(m=g^g<<1^g<<2^g<<3^g<<4,m=m>>8^m&255^99,c[f]=m,d[m]=f,n=h[e=h[l=h[f]]],p=0x1010101*n^0x10001*e^0x101*l^0x1010100*f,n=0x101*h[m]^0x1010100*m,e=0;4>e;e++)a[e][f]=n=n<<24^n>>>8,b[e][m]=p=p<<24^p>>>8;for(e=
-0;5>e;e++)a[e]=a[e].slice(0),b[e]=b[e].slice(0)}};
-function t(a,b,c){if(4!==b.length)throw new sjcl.exception.invalid("invalid aes block size");var d=a.b[c],e=b[0]^d[0],f=b[c?3:1]^d[1],g=b[2]^d[2];b=b[c?1:3]^d[3];var h,k,l,n=d.length/4-2,m,p=4,r=[0,0,0,0];h=a.s[c];a=h[0];var q=h[1],v=h[2],w=h[3],x=h[4];for(m=0;m<n;m++)h=a[e>>>24]^q[f>>16&255]^v[g>>8&255]^w[b&255]^d[p],k=a[f>>>24]^q[g>>16&255]^v[b>>8&255]^w[e&255]^d[p+1],l=a[g>>>24]^q[b>>16&255]^v[e>>8&255]^w[f&255]^d[p+2],b=a[b>>>24]^q[e>>16&255]^v[f>>8&255]^w[g&255]^d[p+3],p+=4,e=h,f=k,g=l;for(m=
-0;4>m;m++)r[c?3&-m:m]=x[e>>>24]<<24^x[f>>16&255]<<16^x[g>>8&255]<<8^x[b&255]^d[p++],h=e,e=f,f=g,g=b,b=h;return r}
-sjcl.bitArray={bitSlice:function(a,b,c){a=sjcl.bitArray.$(a.slice(b/32),32-(b&31)).slice(1);return void 0===c?a:sjcl.bitArray.clamp(a,c-b)},extract:function(a,b,c){var d=Math.floor(-b-c&31);return((b+c-1^b)&-32?a[b/32|0]<<32-d^a[b/32+1|0]>>>d:a[b/32|0]>>>d)&(1<<c)-1},concat:function(a,b){if(0===a.length||0===b.length)return a.concat(b);var c=a[a.length-1],d=sjcl.bitArray.getPartial(c);return 32===d?a.concat(b):sjcl.bitArray.$(b,d,c|0,a.slice(0,a.length-1))},bitLength:function(a){var b=a.length;return 0===
-b?0:32*(b-1)+sjcl.bitArray.getPartial(a[b-1])},clamp:function(a,b){if(32*a.length<b)return a;a=a.slice(0,Math.ceil(b/32));var c=a.length;b=b&31;0<c&&b&&(a[c-1]=sjcl.bitArray.partial(b,a[c-1]&2147483648>>b-1,1));return a},partial:function(a,b,c){return 32===a?b:(c?b|0:b<<32-a)+0x10000000000*a},getPartial:function(a){return Math.round(a/0x10000000000)||32},equal:function(a,b){if(sjcl.bitArray.bitLength(a)!==sjcl.bitArray.bitLength(b))return!1;var c=0,d;for(d=0;d<a.length;d++)c|=a[d]^b[d];return 0===
-c},$:function(a,b,c,d){var e;e=0;for(void 0===d&&(d=[]);32<=b;b-=32)d.push(c),c=0;if(0===b)return d.concat(a);for(e=0;e<a.length;e++)d.push(c|a[e]>>>b),c=a[e]<<32-b;e=a.length?a[a.length-1]:0;a=sjcl.bitArray.getPartial(e);d.push(sjcl.bitArray.partial(b+a&31,32<b+a?c:d.pop(),1));return d},i:function(a,b){return[a[0]^b[0],a[1]^b[1],a[2]^b[2],a[3]^b[3]]},byteswapM:function(a){var b,c;for(b=0;b<a.length;++b)c=a[b],a[b]=c>>>24|c>>>8&0xff00|(c&0xff00)<<8|c<<24;return a}};
-sjcl.codec.utf8String={fromBits:function(a){var b="",c=sjcl.bitArray.bitLength(a),d,e;for(d=0;d<c/8;d++)0===(d&3)&&(e=a[d/4]),b+=String.fromCharCode(e>>>24),e<<=8;return decodeURIComponent(escape(b))},toBits:function(a){a=unescape(encodeURIComponent(a));var b=[],c,d=0;for(c=0;c<a.length;c++)d=d<<8|a.charCodeAt(c),3===(c&3)&&(b.push(d),d=0);c&3&&b.push(sjcl.bitArray.partial(8*(c&3),d));return b}};
-sjcl.codec.hex={fromBits:function(a){var b="",c;for(c=0;c<a.length;c++)b+=((a[c]|0)+0xf00000000000).toString(16).substr(4);return b.substr(0,sjcl.bitArray.bitLength(a)/4)},toBits:function(a){var b,c=[],d;a=a.replace(/\s|0x/g,"");d=a.length;a=a+"00000000";for(b=0;b<a.length;b+=8)c.push(parseInt(a.substr(b,8),16)^0);return sjcl.bitArray.clamp(c,4*d)}};
-sjcl.codec.base32={B:"ABCDEFGHIJKLMNOPQRSTUVWXYZ234567",X:"0123456789ABCDEFGHIJKLMNOPQRSTUV",BITS:32,BASE:5,REMAINING:27,fromBits:function(a,b,c){var d=sjcl.codec.base32.BASE,e=sjcl.codec.base32.REMAINING,f="",g=0,h=sjcl.codec.base32.B,k=0,l=sjcl.bitArray.bitLength(a);c&&(h=sjcl.codec.base32.X);for(c=0;f.length*d<l;)f+=h.charAt((k^a[c]>>>g)>>>e),g<d?(k=a[c]<<d-g,g+=e,c++):(k<<=d,g-=d);for(;f.length&7&&!b;)f+="=";return f},toBits:function(a,b){a=a.replace(/\s|=/g,"").toUpperCase();var c=sjcl.codec.base32.BITS,
-d=sjcl.codec.base32.BASE,e=sjcl.codec.base32.REMAINING,f=[],g,h=0,k=sjcl.codec.base32.B,l=0,n,m="base32";b&&(k=sjcl.codec.base32.X,m="base32hex");for(g=0;g<a.length;g++){n=k.indexOf(a.charAt(g));if(0>n){if(!b)try{return sjcl.codec.base32hex.toBits(a)}catch(p){}throw new sjcl.exception.invalid("this isn't "+m+"!");}h>e?(h-=e,f.push(l^n>>>h),l=n<<c-h):(h+=d,l^=n<<c-h)}h&56&&f.push(sjcl.bitArray.partial(h&56,l,1));return f}};
-sjcl.codec.base32hex={fromBits:function(a,b){return sjcl.codec.base32.fromBits(a,b,1)},toBits:function(a){return sjcl.codec.base32.toBits(a,1)}};
-sjcl.codec.base64={B:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",fromBits:function(a,b,c){var d="",e=0,f=sjcl.codec.base64.B,g=0,h=sjcl.bitArray.bitLength(a);c&&(f=f.substr(0,62)+"-_");for(c=0;6*d.length<h;)d+=f.charAt((g^a[c]>>>e)>>>26),6>e?(g=a[c]<<6-e,e+=26,c++):(g<<=6,e-=6);for(;d.length&3&&!b;)d+="=";return d},toBits:function(a,b){a=a.replace(/\s|=/g,"");var c=[],d,e=0,f=sjcl.codec.base64.B,g=0,h;b&&(f=f.substr(0,62)+"-_");for(d=0;d<a.length;d++){h=f.indexOf(a.charAt(d));
-if(0>h)throw new sjcl.exception.invalid("this isn't base64!");26<e?(e-=26,c.push(g^h>>>e),g=h<<32-e):(e+=6,g^=h<<32-e)}e&56&&c.push(sjcl.bitArray.partial(e&56,g,1));return c}};sjcl.codec.base64url={fromBits:function(a){return sjcl.codec.base64.fromBits(a,1,1)},toBits:function(a){return sjcl.codec.base64.toBits(a,1)}};sjcl.hash.sha256=function(a){this.b[0]||this.O();a?(this.F=a.F.slice(0),this.A=a.A.slice(0),this.l=a.l):this.reset()};sjcl.hash.sha256.hash=function(a){return(new sjcl.hash.sha256).update(a).finalize()};
-sjcl.hash.sha256.prototype={blockSize:512,reset:function(){this.F=this.Y.slice(0);this.A=[];this.l=0;return this},update:function(a){"string"===typeof a&&(a=sjcl.codec.utf8String.toBits(a));var b,c=this.A=sjcl.bitArray.concat(this.A,a);b=this.l;a=this.l=b+sjcl.bitArray.bitLength(a);if(0x1fffffffffffff<a)throw new sjcl.exception.invalid("Cannot hash more than 2^53 - 1 bits");if("undefined"!==typeof Uint32Array){var d=new Uint32Array(c),e=0;for(b=512+b-(512+b&0x1ff);b<=a;b+=512)u(this,d.subarray(16*e,
-16*(e+1))),e+=1;c.splice(0,16*e)}else for(b=512+b-(512+b&0x1ff);b<=a;b+=512)u(this,c.splice(0,16));return this},finalize:function(){var a,b=this.A,c=this.F,b=sjcl.bitArray.concat(b,[sjcl.bitArray.partial(1,1)]);for(a=b.length+2;a&15;a++)b.push(0);b.push(Math.floor(this.l/0x100000000));for(b.push(this.l|0);b.length;)u(this,b.splice(0,16));this.reset();return c},Y:[],b:[],O:function(){function a(a){return 0x100000000*(a-Math.floor(a))|0}for(var b=0,c=2,d,e;64>b;c++){e=!0;for(d=2;d*d<=c;d++)if(0===c%d){e=
-!1;break}e&&(8>b&&(this.Y[b]=a(Math.pow(c,.5))),this.b[b]=a(Math.pow(c,1/3)),b++)}}};
-function u(a,b){var c,d,e,f=a.F,g=a.b,h=f[0],k=f[1],l=f[2],n=f[3],m=f[4],p=f[5],r=f[6],q=f[7];for(c=0;64>c;c++)16>c?d=b[c]:(d=b[c+1&15],e=b[c+14&15],d=b[c&15]=(d>>>7^d>>>18^d>>>3^d<<25^d<<14)+(e>>>17^e>>>19^e>>>10^e<<15^e<<13)+b[c&15]+b[c+9&15]|0),d=d+q+(m>>>6^m>>>11^m>>>25^m<<26^m<<21^m<<7)+(r^m&(p^r))+g[c],q=r,r=p,p=m,m=n+d|0,n=l,l=k,k=h,h=d+(k&l^n&(k^l))+(k>>>2^k>>>13^k>>>22^k<<30^k<<19^k<<10)|0;f[0]=f[0]+h|0;f[1]=f[1]+k|0;f[2]=f[2]+l|0;f[3]=f[3]+n|0;f[4]=f[4]+m|0;f[5]=f[5]+p|0;f[6]=f[6]+r|0;f[7]=
-f[7]+q|0}
-sjcl.mode.ccm={name:"ccm",G:[],listenProgress:function(a){sjcl.mode.ccm.G.push(a)},unListenProgress:function(a){a=sjcl.mode.ccm.G.indexOf(a);-1<a&&sjcl.mode.ccm.G.splice(a,1)},fa:function(a){var b=sjcl.mode.ccm.G.slice(),c;for(c=0;c<b.length;c+=1)b[c](a)},encrypt:function(a,b,c,d,e){var f,g=b.slice(0),h=sjcl.bitArray,k=h.bitLength(c)/8,l=h.bitLength(g)/8;e=e||64;d=d||[];if(7>k)throw new sjcl.exception.invalid("ccm: iv must be at least 7 bytes");for(f=2;4>f&&l>>>8*f;f++);f<15-k&&(f=15-k);c=h.clamp(c,
-8*(15-f));b=sjcl.mode.ccm.V(a,b,c,d,e,f);g=sjcl.mode.ccm.C(a,g,c,b,e,f);return h.concat(g.data,g.tag)},decrypt:function(a,b,c,d,e){e=e||64;d=d||[];var f=sjcl.bitArray,g=f.bitLength(c)/8,h=f.bitLength(b),k=f.clamp(b,h-e),l=f.bitSlice(b,h-e),h=(h-e)/8;if(7>g)throw new sjcl.exception.invalid("ccm: iv must be at least 7 bytes");for(b=2;4>b&&h>>>8*b;b++);b<15-g&&(b=15-g);c=f.clamp(c,8*(15-b));k=sjcl.mode.ccm.C(a,k,c,l,e,b);a=sjcl.mode.ccm.V(a,k.data,c,d,e,b);if(!f.equal(k.tag,a))throw new sjcl.exception.corrupt("ccm: tag doesn't match");
-return k.data},na:function(a,b,c,d,e,f){var g=[],h=sjcl.bitArray,k=h.i;d=[h.partial(8,(b.length?64:0)|d-2<<2|f-1)];d=h.concat(d,c);d[3]|=e;d=a.encrypt(d);if(b.length)for(c=h.bitLength(b)/8,65279>=c?g=[h.partial(16,c)]:0xffffffff>=c&&(g=h.concat([h.partial(16,65534)],[c])),g=h.concat(g,b),b=0;b<g.length;b+=4)d=a.encrypt(k(d,g.slice(b,b+4).concat([0,0,0])));return d},V:function(a,b,c,d,e,f){var g=sjcl.bitArray,h=g.i;e/=8;if(e%2||4>e||16<e)throw new sjcl.exception.invalid("ccm: invalid tag length");
-if(0xffffffff<d.length||0xffffffff<b.length)throw new sjcl.exception.bug("ccm: can't deal with 4GiB or more data");c=sjcl.mode.ccm.na(a,d,c,e,g.bitLength(b)/8,f);for(d=0;d<b.length;d+=4)c=a.encrypt(h(c,b.slice(d,d+4).concat([0,0,0])));return g.clamp(c,8*e)},C:function(a,b,c,d,e,f){var g,h=sjcl.bitArray;g=h.i;var k=b.length,l=h.bitLength(b),n=k/50,m=n;c=h.concat([h.partial(8,f-1)],c).concat([0,0,0]).slice(0,4);d=h.bitSlice(g(d,a.encrypt(c)),0,e);if(!k)return{tag:d,data:[]};for(g=0;g<k;g+=4)g>n&&(sjcl.mode.ccm.fa(g/
-k),n+=m),c[3]++,e=a.encrypt(c),b[g]^=e[0],b[g+1]^=e[1],b[g+2]^=e[2],b[g+3]^=e[3];return{tag:d,data:h.clamp(b,l)}}};
-sjcl.mode.ocb2={name:"ocb2",encrypt:function(a,b,c,d,e,f){if(128!==sjcl.bitArray.bitLength(c))throw new sjcl.exception.invalid("ocb iv must be 128 bits");var g,h=sjcl.mode.ocb2.S,k=sjcl.bitArray,l=k.i,n=[0,0,0,0];c=h(a.encrypt(c));var m,p=[];d=d||[];e=e||64;for(g=0;g+4<b.length;g+=4)m=b.slice(g,g+4),n=l(n,m),p=p.concat(l(c,a.encrypt(l(c,m)))),c=h(c);m=b.slice(g);b=k.bitLength(m);g=a.encrypt(l(c,[0,0,0,b]));m=k.clamp(l(m.concat([0,0,0]),g),b);n=l(n,l(m.concat([0,0,0]),g));n=a.encrypt(l(n,l(c,h(c))));
-d.length&&(n=l(n,f?d:sjcl.mode.ocb2.pmac(a,d)));return p.concat(k.concat(m,k.clamp(n,e)))},decrypt:function(a,b,c,d,e,f){if(128!==sjcl.bitArray.bitLength(c))throw new sjcl.exception.invalid("ocb iv must be 128 bits");e=e||64;var g=sjcl.mode.ocb2.S,h=sjcl.bitArray,k=h.i,l=[0,0,0,0],n=g(a.encrypt(c)),m,p,r=sjcl.bitArray.bitLength(b)-e,q=[];d=d||[];for(c=0;c+4<r/32;c+=4)m=k(n,a.decrypt(k(n,b.slice(c,c+4)))),l=k(l,m),q=q.concat(m),n=g(n);p=r-32*c;m=a.encrypt(k(n,[0,0,0,p]));m=k(m,h.clamp(b.slice(c),p).concat([0,
-0,0]));l=k(l,m);l=a.encrypt(k(l,k(n,g(n))));d.length&&(l=k(l,f?d:sjcl.mode.ocb2.pmac(a,d)));if(!h.equal(h.clamp(l,e),h.bitSlice(b,r)))throw new sjcl.exception.corrupt("ocb: tag doesn't match");return q.concat(h.clamp(m,p))},pmac:function(a,b){var c,d=sjcl.mode.ocb2.S,e=sjcl.bitArray,f=e.i,g=[0,0,0,0],h=a.encrypt([0,0,0,0]),h=f(h,d(d(h)));for(c=0;c+4<b.length;c+=4)h=d(h),g=f(g,a.encrypt(f(h,b.slice(c,c+4))));c=b.slice(c);128>e.bitLength(c)&&(h=f(h,d(h)),c=e.concat(c,[-2147483648,0,0,0]));g=f(g,c);
-return a.encrypt(f(d(f(h,d(h))),g))},S:function(a){return[a[0]<<1^a[1]>>>31,a[1]<<1^a[2]>>>31,a[2]<<1^a[3]>>>31,a[3]<<1^135*(a[0]>>>31)]}};
-sjcl.mode.gcm={name:"gcm",encrypt:function(a,b,c,d,e){var f=b.slice(0);b=sjcl.bitArray;d=d||[];a=sjcl.mode.gcm.C(!0,a,f,d,c,e||128);return b.concat(a.data,a.tag)},decrypt:function(a,b,c,d,e){var f=b.slice(0),g=sjcl.bitArray,h=g.bitLength(f);e=e||128;d=d||[];e<=h?(b=g.bitSlice(f,h-e),f=g.bitSlice(f,0,h-e)):(b=f,f=[]);a=sjcl.mode.gcm.C(!1,a,f,d,c,e);if(!g.equal(a.tag,b))throw new sjcl.exception.corrupt("gcm: tag doesn't match");return a.data},ka:function(a,b){var c,d,e,f,g,h=sjcl.bitArray.i;e=[0,0,
-0,0];f=b.slice(0);for(c=0;128>c;c++){(d=0!==(a[Math.floor(c/32)]&1<<31-c%32))&&(e=h(e,f));g=0!==(f[3]&1);for(d=3;0<d;d--)f[d]=f[d]>>>1|(f[d-1]&1)<<31;f[0]>>>=1;g&&(f[0]^=-0x1f000000)}return e},j:function(a,b,c){var d,e=c.length;b=b.slice(0);for(d=0;d<e;d+=4)b[0]^=0xffffffff&c[d],b[1]^=0xffffffff&c[d+1],b[2]^=0xffffffff&c[d+2],b[3]^=0xffffffff&c[d+3],b=sjcl.mode.gcm.ka(b,a);return b},C:function(a,b,c,d,e,f){var g,h,k,l,n,m,p,r,q=sjcl.bitArray;m=c.length;p=q.bitLength(c);r=q.bitLength(d);h=q.bitLength(e);
-g=b.encrypt([0,0,0,0]);96===h?(e=e.slice(0),e=q.concat(e,[1])):(e=sjcl.mode.gcm.j(g,[0,0,0,0],e),e=sjcl.mode.gcm.j(g,e,[0,0,Math.floor(h/0x100000000),h&0xffffffff]));h=sjcl.mode.gcm.j(g,[0,0,0,0],d);n=e.slice(0);d=h.slice(0);a||(d=sjcl.mode.gcm.j(g,h,c));for(l=0;l<m;l+=4)n[3]++,k=b.encrypt(n),c[l]^=k[0],c[l+1]^=k[1],c[l+2]^=k[2],c[l+3]^=k[3];c=q.clamp(c,p);a&&(d=sjcl.mode.gcm.j(g,h,c));a=[Math.floor(r/0x100000000),r&0xffffffff,Math.floor(p/0x100000000),p&0xffffffff];d=sjcl.mode.gcm.j(g,d,a);k=b.encrypt(e);
-d[0]^=k[0];d[1]^=k[1];d[2]^=k[2];d[3]^=k[3];return{tag:q.bitSlice(d,0,f),data:c}}};sjcl.misc.hmac=function(a,b){this.W=b=b||sjcl.hash.sha256;var c=[[],[]],d,e=b.prototype.blockSize/32;this.w=[new b,new b];a.length>e&&(a=b.hash(a));for(d=0;d<e;d++)c[0][d]=a[d]^909522486,c[1][d]=a[d]^1549556828;this.w[0].update(c[0]);this.w[1].update(c[1]);this.R=new b(this.w[0])};
-sjcl.misc.hmac.prototype.encrypt=sjcl.misc.hmac.prototype.mac=function(a){if(this.aa)throw new sjcl.exception.invalid("encrypt on already updated hmac called!");this.update(a);return this.digest(a)};sjcl.misc.hmac.prototype.reset=function(){this.R=new this.W(this.w[0]);this.aa=!1};sjcl.misc.hmac.prototype.update=function(a){this.aa=!0;this.R.update(a)};sjcl.misc.hmac.prototype.digest=function(){var a=this.R.finalize(),a=(new this.W(this.w[1])).update(a).finalize();this.reset();return a};
-sjcl.misc.pbkdf2=function(a,b,c,d,e){c=c||1E4;if(0>d||0>c)throw new sjcl.exception.invalid("invalid params to pbkdf2");"string"===typeof a&&(a=sjcl.codec.utf8String.toBits(a));"string"===typeof b&&(b=sjcl.codec.utf8String.toBits(b));e=e||sjcl.misc.hmac;a=new e(a);var f,g,h,k,l=[],n=sjcl.bitArray;for(k=1;32*l.length<(d||1);k++){e=f=a.encrypt(n.concat(b,[k]));for(g=1;g<c;g++)for(f=a.encrypt(f),h=0;h<f.length;h++)e[h]^=f[h];l=l.concat(e)}d&&(l=n.clamp(l,d));return l};
-sjcl.prng=function(a){this.c=[new sjcl.hash.sha256];this.m=[0];this.P=0;this.H={};this.N=0;this.U={};this.Z=this.f=this.o=this.ha=0;this.b=[0,0,0,0,0,0,0,0];this.h=[0,0,0,0];this.L=void 0;this.M=a;this.D=!1;this.K={progress:{},seeded:{}};this.u=this.ga=0;this.I=1;this.J=2;this.ca=0x10000;this.T=[0,48,64,96,128,192,0x100,384,512,768,1024];this.da=3E4;this.ba=80};
-sjcl.prng.prototype={randomWords:function(a,b){var c=[],d;d=this.isReady(b);var e;if(d===this.u)throw new sjcl.exception.notReady("generator isn't seeded");if(d&this.J){d=!(d&this.I);e=[];var f=0,g;this.Z=e[0]=(new Date).valueOf()+this.da;for(g=0;16>g;g++)e.push(0x100000000*Math.random()|0);for(g=0;g<this.c.length&&(e=e.concat(this.c[g].finalize()),f+=this.m[g],this.m[g]=0,d||!(this.P&1<<g));g++);this.P>=1<<this.c.length&&(this.c.push(new sjcl.hash.sha256),this.m.push(0));this.f-=f;f>this.o&&(this.o=
-f);this.P++;this.b=sjcl.hash.sha256.hash(this.b.concat(e));this.L=new sjcl.cipher.aes(this.b);for(d=0;4>d&&(this.h[d]=this.h[d]+1|0,!this.h[d]);d++);}for(d=0;d<a;d+=4)0===(d+1)%this.ca&&y(this),e=z(this),c.push(e[0],e[1],e[2],e[3]);y(this);return c.slice(0,a)},setDefaultParanoia:function(a,b){if(0===a&&"Setting paranoia=0 will ruin your security; use it only for testing"!==b)throw new sjcl.exception.invalid("Setting paranoia=0 will ruin your security; use it only for testing");this.M=a},addEntropy:function(a,
-b,c){c=c||"user";var d,e,f=(new Date).valueOf(),g=this.H[c],h=this.isReady(),k=0;d=this.U[c];void 0===d&&(d=this.U[c]=this.ha++);void 0===g&&(g=this.H[c]=0);this.H[c]=(this.H[c]+1)%this.c.length;switch(typeof a){case "number":void 0===b&&(b=1);this.c[g].update([d,this.N++,1,b,f,1,a|0]);break;case "object":c=Object.prototype.toString.call(a);if("[object Uint32Array]"===c){e=[];for(c=0;c<a.length;c++)e.push(a[c]);a=e}else for("[object Array]"!==c&&(k=1),c=0;c<a.length&&!k;c++)"number"!==typeof a[c]&&
-(k=1);if(!k){if(void 0===b)for(c=b=0;c<a.length;c++)for(e=a[c];0<e;)b++,e=e>>>1;this.c[g].update([d,this.N++,2,b,f,a.length].concat(a))}break;case "string":void 0===b&&(b=a.length);this.c[g].update([d,this.N++,3,b,f,a.length]);this.c[g].update(a);break;default:k=1}if(k)throw new sjcl.exception.bug("random: addEntropy only supports number, array of numbers or string");this.m[g]+=b;this.f+=b;h===this.u&&(this.isReady()!==this.u&&A("seeded",Math.max(this.o,this.f)),A("progress",this.getProgress()))},
-isReady:function(a){a=this.T[void 0!==a?a:this.M];return this.o&&this.o>=a?this.m[0]>this.ba&&(new Date).valueOf()>this.Z?this.J|this.I:this.I:this.f>=a?this.J|this.u:this.u},getProgress:function(a){a=this.T[a?a:this.M];return this.o>=a?1:this.f>a?1:this.f/a},startCollectors:function(){if(!this.D){this.a={loadTimeCollector:B(this,this.ma),mouseCollector:B(this,this.oa),keyboardCollector:B(this,this.la),accelerometerCollector:B(this,this.ea),touchCollector:B(this,this.qa)};if(window.addEventListener)window.addEventListener("load",
-this.a.loadTimeCollector,!1),window.addEventListener("mousemove",this.a.mouseCollector,!1),window.addEventListener("keypress",this.a.keyboardCollector,!1),window.addEventListener("devicemotion",this.a.accelerometerCollector,!1),window.addEventListener("touchmove",this.a.touchCollector,!1);else if(document.attachEvent)document.attachEvent("onload",this.a.loadTimeCollector),document.attachEvent("onmousemove",this.a.mouseCollector),document.attachEvent("keypress",this.a.keyboardCollector);else throw new sjcl.exception.bug("can't attach event");
-this.D=!0}},stopCollectors:function(){this.D&&(window.removeEventListener?(window.removeEventListener("load",this.a.loadTimeCollector,!1),window.removeEventListener("mousemove",this.a.mouseCollector,!1),window.removeEventListener("keypress",this.a.keyboardCollector,!1),window.removeEventListener("devicemotion",this.a.accelerometerCollector,!1),window.removeEventListener("touchmove",this.a.touchCollector,!1)):document.detachEvent&&(document.detachEvent("onload",this.a.loadTimeCollector),document.detachEvent("onmousemove",
-this.a.mouseCollector),document.detachEvent("keypress",this.a.keyboardCollector)),this.D=!1)},addEventListener:function(a,b){this.K[a][this.ga++]=b},removeEventListener:function(a,b){var c,d,e=this.K[a],f=[];for(d in e)e.hasOwnProperty(d)&&e[d]===b&&f.push(d);for(c=0;c<f.length;c++)d=f[c],delete e[d]},la:function(){C(this,1)},oa:function(a){var b,c;try{b=a.x||a.clientX||a.offsetX||0,c=a.y||a.clientY||a.offsetY||0}catch(d){c=b=0}0!=b&&0!=c&&this.addEntropy([b,c],2,"mouse");C(this,0)},qa:function(a){a=
-a.touches[0]||a.changedTouches[0];this.addEntropy([a.pageX||a.clientX,a.pageY||a.clientY],1,"touch");C(this,0)},ma:function(){C(this,2)},ea:function(a){a=a.accelerationIncludingGravity.x||a.accelerationIncludingGravity.y||a.accelerationIncludingGravity.z;if(window.orientation){var b=window.orientation;"number"===typeof b&&this.addEntropy(b,1,"accelerometer")}a&&this.addEntropy(a,2,"accelerometer");C(this,0)}};
-function A(a,b){var c,d=sjcl.random.K[a],e=[];for(c in d)d.hasOwnProperty(c)&&e.push(d[c]);for(c=0;c<e.length;c++)e[c](b)}function C(a,b){"undefined"!==typeof window&&window.performance&&"function"===typeof window.performance.now?a.addEntropy(window.performance.now(),b,"loadtime"):a.addEntropy((new Date).valueOf(),b,"loadtime")}function y(a){a.b=z(a).concat(z(a));a.L=new sjcl.cipher.aes(a.b)}function z(a){for(var b=0;4>b&&(a.h[b]=a.h[b]+1|0,!a.h[b]);b++);return a.L.encrypt(a.h)}
-function B(a,b){return function(){b.apply(a,arguments)}}sjcl.random=new sjcl.prng(6);
-a:try{var D,E,F,G;if(G="undefined"!==typeof module&&module.exports){var H;try{H=require("crypto")}catch(a){H=null}G=E=H}if(G&&E.randomBytes)D=E.randomBytes(128),D=new Uint32Array((new Uint8Array(D)).buffer),sjcl.random.addEntropy(D,1024,"crypto['randomBytes']");else if("undefined"!==typeof window&&"undefined"!==typeof Uint32Array){F=new Uint32Array(32);if(window.crypto&&window.crypto.getRandomValues)window.crypto.getRandomValues(F);else if(window.msCrypto&&window.msCrypto.getRandomValues)window.msCrypto.getRandomValues(F);
-else break a;sjcl.random.addEntropy(F,1024,"crypto['getRandomValues']")}}catch(a){"undefined"!==typeof window&&window.console&&(console.log("There was an error collecting entropy from the browser:"),console.log(a))}
-sjcl.json={defaults:{v:1,iter:1E4,ks:128,ts:64,mode:"ccm",adata:"",cipher:"aes"},ja:function(a,b,c,d){c=c||{};d=d||{};var e=sjcl.json,f=e.g({iv:sjcl.random.randomWords(4,0)},e.defaults),g;e.g(f,c);c=f.adata;"string"===typeof f.salt&&(f.salt=sjcl.codec.base64.toBits(f.salt));"string"===typeof f.iv&&(f.iv=sjcl.codec.base64.toBits(f.iv));if(!sjcl.mode[f.mode]||!sjcl.cipher[f.cipher]||"string"===typeof a&&100>=f.iter||64!==f.ts&&96!==f.ts&&128!==f.ts||128!==f.ks&&192!==f.ks&&0x100!==f.ks||2>f.iv.length||
-4<f.iv.length)throw new sjcl.exception.invalid("json encrypt: invalid parameters");"string"===typeof a?(g=sjcl.misc.cachedPbkdf2(a,f),a=g.key.slice(0,f.ks/32),f.salt=g.salt):sjcl.ecc&&a instanceof sjcl.ecc.elGamal.publicKey&&(g=a.kem(),f.kemtag=g.tag,a=g.key.slice(0,f.ks/32));"string"===typeof b&&(b=sjcl.codec.utf8String.toBits(b));"string"===typeof c&&(f.adata=c=sjcl.codec.utf8String.toBits(c));g=new sjcl.cipher[f.cipher](a);e.g(d,f);d.key=a;f.ct="ccm"===f.mode&&sjcl.arrayBuffer&&sjcl.arrayBuffer.ccm&&
-b instanceof ArrayBuffer?sjcl.arrayBuffer.ccm.encrypt(g,b,f.iv,c,f.ts):sjcl.mode[f.mode].encrypt(g,b,f.iv,c,f.ts);return f},encrypt:function(a,b,c,d){var e=sjcl.json,f=e.ja.apply(e,arguments);return e.encode(f)},ia:function(a,b,c,d){c=c||{};d=d||{};var e=sjcl.json;b=e.g(e.g(e.g({},e.defaults),b),c,!0);var f,g;f=b.adata;"string"===typeof b.salt&&(b.salt=sjcl.codec.base64.toBits(b.salt));"string"===typeof b.iv&&(b.iv=sjcl.codec.base64.toBits(b.iv));if(!sjcl.mode[b.mode]||!sjcl.cipher[b.cipher]||"string"===
-typeof a&&100>=b.iter||64!==b.ts&&96!==b.ts&&128!==b.ts||128!==b.ks&&192!==b.ks&&0x100!==b.ks||!b.iv||2>b.iv.length||4<b.iv.length)throw new sjcl.exception.invalid("json decrypt: invalid parameters");"string"===typeof a?(g=sjcl.misc.cachedPbkdf2(a,b),a=g.key.slice(0,b.ks/32),b.salt=g.salt):sjcl.ecc&&a instanceof sjcl.ecc.elGamal.secretKey&&(a=a.unkem(sjcl.codec.base64.toBits(b.kemtag)).slice(0,b.ks/32));"string"===typeof f&&(f=sjcl.codec.utf8String.toBits(f));g=new sjcl.cipher[b.cipher](a);f="ccm"===
-b.mode&&sjcl.arrayBuffer&&sjcl.arrayBuffer.ccm&&b.ct instanceof ArrayBuffer?sjcl.arrayBuffer.ccm.decrypt(g,b.ct,b.iv,b.tag,f,b.ts):sjcl.mode[b.mode].decrypt(g,b.ct,b.iv,f,b.ts);e.g(d,b);d.key=a;return 1===c.raw?f:sjcl.codec.utf8String.fromBits(f)},decrypt:function(a,b,c,d){var e=sjcl.json;return e.ia(a,e.decode(b),c,d)},encode:function(a){var b,c="{",d="";for(b in a)if(a.hasOwnProperty(b)){if(!b.match(/^[a-z0-9]+$/i))throw new sjcl.exception.invalid("json encode: invalid property name");c+=d+'"'+
-b+'":';d=",";switch(typeof a[b]){case "number":case "boolean":c+=a[b];break;case "string":c+='"'+escape(a[b])+'"';break;case "object":c+='"'+sjcl.codec.base64.fromBits(a[b],0)+'"';break;default:throw new sjcl.exception.bug("json encode: unsupported type");}}return c+"}"},decode:function(a){a=a.replace(/\s/g,"");if(!a.match(/^\{.*\}$/))throw new sjcl.exception.invalid("json decode: this isn't json!");a=a.replace(/^\{|\}$/g,"").split(/,/);var b={},c,d;for(c=0;c<a.length;c++){if(!(d=a[c].match(/^\s*(?:(["']?)([a-z][a-z0-9]*)\1)\s*:\s*(?:(-?\d+)|"([a-z0-9+\/%*_.@=\-]*)"|(true|false))$/i)))throw new sjcl.exception.invalid("json decode: this isn't json!");
-null!=d[3]?b[d[2]]=parseInt(d[3],10):null!=d[4]?b[d[2]]=d[2].match(/^(ct|adata|salt|iv)$/)?sjcl.codec.base64.toBits(d[4]):unescape(d[4]):null!=d[5]&&(b[d[2]]="true"===d[5])}return b},g:function(a,b,c){void 0===a&&(a={});if(void 0===b)return a;for(var d in b)if(b.hasOwnProperty(d)){if(c&&void 0!==a[d]&&a[d]!==b[d])throw new sjcl.exception.invalid("required parameter overridden");a[d]=b[d]}return a},sa:function(a,b){var c={},d;for(d in a)a.hasOwnProperty(d)&&a[d]!==b[d]&&(c[d]=a[d]);return c},ra:function(a,
-b){var c={},d;for(d=0;d<b.length;d++)void 0!==a[b[d]]&&(c[b[d]]=a[b[d]]);return c}};sjcl.encrypt=sjcl.json.encrypt;sjcl.decrypt=sjcl.json.decrypt;sjcl.misc.pa={};sjcl.misc.cachedPbkdf2=function(a,b){var c=sjcl.misc.pa,d;b=b||{};d=b.iter||1E3;c=c[a]=c[a]||{};d=c[d]=c[d]||{firstSalt:b.salt&&b.salt.length?b.salt.slice(0):sjcl.random.randomWords(2,0)};c=void 0===b.salt?d.firstSalt:b.salt;d[c]=d[c]||sjcl.misc.pbkdf2(a,c,b.iter);return{key:d[c].slice(0),salt:c.slice(0)}};
-"undefined"!==typeof module&&module.exports&&(module.exports=sjcl);"function"===typeof define&&define([],function(){return sjcl});
--- a/js/test.js
+++ b/js/test.js
@@ -1,158 +0,0 @@
-'use strict';
-var jsc = require('jsverify'),
-    jsdom = require('jsdom-global'),
-    cleanup = jsdom(),
-
-    a2zString = ['a','b','c','d','e','f','g','h','i','j','k','l','m',
-                 'n','o','p','q','r','s','t','u','v','w','x','y','z'],
-    alnumString = a2zString.concat(['0','1','2','3','4','5','6','7','8','9']),
-    queryString = alnumString.concat(['+','%','&','.','*','-','_']),
-    base64String = alnumString.concat(['+','/','=']).concat(
-        a2zString.map(function(c) {
-            return c.toUpperCase();
-        })
-    );
-
-global.$ = global.jQuery = require('./jquery-3.1.1');
-global.sjcl = require('./sjcl-1.0.6');
-global.Base64 = require('./base64-2.1.9');
-global.RawDeflate = require('./rawdeflate-0.5');
-require('./rawinflate-0.3');
-require('./privatebin');
-
-describe('helper', function () {
-    describe('secondsToHuman', function () {
-        after(function () {
-            cleanup();
-        });
-
-        jsc.property('returns an array with a number and a word', 'integer', function (number) {
-            var result = $.PrivateBin.helper.secondsToHuman(number);
-            return Array.isArray(result) &&
-                result.length === 2 &&
-                result[0] === parseInt(result[0], 10) &&
-                typeof result[1] === 'string';
-        });
-        jsc.property('returns seconds on the first array position', 'integer 59', function (number) {
-            return $.PrivateBin.helper.secondsToHuman(number)[0] === number;
-        });
-        jsc.property('returns seconds on the second array position', 'integer 59', function (number) {
-            return $.PrivateBin.helper.secondsToHuman(number)[1] === 'second';
-        });
-        jsc.property('returns minutes on the first array position', 'integer 60 3599', function (number) {
-            return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / 60);
-        });
-        jsc.property('returns minutes on the second array position', 'integer 60 3599', function (number) {
-            return $.PrivateBin.helper.secondsToHuman(number)[1] === 'minute';
-        });
-        jsc.property('returns hours on the first array position', 'integer 3600 86399', function (number) {
-            return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60));
-        });
-        jsc.property('returns hours on the second array position', 'integer 3600 86399', function (number) {
-            return $.PrivateBin.helper.secondsToHuman(number)[1] === 'hour';
-        });
-        jsc.property('returns days on the first array position', 'integer 86400 5184000', function (number) {
-            return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60 * 24));
-        });
-        jsc.property('returns days on the second array position', 'integer 86400 5184000', function (number) {
-            return $.PrivateBin.helper.secondsToHuman(number)[1] === 'day';
-        });
-        // max safe integer as per http://ecma262-5.com/ELS5_HTML.htm#Section_8.5
-        jsc.property('returns months on the first array position', 'integer 5184000 9007199254740991', function (number) {
-            return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60 * 24 * 30));
-        });
-        jsc.property('returns months on the second array position', 'integer 5184000 9007199254740991', function (number) {
-            return $.PrivateBin.helper.secondsToHuman(number)[1] === 'month';
-        });
-    });
-
-    describe('scriptLocation', function () {
-        jsc.property(
-            'returns the URL without query & fragment',
-            jsc.nearray(jsc.elements(a2zString)),
-            jsc.nearray(jsc.elements(a2zString)),
-            jsc.array(jsc.elements(queryString)),
-            'string',
-            function (schema, address, query, fragment) {
-                var expected = schema.join('') + '://' + address.join('') + '/',
-                    clean = jsdom('', {url: expected + '?' + query.join('') + '#' + fragment}),
-                    result = $.PrivateBin.helper.scriptLocation();
-                clean();
-                return expected === result;
-            }
-        );
-    });
-
-    describe('pasteId', function () {
-        jsc.property(
-            'returns the query string without separator, if any',
-            jsc.nearray(jsc.elements(a2zString)),
-            jsc.nearray(jsc.elements(a2zString)),
-            jsc.array(jsc.elements(queryString)),
-            'string',
-            function (schema, address, query, fragment) {
-                var queryString = query.join(''),
-                    clean = jsdom('', {
-                        url: schema.join('') + '://' + address.join('') +
-                             '/?' + queryString + '#' + fragment
-                    }),
-                    result = $.PrivateBin.helper.pasteId();
-                clean();
-                return queryString === result;
-            }
-        );
-    });
-
-    describe('pageKey', function () {
-        jsc.property(
-            'returns the fragment of the URL',
-            jsc.nearray(jsc.elements(a2zString)),
-            jsc.nearray(jsc.elements(a2zString)),
-            jsc.array(jsc.elements(queryString)),
-            jsc.array(jsc.elements(base64String)),
-            function (schema, address, query, fragment) {
-                var fragmentString = fragment.join(''),
-                    clean = jsdom('', {
-                        url: schema.join('') + '://' + address.join('') +
-                             '/?' + query.join('') + '#' + fragmentString
-                    }),
-                    result = $.PrivateBin.helper.pageKey();
-                clean();
-                return fragmentString === result;
-            }
-        );
-        jsc.property(
-            'returns the fragment stripped of trailing query parts',
-            jsc.nearray(jsc.elements(a2zString)),
-            jsc.nearray(jsc.elements(a2zString)),
-            jsc.array(jsc.elements(queryString)),
-            jsc.array(jsc.elements(base64String)),
-            jsc.array(jsc.elements(queryString)),
-            function (schema, address, query, fragment, trail) {
-                var fragmentString = fragment.join(''),
-                    clean = jsdom('', {
-                        url: schema.join('') + '://' + address.join('') + '/?' +
-                             query.join('') + '#' + fragmentString + '&' + trail.join('')
-                    }),
-                    result = $.PrivateBin.helper.pageKey();
-                clean();
-                return fragmentString === result;
-            }
-        );
-    });
-
-    describe('htmlEntities', function () {
-        after(function () {
-            cleanup();
-        });
-
-        jsc.property(
-            'removes all HTML entities from any given string',
-            'string',
-            function (string) {
-                var result = $.PrivateBin.helper.htmlEntities(string);
-                return !(/[<>"'`=\/]/.test(result)) && !(string.indexOf('&') > -1 && !(/&amp;/.test(result)));
-            }
-        );
-    });
-});
--- a/js/test/Alert.js
+++ b/js/test/Alert.js
@@ -0,0 +1,223 @@
+'use strict';
+var common = require('../common');
+
+describe('Alert', function () {
+    describe('showStatus', function () {
+        jsc.property(
+            'shows a status message',
+            jsc.array(common.jscAlnumString()),
+            jsc.array(common.jscAlnumString()),
+            function (icon, message) {
+                icon = icon.join('');
+                message = message.join('');
+                var expected = '<div id="status" role="alert" ' +
+                    'class="statusmessage alert alert-info"><span ' +
+                    'class="glyphicon glyphicon-' + icon +
+                    '" aria-hidden="true"></span> ' + message + '</div>';
+                $('body').html(
+                    '<div id="status" role="alert" class="statusmessage ' +
+                    'alert alert-info hidden"><span class="glyphicon ' +
+                    'glyphicon-info-sign" aria-hidden="true"></span> </div>'
+                );
+                $.PrivateBin.Alert.init();
+                $.PrivateBin.Alert.showStatus(message, icon);
+                var result = $('body').html();
+                return expected === result;
+            }
+        );
+    });
+
+    describe('showError', function () {
+        before(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'shows an error message',
+            jsc.array(common.jscAlnumString()),
+            jsc.array(common.jscAlnumString()),
+            function (icon, message) {
+                icon = icon.join('');
+                message = message.join('');
+                var expected = '<div id="errormessage" role="alert" ' +
+                    'class="statusmessage alert alert-danger"><span ' +
+                    'class="glyphicon glyphicon-' + icon +
+                    '" aria-hidden="true"></span> ' + message + '</div>';
+                $('body').html(
+                    '<div id="errormessage" role="alert" class="statusmessage ' +
+                    'alert alert-danger hidden"><span class="glyphicon ' +
+                    'glyphicon-alert" aria-hidden="true"></span> </div>'
+                );
+                $.PrivateBin.Alert.init();
+                $.PrivateBin.Alert.showError(message, icon);
+                var result = $('body').html();
+                return expected === result;
+            }
+        );
+    });
+
+    describe('showRemaining', function () {
+        before(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'shows remaining time',
+            jsc.array(common.jscAlnumString()),
+            jsc.array(common.jscAlnumString()),
+            'integer',
+            function (message, string, number) {
+                message = message.join('');
+                string = string.join('');
+                var expected = '<div id="remainingtime" role="alert" ' +
+                    'class="alert alert-info"><span ' +
+                    'class="glyphicon glyphicon-fire" aria-hidden="true">' +
+                    '</span> ' + string + message + number + '</div>';
+                $('body').html(
+                    '<div id="remainingtime" role="alert" class="hidden ' +
+                    'alert alert-info"><span class="glyphicon ' +
+                    'glyphicon-fire" aria-hidden="true"></span> </div>'
+                );
+                $.PrivateBin.Alert.init();
+                $.PrivateBin.Alert.showRemaining(['%s' + message + '%d', string, number]);
+                var result = $('body').html();
+                return expected === result;
+            }
+        );
+    });
+
+    describe('showLoading', function () {
+        before(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'shows a loading message',
+            jsc.array(common.jscAlnumString()),
+            jsc.array(common.jscAlnumString()),
+            function (message, icon) {
+                message = message.join('');
+                icon = icon.join('');
+                var defaultMessage = 'Loading…';
+                if (message.length === 0) {
+                    message = defaultMessage;
+                }
+                var expected = '<ul class="nav navbar-nav"><li ' +
+                    'id="loadingindicator" class="navbar-text"><span ' +
+                    'class="glyphicon glyphicon-' + icon +
+                    '" aria-hidden="true"></span> ' + message + '</li></ul>';
+                $('body').html(
+                    '<ul class="nav navbar-nav"><li id="loadingindicator" ' +
+                    'class="navbar-text hidden"><span class="glyphicon ' +
+                    'glyphicon-time" aria-hidden="true"></span> ' +
+                    defaultMessage + '</li></ul>'
+                );
+                $.PrivateBin.Alert.init();
+                $.PrivateBin.Alert.showLoading(message, icon);
+                var result = $('body').html();
+                return expected === result;
+            }
+        );
+    });
+
+    describe('hideLoading', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'hides the loading message',
+            function() {
+                $('body').html(
+                    '<ul class="nav navbar-nav"><li id="loadingindicator" ' +
+                    'class="navbar-text"><span class="glyphicon ' +
+                    'glyphicon-time" aria-hidden="true"></span> ' +
+                    'Loading…</li></ul>'
+                );
+                $('body').addClass('loading');
+                $.PrivateBin.Alert.init();
+                $.PrivateBin.Alert.hideLoading();
+                assert.ok(
+                    !$('body').hasClass('loading') &&
+                    $('#loadingindicator').hasClass('hidden')
+                );
+            }
+        );
+    });
+
+    describe('hideMessages', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'hides all messages',
+            function() {
+                $('body').html(
+                    '<div id="status" role="alert" class="statusmessage ' +
+                    'alert alert-info"><span class="glyphicon ' +
+                    'glyphicon-info-sign" aria-hidden="true"></span> </div>' +
+                    '<div id="errormessage" role="alert" class="statusmessage ' +
+                    'alert alert-danger"><span class="glyphicon ' +
+                    'glyphicon-alert" aria-hidden="true"></span> </div>'
+                );
+                $.PrivateBin.Alert.init();
+                $.PrivateBin.Alert.hideMessages();
+                assert.ok(
+                    $('#status').hasClass('hidden') &&
+                    $('#errormessage').hasClass('hidden')
+                );
+            }
+        );
+    });
+
+    describe('setCustomHandler', function () {
+        before(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'calls a given handler function',
+            'nat 3',
+            jsc.array(common.jscAlnumString()),
+            function (trigger, message) {
+                message = message.join('');
+                var handlerCalled = false,
+                    defaultMessage = 'Loading…',
+                    functions = [
+                        $.PrivateBin.Alert.showStatus,
+                        $.PrivateBin.Alert.showError,
+                        $.PrivateBin.Alert.showRemaining,
+                        $.PrivateBin.Alert.showLoading
+                    ];
+                if (message.length === 0) {
+                    message = defaultMessage;
+                }
+                $('body').html(
+                    '<ul class="nav navbar-nav"><li id="loadingindicator" ' +
+                    'class="navbar-text hidden"><span class="glyphicon ' +
+                    'glyphicon-time" aria-hidden="true"></span> ' +
+                    defaultMessage + '</li></ul>' +
+                    '<div id="remainingtime" role="alert" class="hidden ' +
+                    'alert alert-info"><span class="glyphicon ' +
+                    'glyphicon-fire" aria-hidden="true"></span> </div>' +
+                    '<div id="status" role="alert" class="statusmessage ' +
+                    'alert alert-info"><span class="glyphicon ' +
+                    'glyphicon-info-sign" aria-hidden="true"></span> </div>' +
+                    '<div id="errormessage" role="alert" class="statusmessage ' +
+                    'alert alert-danger"><span class="glyphicon ' +
+                    'glyphicon-alert" aria-hidden="true"></span> </div>'
+                );
+                $.PrivateBin.Alert.init();
+                $.PrivateBin.Alert.setCustomHandler(function(id, $element) {
+                    handlerCalled = true;
+                    return jsc.random(0, 1) ? true : $element;
+                });
+                functions[trigger](message);
+                $.PrivateBin.Alert.setCustomHandler(null);
+                return handlerCalled;
+            }
+        );
+    });
+});
+
--- a/js/test/AttachmentViewer.js
+++ b/js/test/AttachmentViewer.js
@@ -0,0 +1,109 @@
+'use strict';
+var common = require('../common');
+
+describe('AttachmentViewer', function () {
+    describe('setAttachment, showAttachment, removeAttachment, hideAttachment, hideAttachmentPreview, hasAttachment, getAttachment & moveAttachmentTo', function () {
+        this.timeout(30000);
+        before(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'displays & hides data as requested',
+            common.jscMimeTypes(),
+            'string',
+            'string',
+            'string',
+            'string',
+            function (mimeType, rawdata, filename, prefix, postfix) {
+                var clean = jsdom(),
+                    data = 'data:' + mimeType + ';base64,' + btoa(rawdata),
+                    previewSupported = (
+                        mimeType.substring(0, 6) === 'image/' ||
+                        mimeType.substring(0, 6) === 'audio/' ||
+                        mimeType.substring(0, 6) === 'video/' ||
+                        mimeType.match(/\/pdf/i)
+                    ),
+                    results = [];
+                prefix = prefix.replace(/%(s|d)/g, '%%');
+                postfix = postfix.replace(/%(s|d)/g, '%%');
+                $('body').html(
+                    '<div id="attachment" role="alert" class="hidden alert ' +
+                    'alert-info"><span class="glyphicon glyphicon-download-' +
+                    'alt" aria-hidden="true"></span> <a class="alert-link">' +
+                    'Download attachment</a></div><div id="attachmentPrevie' +
+                    'w" class="hidden"></div>'
+                );
+                // mock createObjectURL for jsDOM
+                if (typeof window.URL.createObjectURL === 'undefined') {
+                    Object.defineProperty(
+                        window.URL,
+                        'createObjectURL',
+                        {value: function(blob) {
+                            return 'blob:' + location.origin + '/1b9d6bcd-bbfd-4b2d-9b5d-ab8dfbbd4bed';
+                        }}
+                    )
+                }
+                $.PrivateBin.AttachmentViewer.init();
+                results.push(
+                    !$.PrivateBin.AttachmentViewer.hasAttachment() &&
+                    $('#attachment').hasClass('hidden') &&
+                    $('#attachmentPreview').hasClass('hidden')
+                );
+                if (filename.length) {
+                    $.PrivateBin.AttachmentViewer.setAttachment(data, filename);
+                } else {
+                    $.PrivateBin.AttachmentViewer.setAttachment(data);
+                }
+                // beyond this point we will get the blob URL instead of the data
+                data = window.URL.createObjectURL(data);
+                var attachment = $.PrivateBin.AttachmentViewer.getAttachment();
+                results.push(
+                    $.PrivateBin.AttachmentViewer.hasAttachment() &&
+                    $('#attachment').hasClass('hidden') &&
+                    $('#attachmentPreview').hasClass('hidden') &&
+                    attachment[0] === data &&
+                    attachment[1] === filename
+                );
+                $.PrivateBin.AttachmentViewer.showAttachment();
+                results.push(
+                    !$('#attachment').hasClass('hidden') &&
+                    (previewSupported ? !$('#attachmentPreview').hasClass('hidden') : $('#attachmentPreview').hasClass('hidden'))
+                );
+                $.PrivateBin.AttachmentViewer.hideAttachment();
+                results.push(
+                    $('#attachment').hasClass('hidden') &&
+                    (previewSupported ? !$('#attachmentPreview').hasClass('hidden') : $('#attachmentPreview').hasClass('hidden'))
+                );
+                if (previewSupported) {
+                    $.PrivateBin.AttachmentViewer.hideAttachmentPreview();
+                    results.push($('#attachmentPreview').hasClass('hidden'));
+                }
+                $.PrivateBin.AttachmentViewer.showAttachment();
+                results.push(
+                    !$('#attachment').hasClass('hidden') &&
+                    (previewSupported ? !$('#attachmentPreview').hasClass('hidden') : $('#attachmentPreview').hasClass('hidden'))
+                );
+                var element = $('<div></div>');
+                $.PrivateBin.AttachmentViewer.moveAttachmentTo(element, prefix + '%s' + postfix);
+                if (filename.length) {
+                    results.push(
+                        element.children()[0].href === data &&
+                        element.children()[0].getAttribute('download') === filename &&
+                        element.children()[0].text === prefix + filename + postfix
+                    );
+                } else {
+                    results.push(element.children()[0].href === data);
+                }
+                $.PrivateBin.AttachmentViewer.removeAttachment();
+                results.push(
+                    $('#attachment').hasClass('hidden') &&
+                    $('#attachmentPreview').hasClass('hidden')
+                );
+                clean();
+                return results.every(element => element);
+            }
+        );
+    });
+});
+
--- a/js/test/CryptTool.js
+++ b/js/test/CryptTool.js
@@ -0,0 +1,260 @@
+'use strict';
+require('../common');
+
+describe('CryptTool', function () {
+    describe('cipher & decipher', function () {
+        afterEach(async function () {
+            // pause to let async functions conclude
+            await new Promise(resolve => setTimeout(resolve, 1900));
+        });
+
+        this.timeout(30000);
+        it('can en- and decrypt any message', function () {
+            jsc.assert(jsc.forall(
+                'string',
+                'string',
+                'string',
+                async function (key, password, message) {
+                    // pause to let async functions conclude
+                    await new Promise(resolve => setTimeout(resolve, 300));
+                    let clean = jsdom();
+                    window.crypto = new WebCrypto();
+                    message = message.trim();
+                    let cipherMessage = await $.PrivateBin.CryptTool.cipher(
+                            key, password, message, []
+                        ),
+                        plaintext = await $.PrivateBin.CryptTool.decipher(
+                                key, password, cipherMessage
+                        );
+                    clean();
+                    return message === plaintext;
+                }
+            ),
+            {tests: 3});
+        });
+
+        // The below static unit tests are included to ensure deciphering of "classic"
+        // SJCL based pastes still works
+        it(
+            'supports PrivateBin v1 ciphertext (SJCL & browser atob)',
+            function () {
+                delete global.Base64;
+                let clean = jsdom();
+                window.crypto = new WebCrypto();
+
+                // Of course you can easily decipher the following texts, if you like.
+                // Bonus points for finding their sources and hidden meanings.
+                return $.PrivateBin.CryptTool.decipher(
+                    '6t2qsmLyfXIokNCL+3/yl15rfTUBQvm5SOnFPvNE7Q8=',
+                    // -- "That's amazing. I've got the same combination on my luggage."
+                    Array.apply(0, Array(6)).map((_,b) => b + 1).join(''),
+                    '{"iv":"4HNFIl7eYbCh6HuShctTIA==","v":1,"iter":10000,"ks"' +
+                    ':256,"ts":128,"mode":"gcm","adata":"","cipher":"aes","sa' +
+                    'lt":"u0lQvePq6L0=","ct":"fGPUVrDyaVr1ZDGb+kqQ3CPEW8x4YKG' +
+                    'fzHDmA0Vjkh250aWNe7Cnigkps9aaFVMX9AaerrTp3yZbojJtNqVGMfL' +
+                    'dUTu+53xmZHqRKxCCqSfDNSNoW4Oxk5OVgAtRyuG4bXHDsWTXDNz2xce' +
+                    'qzVFqhkwTwlUchrV7uuFK/XUKTNjPFM744moivIcBbfM2FOeKlIFs8RY' +
+                    'PYuvqQhp2rMLlNGwwKh//4kykQsHMQDeSDuJl8stMQzgWR/btUBZuwNZ' +
+                    'EydkMH6IPpTdf5WTSrZ+wC2OK0GutCm4UaEe6txzaTMfu+WRVu4PN6q+' +
+                    'N+2zljWJ1XdpVcN/i0Sv4QVMym0Xa6y0eccEhj/69o47PmExmMMeEwEx' +
+                    'ImPalMNT9JUSiZdOZJ/GdzwrwoIuq1mdQR6vSH+XJ/8jXJQ7bjjJVJYX' +
+                    'TcT0Di5jixArI2Kpp1GGlGVFbLgPugwU1wczg+byqeDOAECXRRnQcoge' +
+                    'aJtVcRwXwfy4j3ORFcblYMilxyHqKBewcYPRVBGtBs50cVjSIkAfR84r' +
+                    'nc1nfvnxK/Gmm+4VBNHI6ODWNpRolVMCzXjbKYnV3Are5AgSpsTqaGl4' +
+                    '1VJGpcco6cAwi4K0Bys1seKR+bLSdUgqRrkEqSRSdu3/VTu9HhEk8an0' +
+                    'rjTE4CBB5/LMn16p0TGLoOb32odKFIEtpanVvLjeyiVMvSxcgYLNnTi/' +
+                    '5FiaAC4pJxRD+AZHedU1FICUeEXxIcac/4E5qjkHjX9SpQtLl80QLIVn' +
+                    'jNliZm7QLB/nKu7W8Jb0+/CiTdV3Q9LhxlH4ciprnX+W0B00BKYFHnL9' +
+                    'jRVzKdXhf1EHydbXMAfpCjHAXIVCkFakJinQBDIIw/SC6Yig0u0ddEID' +
+                    '2B7LYAP1iE4RZwzTrxCB+ke2jQr8c20Jj6u6ShFOPC9DCw9XupZ4HAal' +
+                    'VG00kSgjus+b8zrVji3/LKEhb4EBzp1ctBJCFTeXwej8ZETLoXTylev5' +
+                    'dlwZSYAbuBPPcbFR/xAIPx3uDabd1E1gTqUc68ICIGhd197Mb2eRWiSv' +
+                    'Hr5SPsASerMxId6XA6+iQlRiI+NDR+TGVNmCnfxSlyPFMOHGTmslXOGI' +
+                    'qGfBR8l4ft8YVZ70lCwmwTuViGc75ULSf9mM57/LmRzQFMYQtvI8IFK9' +
+                    'JaQEMY5xz0HLtR4iyQUUdwR9e0ytBNdWF2a2WPDEnJuY/QJo4GzTlgv4' +
+                    'QUxMXI5htsn2rf0HxCFu7Po8DNYLxTS+67hYjDIYWYaEIc8LXWMLyDm9' +
+                    'C5fARPJ4F2BIWgzgzkNj+dVjusft2XnziamWdbS5u3kuRlVuz5LQj+R5' +
+                    'imnqQAincdZTkTT1nYx+DatlOLllCYIHffpI="}'
+                ).then(function (paste1) {
+                    $.PrivateBin.CryptTool.decipher(
+                        's9pmKZKOBN7EVvHpTA8jjLFH3Xlz/0l8lB4+ONPACrM=',
+                        '', // no password
+                        '{"iv":"WA42mdxIVXUwBqZu7JYNiw==","v":1,"iter":10000,"ks"' +
+                        ':256,"ts":128,"mode":"gcm","adata":"","cipher":"aes","sa' +
+                        'lt":"jN6CjbQMJCM=","ct":"kYYMo5DFG1+w0UHiYXT5pdV0IUuXxzO' +
+                        'lslkW/c3DRCbGFROCVkAskHce7HoRczee1N9c5MhHjVMJUIZE02qIS8U' +
+                        'yHdJ/GqcPVidTUcj9rnDNWsTXkjVv8jCwHS/cwmAjDTWpwp5ThECN+ov' +
+                        '/wNp/NdtTj8Qj7f/T3rfZIOCWfwLH9s4Des35UNcUidfPTNQ1l0Gm0X+' +
+                        'r98CCUSYZjQxkZc6hRZBLPQ8EaNVooUwd5eP4GiYlmSDNA0wOSA+5isP' +
+                        'YxomVCt+kFf58VBlNhpfNi7BLYAUTPpXT4SfH5drR9+C7NTeZ+tTCYjb' +
+                        'U94PzYItOpu8vgnB1/a6BAM5h3m9w+giUb0df4hgTWeZnZxLjo5BN8WV' +
+                        '+kdTXMj3/Vv0gw0DQrDcCuX/cBAjpy3lQGwlAN1vXoOIyZJUjMpQRrOL' +
+                        'dKvLB+zcmVNtGDbgnfP2IYBzk9NtodpUa27ne0T0ZpwOPlVwevsIVZO2' +
+                        '24WLa+iQmmHOWDFFpVDlS0t0fLfOk7Hcb2xFsTxiCIiyKMho/IME1Du3' +
+                        'X4e6BVa3hobSSZv0rRtNgY1KcyYPrUPW2fxZ+oik3y9SgGvb7XpjVIta' +
+                        '8DWlDWRfZ9kzoweWEYqz9IA8Xd373RefpyuWI25zlHoX3nwljzsZU6dC' +
+                        '//h/Dt2DNr+IAvKO3+u23cWoB9kgcZJ2FJuqjLvVfCF+OWcig7zs2pTY' +
+                        'JW6Rg6lqbBCxiUUlae6xJrjfv0pzD2VYCLY7v1bVTagppwKzNI3WaluC' +
+                        'OrdDYUCxUSe56yd1oAoLPRVbYvomRboUO6cjQhEknERyvt45og2kORJO' +
+                        'EJayHW+jZgR0Y0jM3Nk17ubpij2gHxNx9kiLDOiCGSV5mn9mV7qd3HHc' +
+                        'OMSykiBgbyzjobi96LT2dIGLeDXTIdPOog8wyobO4jWq0GGs0vBB8oSY' +
+                        'XhHvixZLcSjX2KQuHmEoWzmJcr3DavdoXZmAurGWLKjzEdJc5dSD/eNr' +
+                        '99gjHX7wphJ6umKMM+fn6PcbYJkhDh2GlJL5COXjXfm/5aj/vuyaRRWZ' +
+                        'MZtmnYpGAtAPg7AUG"}'
+                    ).then(function (paste2) {
+                        clean();
+                        assert.ok(
+                            paste1.includes('securely packed in iron') &&
+                            paste2.includes('Sol is right')
+                        );
+                    });
+                });
+            }
+        );
+
+        it(
+            'supports ZeroBin ciphertext (SJCL & Base64 1.7)',
+            function () {
+                global.Base64 = require('../base64-1.7').Base64;
+                var clean = jsdom();
+                window.crypto = new WebCrypto();
+
+                // Of course you can easily decipher the following texts, if you like.
+                // Bonus points for finding their sources and hidden meanings.
+                return $.PrivateBin.CryptTool.decipher(
+                    '6t2qsmLyfXIokNCL+3/yl15rfTUBQvm5SOnFPvNE7Q8=',
+                    // -- "That's amazing. I've got the same combination on my luggage."
+                    Array.apply(0, Array(6)).map((_,b) => b + 1).join(''),
+                    '{"iv":"aTnR2qBL1CAmLX8FdWe3VA==","v":1,"iter":10000,"ks"' +
+                    ':256,"ts":128,"mode":"gcm","adata":"","cipher":"aes","sa' +
+                    'lt":"u0lQvePq6L0=","ct":"A3nBTvICZtYy6xqbIJE0c8Veored5lM' +
+                    'JUGgGUm4581wjrPFlU0Q0tUZSf+RUUoZj2jqDa4kiyyZ5YNMe30hNMV0' +
+                    'oVSalNhRgD9svVMnPuF162IbyhVCwr7ULjT981CHxVlGNqGqmIU6L/Xi' +
+                    'xgdArxAA8x1GCrfAkBWWGeq8Qw5vJPG/RCHpwR4Wy3azrluqeyERBzma' +
+                    'OQjO/kM35TiI6IrLYFyYyL7upYlxAaxS0XBMZvN8QU8Lnerwvh5JVC6O' +
+                    'kkKrhogajTJIKozCF79yI78c50LUh7tTuI3Yoh7+fXxhoODvQdYFmoiU' +
+                    'lrutN7Y5ZMRdITvVu8fTYtX9c7Fiufmcq5icEimiHp2g1bvfpOaGOsFT' +
+                    '+XNFgC9215jcp5mpBdN852xs7bUtw+nDrf+LsDEX6iRpRZ+PYgLDN5xQ' +
+                    'T1ByEtYbeP+tO38pnx72oZdIB3cj8UkOxnxdNiZM5YB5egn4jUj1fHot' +
+                    '1I69WoTiUJipZ5PIATv7ScymRB+AYzjxjurQ9lVfX9QtAbEH2dhdmoUo' +
+                    '3IDRSXpWNCe9RC1aUIyWfZO7oI7FEohNscHNTLEcT+wFnFUPByLlXmjN' +
+                    'Z7FKeNpvUm3jTY4t4sbZH8o2dUl624PAw1INcJ6FKqWGWwoFT2j1MYC+' +
+                    'YV/LkLTdjuWfayvwLMh27G/FfKCRbW36vqinegqpPDylsx9+3oFkEw3y' +
+                    '5Z8+44oN91rE/4Md7JhPJeRVlFC9TNCj4dA+EVhbbQqscvSnIH2uHkMw' +
+                    '7mNNo7xba/YT9KoPDaniqnYqb+q2pX1WNWE7dLS2wfroMAS3kh8P22DA' +
+                    'V37AeiNoD2PcI6ZcHbRdPa+XRrRcJhSPPW7UQ0z4OvBfjdu/w390QxAx' +
+                    'SxvZewoh49fKKB6hTsRnZb4tpHkjlww=="}'
+                ).then(function (paste1) {
+                    $.PrivateBin.CryptTool.decipher(
+                        's9pmKZKOBN7EVvHpTA8jjLFH3Xlz/0l8lB4+ONPACrM=',
+                        '', // no password
+                        '{"iv":"Z7lAZQbkrqGMvruxoSm6Pw==","v":1,"iter":10000,"ks"' +
+                        ':256,"ts":128,"mode":"gcm","adata":"","cipher":"aes","sa' +
+                        'lt":"jN6CjbQMJCM=","ct":"PuOPWB3i2FPcreSrLYeQf84LdE8RHjs' +
+                        'c+MGtiOr4b7doNyWKYtkNorbRadxaPnEee2/Utrp1MIIfY5juJSy8RGw' +
+                        'EPX5ciWcYe6EzsXWznsnvhmpKNj9B7eIIrfSbxfy8E2e/g7xav1nive+' +
+                        'ljToka3WT1DZ8ILQd/NbnJeHWaoSEOfvz8+d8QJPb1tNZvs7zEY95Dum' +
+                        'QwbyOsIMKAvcZHJ9OJNpujXzdMyt6DpcFcqlldWBZ/8q5rAUTw0HNx/r' +
+                        'CgbhAxRYfNoTLIcMM4L0cXbPSgCjwf5FuO3EdE13mgEDhcClW79m0Qvc' +
+                        'nIh8xgzYoxLbp0+AwvC/MbZM8savN/0ieWr2EKkZ04ggiOIEyvfCUuNp' +
+                        'rQBYO+y8kKduNEN6by0Yf4LRCPfmwN+GezDLuzTnZIMhPbGqUAdgV6Ex' +
+                        'qK2ULEEIrQEMoOuQIxfoMhqLlzG79vXGt2O+BY+4IiYfvmuRLks4UXfy' +
+                        'HqxPXTJg48IYbGs0j4TtJPUgp3523EyYLwEGyVTAuWhYAmVIwd/hoV7d' +
+                        '7tmfcF73w9dufDFI3LNca2KxzBnWNPYvIZKBwWbq8ncxkb191dP6mjEi' +
+                        '7NnhqVk5A6vIBbu4AC5PZf76l6yep4xsoy/QtdDxCMocCXeAML9MQ9uP' +
+                        'QbuspOKrBvMfN5igA1kBqasnxI472KBNXsdZnaDddSVUuvhTcETM="}'
+                    ).then(function (paste2) {
+                        clean();
+                        delete global.Base64;
+                        assert.ok(
+                            paste1.includes('securely packed in iron') &&
+                            paste2.includes('Sol is right')
+                        );
+                    });
+                });
+            }
+        );
+
+        it('does not truncate messages', async function () {
+            let message = fs.readFileSync('test/compression-sample.txt', 'utf8'),
+                clean = jsdom();
+            window.crypto = new WebCrypto();
+            let cipherMessage = await $.PrivateBin.CryptTool.cipher(
+                    'foo', 'bar', message, []
+                ),
+                plaintext = await $.PrivateBin.CryptTool.decipher(
+                        'foo', 'bar', cipherMessage
+                );
+            clean();
+            assert.strictEqual(
+                message,
+                plaintext
+            );
+        });
+
+        it('can en- and decrypt a particular message (#260)', function () {
+            jsc.assert(jsc.forall(
+                'string',
+                'string',
+                async function (key, password) {
+                    // pause to let async functions conclude
+                    await new Promise(resolve => setTimeout(resolve, 300));
+                    const message = `
+1 subgoal
+
+inv : Assert
+expr : Expr
+sBody : Instr
+deduction : (|- [|inv /\ assertOfExpr expr|] sBody [|inv|])%assert
+IHdeduction : (|= [|inv /\ assertOfExpr expr |] sBody [|inv|])%assert
+mem : Mem
+preInMem : inv mem
+m : Mem
+n : nat
+interpRel : interp (nth_iterate sBody n) (MemElem mem) = CpoElem Mem m
+lastIter : interp (nth_iterate sBody n) (MemElem mem) |=e expr_neg expr
+notLastIter : forall p : nat,
+              p < n -> interp (nth_iterate sBody p) (MemElem mem) |=e expr
+isWhile : interp (while expr sBody) (MemElem mem) =
+          interp (nth_iterate sBody n) (MemElem mem)
+
+======================== ( 1 / 1 )
+conseq_or_bottom inv (interp (nth_iterate sBody n) (MemElem mem))
+`;
+                    let clean = jsdom();
+                    window.crypto = new WebCrypto();
+                    let cipherMessage = await $.PrivateBin.CryptTool.cipher(
+                            key, password, message, []
+                        ),
+                        plaintext = await $.PrivateBin.CryptTool.decipher(
+                                key, password, cipherMessage
+                        );
+                    clean();
+                    return message === plaintext;
+                }
+            ),
+            {tests: 3});
+        });
+    });
+
+    describe('getSymmetricKey', function () {
+        this.timeout(30000);
+        var keys = [];
+
+        // the parameter is used to ensure the test is run more then one time
+        jsc.property(
+            'returns random, non-empty keys',
+            'integer',
+            function(counter) {
+                var clean = jsdom();
+                window.crypto = new WebCrypto();
+                var key = $.PrivateBin.CryptTool.getSymmetricKey(),
+                    result = (key !== '' && keys.indexOf(key) === -1);
+                keys.push(key);
+                clean();
+                return result;
+            }
+        );
+    });
+});
+
--- a/js/test/DiscussionViewer.js
+++ b/js/test/DiscussionViewer.js
@@ -0,0 +1,116 @@
+'use strict';
+var common = require('../common');
+
+describe('DiscussionViewer', function () {
+    describe('handleNotification, prepareNewDiscussion, addComment, finishDiscussion, getReplyMessage, getReplyNickname, getReplyCommentId & highlightComment', function () {
+        this.timeout(30000);
+        before(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'displays & hides comments as requested',
+            jsc.array(
+                jsc.record({
+                    idArray: jsc.nearray(common.jscAlnumString()),
+                    parentidArray: jsc.nearray(common.jscAlnumString()),
+                    data: jsc.string,
+                    meta: jsc.record({
+                        nickname: jsc.string,
+                        postdate: jsc.nat,
+                        vizhash: jsc.string
+                    })
+                })
+            ),
+            'nat',
+            'bool',
+            'string',
+            'string',
+            jsc.elements(['loading', 'danger', 'other']),
+            'nestring',
+            function (comments, commentKey, fadeOut, nickname, message, alertType, alert) {
+                var clean = jsdom(),
+                    results = [];
+                $('body').html(
+                    '<div id="discussion"><h4>Discussion</h4>' +
+                    '<div id="commentcontainer"></div></div><div id="templates">' +
+                    '<article id="commenttemplate" class="comment">' +
+                    '<div class="commentmeta"><span class="nickname">name</span>' +
+                    '<span class="commentdate">0000-00-00</span></div>' +
+                    '<div class="commentdata">c</div>' +
+                    '<button class="btn btn-default btn-sm">Reply</button>' +
+                    '</article><p id="commenttailtemplate" class="comment">' +
+                    '<button class="btn btn-default btn-sm">Add comment</button>' +
+                    '</p><div id="replytemplate" class="reply hidden">' +
+                    '<input type="text" id="nickname" class="form-control" ' +
+                    'title="Optional nickname…" placeholder="Optional ' +
+                    'nickname…" /><textarea id="replymessage" ' +
+                    'class="replymessage form-control" cols="80" rows="7">' +
+                    '</textarea><br /><div id="replystatus" role="alert" ' +
+                    'class="statusmessage hidden alert"><span class="glyphicon" ' +
+                    'aria-hidden="true"></span> </div><button id="replybutton" ' +
+                    'class="btn btn-default btn-sm">Post comment</button></div></div>'
+                );
+                $.PrivateBin.Model.init();
+                $.PrivateBin.DiscussionViewer.init();
+                results.push(
+                    !$('#discussion').hasClass('hidden')
+                );
+                $.PrivateBin.DiscussionViewer.prepareNewDiscussion();
+                results.push(
+                    $('#discussion').hasClass('hidden')
+                );
+                comments.forEach(function (comment) {
+                    comment.id = comment.idArray.join('');
+                    comment.parentid = comment.parentidArray.join('');
+                    $.PrivateBin.DiscussionViewer.addComment($.PrivateBin.Helper.CommentFactory(comment), comment.data, comment.meta.nickname);
+                });
+                results.push(
+                    $('#discussion').hasClass('hidden')
+                );
+                $.PrivateBin.DiscussionViewer.finishDiscussion();
+                results.push(
+                    !$('#discussion').hasClass('hidden') &&
+                    comments.length + 1 >= $('#commentcontainer').children().length
+                );
+                if (comments.length > 0) {
+                    if (commentKey >= comments.length) {
+                        commentKey = commentKey % comments.length;
+                    }
+                    $.PrivateBin.DiscussionViewer.highlightComment(comments[commentKey].id, fadeOut);
+                    results.push(
+                        $('#comment_' + comments[commentKey].id).hasClass('highlight')
+                    );
+                }
+                $('#commentcontainer').find('button')[0].click();
+                results.push(
+                    !$('#reply').hasClass('hidden')
+                );
+                $('#reply #nickname').val(nickname);
+                $('#reply #replymessage').val(message);
+                $.PrivateBin.DiscussionViewer.getReplyCommentId();
+                results.push(
+                    $.PrivateBin.DiscussionViewer.getReplyNickname() === $('#reply #nickname').val() &&
+                    $.PrivateBin.DiscussionViewer.getReplyMessage() === $('#reply #replymessage').val()
+                );
+                var notificationResult = $.PrivateBin.DiscussionViewer.handleNotification(alertType === 'other' ? alert : alertType);
+                if (alertType === 'loading') {
+                    results.push(notificationResult === false);
+                } else {
+                    results.push(
+                        alertType === 'danger' ? (
+                            notificationResult.hasClass('alert-danger') &&
+                            !notificationResult.hasClass('alert-info')
+                        ) : (
+                            !notificationResult.hasClass('alert-danger') &&
+                            notificationResult.hasClass('alert-info')
+                        )
+                    );
+                }
+                clean();
+                return results.every(element => element);
+            }
+        );
+    });
+});
+
--- a/js/test/Editor.js
+++ b/js/test/Editor.js
@@ -0,0 +1,74 @@
+'use strict';
+require('../common');
+
+describe('Editor', function () {
+    describe('show, hide, getText, setText & isPreview', function () {
+        this.timeout(30000);
+        before(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'returns text fed into the textarea, handles editor tabs',
+            'string',
+            function (text) {
+                var clean = jsdom(),
+                    results = [];
+                $('body').html(
+                    '<ul id="editorTabs" class="nav nav-tabs hidden"><li ' +
+                    'role="presentation" class="active"><a id="messageedit" ' +
+                    'href="#">Editor</a></li><li role="presentation"><a ' +
+                    'id="messagepreview" href="#">Preview</a></li></ul><div ' +
+                    'id="placeholder" class="hidden">+++ no paste text +++</div>' +
+                    '<div id="prettymessage" class="hidden"><pre id="prettyprint" ' +
+                    'class="prettyprint linenums:1"></pre></div><div ' +
+                    'id="plaintext" class="hidden"></div><p><textarea ' +
+                    'id="message" name="message" cols="80" rows="25" ' +
+                    'class="form-control hidden"></textarea></p>'
+                );
+                $.PrivateBin.Editor.init();
+                results.push(
+                    $('#editorTabs').hasClass('hidden') &&
+                    $('#message').hasClass('hidden')
+                );
+                $.PrivateBin.Editor.show();
+                results.push(
+                    !$('#editorTabs').hasClass('hidden') &&
+                    !$('#message').hasClass('hidden')
+                );
+                $.PrivateBin.Editor.hide();
+                results.push(
+                    $('#editorTabs').hasClass('hidden') &&
+                    $('#message').hasClass('hidden')
+                );
+                $.PrivateBin.Editor.show();
+                $.PrivateBin.Editor.focusInput();
+                results.push(
+                    $.PrivateBin.Editor.getText().length === 0
+                );
+                $.PrivateBin.Editor.setText(text);
+                results.push(
+                    $.PrivateBin.Editor.getText() === $('#message').val()
+                );
+                $.PrivateBin.Editor.setText();
+                results.push(
+                    !$.PrivateBin.Editor.isPreview() &&
+                    !$('#message').hasClass('hidden')
+                );
+                $('#messagepreview').click();
+                results.push(
+                    $.PrivateBin.Editor.isPreview() &&
+                    $('#message').hasClass('hidden')
+                );
+                $('#messageedit').click();
+                results.push(
+                    !$.PrivateBin.Editor.isPreview() &&
+                    !$('#message').hasClass('hidden')
+                );
+                clean();
+                return results.every(element => element);
+            }
+        );
+    });
+});
+
--- a/js/test/Helper.js
+++ b/js/test/Helper.js
@@ -0,0 +1,280 @@
+'use strict';
+var common = require('../common');
+
+describe('Helper', function () {
+    describe('secondsToHuman', function () {
+        after(function () {
+            cleanup();
+        });
+
+        jsc.property('returns an array with a number and a word', 'integer', function (number) {
+            var result = $.PrivateBin.Helper.secondsToHuman(number);
+            return Array.isArray(result) &&
+                result.length === 2 &&
+                result[0] === parseInt(result[0], 10) &&
+                typeof result[1] === 'string';
+        });
+        jsc.property('returns seconds on the first array position', 'integer 59', function (number) {
+            return $.PrivateBin.Helper.secondsToHuman(number)[0] === number;
+        });
+        jsc.property('returns seconds on the second array position', 'integer 59', function (number) {
+            return $.PrivateBin.Helper.secondsToHuman(number)[1] === 'second';
+        });
+        jsc.property('returns minutes on the first array position', 'integer 60 3599', function (number) {
+            return $.PrivateBin.Helper.secondsToHuman(number)[0] === Math.floor(number / 60);
+        });
+        jsc.property('returns minutes on the second array position', 'integer 60 3599', function (number) {
+            return $.PrivateBin.Helper.secondsToHuman(number)[1] === 'minute';
+        });
+        jsc.property('returns hours on the first array position', 'integer 3600 86399', function (number) {
+            return $.PrivateBin.Helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60));
+        });
+        jsc.property('returns hours on the second array position', 'integer 3600 86399', function (number) {
+            return $.PrivateBin.Helper.secondsToHuman(number)[1] === 'hour';
+        });
+        jsc.property('returns days on the first array position', 'integer 86400 5184000', function (number) {
+            return $.PrivateBin.Helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60 * 24));
+        });
+        jsc.property('returns days on the second array position', 'integer 86400 5184000', function (number) {
+            return $.PrivateBin.Helper.secondsToHuman(number)[1] === 'day';
+        });
+        // max safe integer as per http://ecma262-5.com/ELS5_HTML.htm#Section_8.5
+        jsc.property('returns months on the first array position', 'integer 5184000 9007199254740991', function (number) {
+            return $.PrivateBin.Helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60 * 24 * 30));
+        });
+        jsc.property('returns months on the second array position', 'integer 5184000 9007199254740991', function (number) {
+            return $.PrivateBin.Helper.secondsToHuman(number)[1] === 'month';
+        });
+    });
+
+    // this test is not yet meaningful using jsdom, as it does not contain getSelection support.
+    // TODO: This needs to be tested using a browser.
+    describe('selectText', function () {
+        this.timeout(30000);
+        jsc.property(
+            'selection contains content of given ID',
+            jsc.nearray(jsc.nearray(common.jscAlnumString())),
+            'nearray string',
+            function (ids, contents) {
+                var html = '',
+                    result = true;
+                ids.forEach(function(item, i) {
+                    html += '<div id="' + item.join('') + '">' + common.htmlEntities(contents[i] || contents[0]) + '</div>';
+                });
+                var clean = jsdom(html);
+                // TODO: As per https://github.com/tmpvar/jsdom/issues/321 there is no getSelection in jsdom, yet.
+                // Once there is one, uncomment the block below to actually check the result.
+                /*
+                ids.forEach(function(item, i) {
+                    $.PrivateBin.Helper.selectText(item.join(''));
+                    result *= (contents[i] || contents[0]) === window.getSelection().toString();
+                });
+                */
+                clean();
+                return Boolean(result);
+            }
+        );
+    });
+
+    describe('urls2links', function () {
+        after(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'ignores non-URL content',
+            'string',
+            function (content) {
+                return content === $.PrivateBin.Helper.urls2links(content);
+            }
+        );
+        jsc.property(
+            'replaces URLs with anchors',
+            'string',
+            jsc.elements(['http', 'https', 'ftp']),
+            jsc.nearray(common.jscA2zString()),
+            jsc.array(common.jscQueryString()),
+            jsc.array(common.jscHashString()),
+            'string',
+            function (prefix, schema, address, query, fragment, postfix) {
+                var query = query.join(''),
+                    fragment = fragment.join(''),
+                    url = schema + '://' + address.join('') + '/?' + query + '#' + fragment,
+                    prefix = common.htmlEntities(prefix),
+                    postfix = ' ' + common.htmlEntities(postfix);
+
+                // special cases: When the query string and fragment imply the beginning of an HTML entity, eg. &#0 or &#x
+                if (
+                    query.slice(-1) === '&' &&
+                    (parseInt(fragment.substring(0, 1), 10) >= 0 || fragment.charAt(0) === 'x' )
+                )
+                {
+                    url = schema + '://' + address.join('') + '/?' + query.substring(0, query.length - 1);
+                    postfix = '';
+                }
+
+                return prefix + '<a href="' + url + '" rel="nofollow">' + url + '</a>' + postfix === $.PrivateBin.Helper.urls2links(prefix + url + postfix);
+            }
+        );
+        jsc.property(
+            'replaces magnet links with anchors',
+            'string',
+            jsc.array(common.jscQueryString()),
+            'string',
+            function (prefix, query, postfix) {
+                var url = 'magnet:?' + query.join('').replace(/^&+|&+$/gm,''),
+                    prefix = common.htmlEntities(prefix),
+                    postfix = common.htmlEntities(postfix);
+                return prefix + '<a href="' + url + '" rel="nofollow">' + url + '</a> ' + postfix === $.PrivateBin.Helper.urls2links(prefix + url + ' ' + postfix);
+            }
+        );
+    });
+
+    describe('sprintf', function () {
+        after(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'replaces %s in strings with first given parameter',
+            'string',
+            '(small nearray) string',
+            'string',
+            function (prefix, params, postfix) {
+                prefix    =    prefix.replace(/%(s|d)/g, '%%');
+                params[0] = params[0].replace(/%(s|d)/g, '%%');
+                postfix   =   postfix.replace(/%(s|d)/g, '%%');
+                var result = prefix + params[0] + postfix;
+                params.unshift(prefix + '%s' + postfix);
+                return result === $.PrivateBin.Helper.sprintf.apply(this, params);
+            }
+        );
+        jsc.property(
+            'replaces %d in strings with first given parameter',
+            'string',
+            '(small nearray) nat',
+            'string',
+            function (prefix, params, postfix) {
+                prefix  =  prefix.replace(/%(s|d)/g, '%%');
+                postfix = postfix.replace(/%(s|d)/g, '%%');
+                var result = prefix + params[0] + postfix;
+                params.unshift(prefix + '%d' + postfix);
+                return result === $.PrivateBin.Helper.sprintf.apply(this, params);
+            }
+        );
+        jsc.property(
+            'replaces %d in strings with 0 if first parameter is not a number',
+            'string',
+            '(small nearray) falsy',
+            'string',
+            function (prefix, params, postfix) {
+                prefix  =  prefix.replace(/%(s|d)/g, '%%');
+                postfix = postfix.replace(/%(s|d)/g, '%%');
+                var result = prefix + '0' + postfix;
+                params.unshift(prefix + '%d' + postfix);
+                return result === $.PrivateBin.Helper.sprintf.apply(this, params);
+            }
+        );
+        jsc.property(
+            'replaces %d and %s in strings in order',
+            'string',
+            'nat',
+            'string',
+            'string',
+            'string',
+            function (prefix, uint, middle, string, postfix) {
+                prefix  =  prefix.replace(/%(s|d)/g, '%%');
+                middle  =  middle.replace(/%(s|d)/g, '%%');
+                postfix = postfix.replace(/%(s|d)/g, '%%');
+                var params = [prefix + '%d' + middle + '%s' + postfix, uint, string],
+                    result = prefix + uint + middle + string + postfix;
+                return result === $.PrivateBin.Helper.sprintf.apply(this, params);
+            }
+        );
+        jsc.property(
+            'replaces %d and %s in strings in reverse order',
+            'string',
+            'nat',
+            'string',
+            'string',
+            'string',
+            function (prefix, uint, middle, string, postfix) {
+                prefix  =  prefix.replace(/%(s|d)/g, '%%');
+                middle  =  middle.replace(/%(s|d)/g, '%%');
+                postfix = postfix.replace(/%(s|d)/g, '%%');
+                var params = [prefix + '%s' + middle + '%d' + postfix, string, uint],
+                    result = prefix + string + middle + uint + postfix;
+                return result === $.PrivateBin.Helper.sprintf.apply(this, params);
+            }
+        );
+    });
+
+    describe('getCookie', function () {
+        this.timeout(30000);
+        after(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'returns the requested cookie',
+            jsc.nearray(jsc.nearray(common.jscAlnumString())),
+            jsc.nearray(jsc.nearray(common.jscAlnumString())),
+            function (labels, values) {
+                var selectedKey = '', selectedValue = '',
+                    cookieArray = [];
+                labels.forEach(function(item, i) {
+                    var key = item.join(''),
+                        value = (values[i] || values[0]).join('');
+                    cookieArray.push(key + '=' + value);
+                    if (Math.random() < 1 / i || selectedKey === key)
+                    {
+                        selectedKey = key;
+                        selectedValue = value;
+                    }
+                });
+                var clean = jsdom('', {cookie: cookieArray}),
+                    result = $.PrivateBin.Helper.getCookie(selectedKey);
+                $.PrivateBin.Helper.reset();
+                clean();
+                return result === selectedValue;
+            }
+        );
+    });
+
+    describe('baseUri', function () {
+        this.timeout(30000);
+        jsc.property(
+            'returns the URL without query & fragment',
+            jsc.elements(['http', 'https']),
+            jsc.nearray(common.jscA2zString()),
+            jsc.array(common.jscA2zString()),
+            jsc.array(common.jscQueryString()),
+            'string',
+            function (schema, address, path, query, fragment) {
+                $.PrivateBin.Helper.reset();
+                var path = path.join('') + (path.length > 0 ? '/' : ''),
+                    expected = schema + '://' + address.join('') + '/' + path,
+                    clean = jsdom('', {url: expected + '?' + query.join('') + '#' + fragment}),
+                    result = $.PrivateBin.Helper.baseUri();
+                clean();
+                return expected === result;
+            }
+        );
+    });
+
+    describe('htmlEntities', function () {
+        after(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'removes all HTML entities from any given string',
+            'string',
+            function (string) {
+                var result = common.htmlEntities(string);
+                return !(/[<>"'`=\/]/.test(result)) && !(string.indexOf('&') > -1 && !(/&amp;/.test(result)));
+            }
+        );
+    });
+});
+
--- a/js/test/I18n.js
+++ b/js/test/I18n.js
@@ -0,0 +1,131 @@
+'use strict';
+var common = require('../common');
+
+describe('I18n', function () {
+    describe('translate', function () {
+        before(function () {
+            $.PrivateBin.I18n.reset();
+        });
+
+        jsc.property(
+            'returns message ID unchanged if no translation found',
+            'string',
+            function (messageId) {
+                messageId   = messageId.replace(/%(s|d)/g, '%%');
+                var plurals = [messageId, messageId + 's'],
+                    fake    = [messageId],
+                    result  = $.PrivateBin.I18n.translate(messageId);
+                $.PrivateBin.I18n.reset();
+
+                var alias = $.PrivateBin.I18n._(messageId);
+                $.PrivateBin.I18n.reset();
+
+                var pluralResult = $.PrivateBin.I18n.translate(plurals);
+                $.PrivateBin.I18n.reset();
+
+                var pluralAlias = $.PrivateBin.I18n._(plurals);
+                $.PrivateBin.I18n.reset();
+
+                var fakeResult = $.PrivateBin.I18n.translate(fake);
+                $.PrivateBin.I18n.reset();
+
+                var fakeAlias = $.PrivateBin.I18n._(fake);
+                $.PrivateBin.I18n.reset();
+
+                return messageId === result && messageId === alias &&
+                    messageId === pluralResult && messageId === pluralAlias &&
+                    messageId === fakeResult && messageId === fakeAlias;
+            }
+        );
+        jsc.property(
+            'replaces %s in strings with first given parameter',
+            'string',
+            '(small nearray) string',
+            'string',
+            function (prefix, params, postfix) {
+                prefix    =    prefix.replace(/%(s|d)/g, '%%');
+                params[0] = params[0].replace(/%(s|d)/g, '%%');
+                postfix   =   postfix.replace(/%(s|d)/g, '%%');
+                var translation = prefix + params[0] + postfix;
+                params.unshift(prefix + '%s' + postfix);
+                var result = $.PrivateBin.I18n.translate.apply(this, params);
+                $.PrivateBin.I18n.reset();
+                var alias = $.PrivateBin.I18n._.apply(this, params);
+                $.PrivateBin.I18n.reset();
+                return translation === result && translation === alias;
+            }
+        );
+    });
+
+    describe('getPluralForm', function () {
+        before(function () {
+            $.PrivateBin.I18n.reset();
+        });
+
+        jsc.property(
+            'returns valid key for plural form',
+            common.jscSupportedLanguages(),
+            'integer',
+            function(language, n) {
+                $.PrivateBin.I18n.reset(language);
+                var result = $.PrivateBin.I18n.getPluralForm(n);
+                // arabic seems to have the highest plural count with 6 forms
+                return result >= 0 && result <= 5;
+            }
+        );
+    });
+
+    // loading of JSON via AJAX needs to be tested in the browser, this just mocks it
+    // TODO: This needs to be tested using a browser.
+    describe('loadTranslations', function () {
+        this.timeout(30000);
+        before(function () {
+            $.PrivateBin.I18n.reset();
+        });
+
+        jsc.property(
+            'downloads and handles any supported language',
+            common.jscSupportedLanguages(),
+            function(language) {
+                // cleanup
+                var clean = jsdom('', {cookie: ['lang=en']});
+                $.PrivateBin.I18n.reset('en');
+                $.PrivateBin.I18n.loadTranslations();
+                clean();
+
+                // mock
+                clean = jsdom('', {cookie: ['lang=' + language]});
+                $.PrivateBin.I18n.reset(language, require('../../i18n/' + language + '.json'));
+                var result = $.PrivateBin.I18n.translate('en'),
+                    alias  = $.PrivateBin.I18n._('en');
+                clean();
+                return language === result && language === alias;
+            }
+        );
+
+        jsc.property(
+            'should default to en',
+            function() {
+                var clean = jsdom('', {url: 'https://privatebin.net/'});
+
+                // when navigator.userLanguage is undefined and no default language
+                // is specified, it would throw an error
+                [ 'language', 'userLanguage' ].forEach(function (key) {
+                    Object.defineProperty(navigator, key, {
+                        value: undefined,
+                        writeable: false
+                    });
+                });
+
+                $.PrivateBin.I18n.reset('en');
+                $.PrivateBin.I18n.loadTranslations();
+                var result = $.PrivateBin.I18n.translate('en'),
+                    alias  = $.PrivateBin.I18n._('en');
+
+                clean();
+                return 'en' === result && 'en' === alias;
+            }
+        );
+    });
+});
+
--- a/js/test/InitialCheck.js
+++ b/js/test/InitialCheck.js
@@ -0,0 +1,88 @@
+'use strict';
+var common = require('../common');
+
+describe('InitialCheck', function () {
+    describe('init', function () {
+        this.timeout(30000);
+        before(function () {
+            cleanup();
+        });
+
+        it('returns false and shows error, if a bot UA is detected', function () {
+            jsc.assert(jsc.forall(
+                'string',
+                jsc.elements(['Bot', 'bot']),
+                'string',
+                function (prefix, botBit, suffix) {
+                    const clean = jsdom('', {
+                        'userAgent': prefix + botBit + suffix
+                    });
+                    $('body').html(
+                        '<html><body><div id="errormessage" class="hidden"></div>' +
+                        '</body></html>'
+                    );
+                    $.PrivateBin.Alert.init();
+                    window.crypto = null;
+                    const result1 = !$.PrivateBin.InitialCheck.init(),
+                          result2 = !$('#errormessage').hasClass('hidden');
+                    clean();
+                    return result1 && result2;
+                }
+            ),
+            {tests: 10});
+        });
+
+        jsc.property(
+            'shows error, if no webcrypto is detected',
+            'bool',
+            jsc.elements(['localhost', '127.0.0.1', '[::1]', '']),
+            jsc.nearray(common.jscA2zString()),
+            jsc.elements(['.onion', '.i2p', '']),
+            function (secureProtocol, localhost, domain, tld) {
+                const isDomain = localhost === '',
+                      isSecureContext = secureProtocol || !isDomain || tld.length > 0,
+                      clean = jsdom('', {
+                          'url': (secureProtocol ? 'https' : 'http' ) + '://' +
+                                 (isDomain ? domain.join('') + tld : localhost) + '/'
+                      });
+                $('body').html(
+                    '<html><body><div id="errormessage" class="hidden"></div>'+
+                    '<div id="oldnotice" class="hidden"></div></body></html>'
+                );
+                $.PrivateBin.Alert.init();
+                const result1 = !$.PrivateBin.InitialCheck.init(),
+                      result2 = isSecureContext === $('#errormessage').hasClass('hidden'),
+                      result3 = !$('#oldnotice').hasClass('hidden');
+                clean();
+                return result1 && result2 && result3;
+            }
+        );
+
+        jsc.property(
+            'shows error, if HTTP only site is detected',
+            'bool',
+            jsc.elements(['localhost', '127.0.0.1', '[::1]', '']),
+            jsc.nearray(common.jscA2zString()),
+            jsc.elements(['.onion', '.i2p', '']),
+            function (secureProtocol, localhost, domain, tld) {
+                const isDomain = localhost === '',
+                      isSecureContext = secureProtocol || !isDomain || tld.length > 0,
+                      clean = jsdom('', {
+                          'url': (secureProtocol ? 'https' : 'http' ) + '://' +
+                               (isDomain ? domain.join('') + tld : localhost) + '/'
+                      });
+                $('body').html(
+                    '<html><body><div id="httpnotice" class="hidden"></div>'+
+                    '</body></html>'
+                );
+                $.PrivateBin.Alert.init();
+                window.crypto = null;
+                const result1 = $.PrivateBin.InitialCheck.init(),
+                      result2 = isSecureContext === $('#httpnotice').hasClass('hidden');
+                clean();
+                return result1 && result2;
+            }
+        );
+    });
+});
+
--- a/js/test/Model.js
+++ b/js/test/Model.js
@@ -0,0 +1,274 @@
+'use strict';
+var common = require('../common');
+
+describe('Model', function () {
+    describe('getExpirationDefault', function () {
+        before(function () {
+            $.PrivateBin.Model.reset();
+            cleanup();
+        });
+
+        jsc.property(
+            'returns the contents of the element with id "pasteExpiration"',
+            'array asciinestring',
+            'string',
+            'small nat',
+            function (keys, value, key) {
+                keys = keys.map(common.htmlEntities);
+                value = common.htmlEntities(value);
+                var content = keys.length > key ? keys[key] : (keys.length > 0 ? keys[0] : 'null'),
+                    contents = '<select id="pasteExpiration" name="pasteExpiration">';
+                keys.forEach(function(item) {
+                    contents += '<option value="' + item + '"';
+                    if (item === content) {
+                        contents += ' selected="selected"';
+                    }
+                    contents += '>' + value + '</option>';
+                });
+                contents += '</select>';
+                $('body').html(contents);
+                var result = common.htmlEntities(
+                    $.PrivateBin.Model.getExpirationDefault()
+                );
+                $.PrivateBin.Model.reset();
+                return content === result;
+            }
+        );
+    });
+
+    describe('getFormatDefault', function () {
+        before(function () {
+            $.PrivateBin.Model.reset();
+            cleanup();
+        });
+
+        jsc.property(
+            'returns the contents of the element with id "pasteFormatter"',
+            'array asciinestring',
+            'string',
+            'small nat',
+            function (keys, value, key) {
+                keys = keys.map(common.htmlEntities);
+                value = common.htmlEntities(value);
+                var content = keys.length > key ? keys[key] : (keys.length > 0 ? keys[0] : 'null'),
+                    contents = '<select id="pasteFormatter" name="pasteFormatter">';
+                keys.forEach(function(item) {
+                    contents += '<option value="' + item + '"';
+                    if (item === content) {
+                        contents += ' selected="selected"';
+                    }
+                    contents += '>' + value + '</option>';
+                });
+                contents += '</select>';
+                $('body').html(contents);
+                var result = common.htmlEntities(
+                    $.PrivateBin.Model.getFormatDefault()
+                );
+                $.PrivateBin.Model.reset();
+                return content === result;
+            }
+        );
+    });
+
+    describe('getPasteId', function () {
+        this.timeout(30000);
+        beforeEach(function () {
+            $.PrivateBin.Model.reset();
+            cleanup();
+        });
+
+        jsc.property(
+            'returns the query string without separator, if any',
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscA2zString()),
+            jsc.tuple(new Array(16).fill(common.jscHexString)),
+            jsc.array(common.jscQueryString()),
+            jsc.array(common.jscQueryString()),
+            'string',
+            function (schema, address, pasteId, queryStart, queryEnd, fragment) {
+                var pasteIdString    = pasteId.join(''),
+                    queryStartString = queryStart.join('') + (queryStart.length > 0 ? '&' : ''),
+                    queryEndString   = (queryEnd.length > 0 ? '&' : '') + queryEnd.join(''),
+                    queryString      = queryStartString + pasteIdString + queryEndString,
+                    clean            = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') +
+                             '/?' + queryString + '#' + fragment
+                    });
+                    global.URL = require('jsdom-url').URL;
+                    var result = $.PrivateBin.Model.getPasteId();
+                $.PrivateBin.Model.reset();
+                clean();
+                return pasteIdString === result;
+            }
+        );
+        jsc.property(
+            'throws exception on empty query string',
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscA2zString()),
+            'string',
+            function (schema, address, fragment) {
+                var clean = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') +
+                             '/#' + fragment
+                    }),
+                    result = false;
+                global.URL = require('jsdom-url').URL;
+                try {
+                    $.PrivateBin.Model.getPasteId();
+                }
+                catch(err) {
+                    result = true;
+                }
+                $.PrivateBin.Model.reset();
+                clean();
+                return result;
+            }
+        );
+    });
+
+    describe('getPasteKey', function () {
+        this.timeout(30000);
+        beforeEach(function () {
+            $.PrivateBin.Model.reset();
+            cleanup();
+        });
+
+        jsc.property(
+            'returns the fragment of a v1 URL',
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscA2zString()),
+            jsc.array(common.jscQueryString()),
+            'nestring',
+            function (schema, address, query, fragment) {
+                const fragmentString = common.btoa(fragment.padStart(32, '\u0000'));
+                let clean = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') +
+                             '/?' + query.join('') + '#' + fragmentString
+                    }),
+                    result = $.PrivateBin.Model.getPasteKey();
+                $.PrivateBin.Model.reset();
+                clean();
+                return fragmentString === result;
+            }
+        );
+        jsc.property(
+            'returns the v1 fragment stripped of trailing query parts',
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscA2zString()),
+            jsc.array(common.jscQueryString()),
+            'nestring',
+            jsc.array(common.jscHashString()),
+            function (schema, address, query, fragment, trail) {
+                const fragmentString = common.btoa(fragment.padStart(32, '\u0000'));
+                let clean = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') + '/?' +
+                             query.join('') + '#' + fragmentString + '&' + trail.join('')
+                    }),
+                    result = $.PrivateBin.Model.getPasteKey();
+                $.PrivateBin.Model.reset();
+                clean();
+                return fragmentString === result;
+            }
+        );
+        jsc.property(
+            'returns the fragment of a v2 URL',
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscA2zString()),
+            jsc.array(common.jscQueryString()),
+            'nestring',
+            function (schema, address, query, fragment) {
+                // base58 strips leading NULL bytes, so the string is padded with these if not found
+                fragment = fragment.padStart(32, '\u0000');
+                let fragmentString = $.PrivateBin.CryptTool.base58encode(fragment),
+                    clean = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') +
+                             '/?' + query.join('') + '#' + fragmentString
+                    }),
+                    result = $.PrivateBin.Model.getPasteKey();
+                $.PrivateBin.Model.reset();
+                clean();
+                return fragment === result;
+            }
+        );
+        jsc.property(
+            'returns the v2 fragment stripped of trailing query parts',
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscA2zString()),
+            jsc.array(common.jscQueryString()),
+            'nestring',
+            jsc.array(common.jscHashString()),
+            function (schema, address, query, fragment, trail) {
+                // base58 strips leading NULL bytes, so the string is padded with these if not found
+                fragment = fragment.padStart(32, '\u0000');
+                let fragmentString = $.PrivateBin.CryptTool.base58encode(fragment),
+                    clean = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') + '/?' +
+                             query.join('') + '#' + fragmentString + '&' + trail.join('')
+                    }),
+                    result = $.PrivateBin.Model.getPasteKey();
+                $.PrivateBin.Model.reset();
+                clean();
+                return fragment === result;
+            }
+        );
+        jsc.property(
+            'throws exception on empty fragment of the URL',
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscA2zString()),
+            jsc.array(common.jscQueryString()),
+            function (schema, address, query) {
+                var clean = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') +
+                             '/?' + query.join('')
+                    }),
+                    result = false;
+                try {
+                    $.PrivateBin.Model.getPasteKey();
+                }
+                catch(err) {
+                    result = true;
+                }
+                $.PrivateBin.Model.reset();
+                clean();
+                return result;
+            }
+        );
+    });
+
+    describe('getTemplate', function () {
+        beforeEach(function () {
+            $.PrivateBin.Model.reset();
+            cleanup();
+        });
+
+        jsc.property(
+            'returns the contents of the element with id "[name]template"',
+            jsc.nearray(common.jscAlnumString()),
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscAlnumString()),
+            function (id, element, value) {
+                id = id.join('');
+                element = element.join('');
+                value = value.join('').trim();
+
+                // <br>, <hr>, <img> and <wbr> tags can't contain strings,
+                // table tags can't be alone, so test with a <p> instead
+                if (['br', 'col', 'hr', 'img', 'tr', 'td', 'th', 'wbr'].indexOf(element) >= 0) {
+                    element = 'p';
+                }
+
+                $('body').html(
+                    '<div id="templates"><' + element + ' id="' + id +
+                    'template">' + value + '</' + element + '></div>'
+                );
+                $.PrivateBin.Model.init();
+                var template = '<' + element + ' id="' + id + '">' + value +
+                    '</' + element + '>',
+                    result = $.PrivateBin.Model.getTemplate(id).wrap('<p/>').parent().html();
+                $.PrivateBin.Model.reset();
+                return template === result;
+            }
+        );
+    });
+});
+
--- a/js/test/PasteStatus.js
+++ b/js/test/PasteStatus.js
@@ -0,0 +1,144 @@
+'use strict';
+var common = require('../common');
+
+describe('PasteStatus', function () {
+    describe('createPasteNotification', function () {
+        this.timeout(30000);
+
+        jsc.property(
+            'creates a notification after a successfull paste upload',
+            common.jscSchemas(),
+            jsc.nearray(common.jscA2zString()),
+            jsc.array(common.jscQueryString()),
+            'string',
+            common.jscSchemas(),
+            jsc.nearray(common.jscA2zString()),
+            jsc.array(common.jscQueryString()),
+            function (
+                schema1, address1, query1, fragment1,
+                schema2, address2, query2
+            ) {
+                var expected1 = schema1 + '://' + address1.join('') + '/?' +
+                    encodeURI(query1.join('').replace(/^&+|&+$/gm,'') + '#' + fragment1),
+                    expected2 = schema2 + '://' + address2.join('') + '/?' +
+                    encodeURI(query2.join('').replace(/^&+|&+$/gm,'')),
+                    clean = jsdom();
+                $('body').html('<div><div id="deletelink"></div><div id="pastelink"></div></div>');
+                $.PrivateBin.PasteStatus.init();
+                $.PrivateBin.PasteStatus.createPasteNotification(expected1, expected2);
+                var result1 = $('#pasteurl')[0].href,
+                    result2 = $('#deletelink a')[0].href;
+                clean();
+                return result1 === expected1 && result2 === expected2;
+            }
+        );
+    });
+
+    describe('showRemainingTime', function () {
+        this.timeout(30000);
+        before(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'shows burn after reading message or remaining time v1',
+            'bool',
+            'nat',
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscQueryString()),
+            'string',
+            function (
+                burnafterreading, remainingTime,
+                schema, address, query, fragment
+            ) {
+                var clean = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') +
+                             '/?' + query.join('') + '#' + fragment
+                    }),
+                    result;
+                $('body').html('<div id="remainingtime" class="hidden"></div>');
+                $.PrivateBin.PasteStatus.init();
+                $.PrivateBin.PasteStatus.showRemainingTime($.PrivateBin.Helper.PasteFactory({'meta': {
+                    'burnafterreading': burnafterreading,
+                    'remaining_time': remainingTime
+                }}));
+                if (burnafterreading) {
+                    result = $('#remainingtime').hasClass('foryoureyesonly') &&
+                            !$('#remainingtime').hasClass('hidden');
+                } else if (remainingTime) {
+                    result =!$('#remainingtime').hasClass('foryoureyesonly') &&
+                            !$('#remainingtime').hasClass('hidden');
+                } else {
+                    result = $('#remainingtime').hasClass('hidden') &&
+                            !$('#remainingtime').hasClass('foryoureyesonly');
+                }
+                clean();
+                return result;
+            }
+        );
+
+        jsc.property(
+            'shows burn after reading message or remaining time v2',
+            'bool',
+            'nat',
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscA2zString()),
+            jsc.nearray(common.jscQueryString()),
+            'string',
+            function (
+                burnafterreading, remainingTime,
+                schema, address, query, fragment
+            ) {
+                var clean = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') +
+                             '/?' + query.join('') + '#' + fragment
+                    }),
+                    result;
+                $('body').html('<div id="remainingtime" class="hidden"></div>');
+                $.PrivateBin.PasteStatus.init();
+                $.PrivateBin.PasteStatus.showRemainingTime($.PrivateBin.Helper.PasteFactory({
+                    'adata': [null, null, null, burnafterreading],
+                    'v': 2,
+                    'meta': {
+                        'time_to_live': remainingTime
+                    }
+                }));
+                if (burnafterreading) {
+                    result = $('#remainingtime').hasClass('foryoureyesonly') &&
+                            !$('#remainingtime').hasClass('hidden');
+                } else if (remainingTime) {
+                    result =!$('#remainingtime').hasClass('foryoureyesonly') &&
+                            !$('#remainingtime').hasClass('hidden');
+                } else {
+                    result = $('#remainingtime').hasClass('hidden') &&
+                            !$('#remainingtime').hasClass('foryoureyesonly');
+                }
+                clean();
+                return result;
+            }
+        );
+    });
+
+    describe('hideMessages', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'hides all messages',
+            function() {
+                $('body').html(
+                    '<div id="remainingtime"></div><div id="pastesuccess"></div>'
+                );
+                $.PrivateBin.PasteStatus.init();
+                $.PrivateBin.PasteStatus.hideMessages();
+                assert.ok(
+                    $('#remainingtime').hasClass('hidden') &&
+                    $('#pastesuccess').hasClass('hidden')
+                );
+            }
+        );
+    });
+});
+
--- a/js/test/PasteViewer.js
+++ b/js/test/PasteViewer.js
@@ -0,0 +1,121 @@
+'use strict';
+var common = require('../common');
+
+describe('PasteViewer', function () {
+    describe('run, hide, getText, setText, getFormat, setFormat & isPrettyPrinted', function () {
+        this.timeout(30000);
+        before(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'displays text according to format',
+            common.jscFormats(),
+            'nestring',
+            function (format, text) {
+                var clean = jsdom(),
+                    results = [];
+                $('body').html(
+                    '<div id="placeholder" class="hidden">+++ no paste text ' +
+                    '+++</div><div id="prettymessage" class="hidden"><pre ' +
+                    'id="prettyprint" class="prettyprint linenums:1"></pre>' +
+                    '</div><div id="plaintext" class="hidden"></div>'
+                );
+                $.PrivateBin.PasteViewer.init();
+                $.PrivateBin.PasteViewer.setFormat(format);
+                $.PrivateBin.PasteViewer.setText('');
+                results.push(
+                    $('#placeholder').hasClass('hidden') &&
+                    $('#prettymessage').hasClass('hidden') &&
+                    $('#plaintext').hasClass('hidden') &&
+                    $.PrivateBin.PasteViewer.getFormat() === format &&
+                    $.PrivateBin.PasteViewer.getText() === ''
+                );
+                $.PrivateBin.PasteViewer.run();
+                results.push(
+                    !$('#placeholder').hasClass('hidden') &&
+                    $('#prettymessage').hasClass('hidden') &&
+                    $('#plaintext').hasClass('hidden')
+                );
+                $.PrivateBin.PasteViewer.hide();
+                results.push(
+                    $('#placeholder').hasClass('hidden') &&
+                    $('#prettymessage').hasClass('hidden') &&
+                    $('#plaintext').hasClass('hidden')
+                );
+                $.PrivateBin.PasteViewer.setText(text);
+                $.PrivateBin.PasteViewer.run();
+                results.push(
+                    $('#placeholder').hasClass('hidden') &&
+                    !$.PrivateBin.PasteViewer.isPrettyPrinted() &&
+                    $.PrivateBin.PasteViewer.getText() === text
+                );
+                if (format === 'markdown') {
+                    results.push(
+                        $('#prettymessage').hasClass('hidden') &&
+                        !$('#plaintext').hasClass('hidden')
+                    );
+                } else {
+                    results.push(
+                        !$('#prettymessage').hasClass('hidden') &&
+                        $('#plaintext').hasClass('hidden')
+                    );
+                }
+                clean();
+                return results.every(element => element);
+            }
+        );
+
+        jsc.property(
+            'sanitizes XSS',
+            common.jscFormats(),
+            'string',
+            // @see    {@link https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet}
+            jsc.elements([
+                '<PLAINTEXT>',
+                '></SCRIPT>">\'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>',
+                '\'\';!--"<XSS>=&{()}',
+                '<SCRIPT SRC=http://example.com/xss.js></SCRIPT>',
+                '\'">><marquee><img src=x onerror=confirm(1)></marquee>">' +
+                '</plaintext\\></|\\><plaintext/onmouseover=prompt(1)>' +
+                '<script>prompt(1)</script>@gmail.com<isindex formaction=' +
+                'javascript:alert(/XSS/) type=submit>\'-->"></script>' +
+                '<script>alert(document.cookie)</script>"><img/id="confirm' +
+                '&lpar;1)"/alt="/"src="/"onerror=eval(id)>\'">',
+                '<IMG SRC="javascript:alert(\'XSS\');">',
+                '<IMG SRC=javascript:alert(\'XSS\')>',
+                '<IMG SRC=JaVaScRiPt:alert(\'XSS\')>',
+                '<IMG SRC=javascript:alert(&quot;XSS&quot;)>',
+                '<IMG SRC=`javascript:alert("RSnake says, \'XSS\'")`>',
+                '<a onmouseover="alert(document.cookie)">xxs link</a>',
+                '<a onmouseover=alert(document.cookie)>xxs link</a>',
+                '<IMG """><SCRIPT>alert("XSS")</SCRIPT>">',
+                '<IMG SRC=javascript:alert(String.fromCharCode(88,83,83))>',
+                '<IMG STYLE="xss:expr/*XSS*/ession(alert(\'XSS\'))">',
+                '<FRAMESET><FRAME SRC="javascript:alert(\'XSS\');"></FRAMESET>',
+                '<TABLE BACKGROUND="javascript:alert(\'XSS\')">',
+                '<TABLE><TD BACKGROUND="javascript:alert(\'XSS\')">',
+                '<SCRIPT>document.write("<SCRI");</SCRIPT>PT SRC="httx://xss.rocks/xss.js"></SCRIPT>'
+            ]),
+            'string',
+            function (format, prefix, xss, suffix) {
+                var clean = jsdom(),
+                    text = prefix + xss + suffix;
+                $('body').html(
+                    '<div id="placeholder" class="hidden">+++ no paste text ' +
+                    '+++</div><div id="prettymessage" class="hidden"><pre ' +
+                    'id="prettyprint" class="prettyprint linenums:1"></pre>' +
+                    '</div><div id="plaintext" class="hidden"></div>'
+                );
+                $.PrivateBin.PasteViewer.init();
+                $.PrivateBin.PasteViewer.setFormat(format);
+                $.PrivateBin.PasteViewer.setText(text);
+                $.PrivateBin.PasteViewer.run();
+                var result = $('body').html().indexOf(xss) === -1;
+                clean();
+                return result;
+            }
+        );
+    });
+});
+
--- a/js/test/Prompt.js
+++ b/js/test/Prompt.js
@@ -0,0 +1,44 @@
+'use strict';
+require('../common');
+
+describe('Prompt', function () {
+    // TODO: this does not test the prompt() fallback, since that isn't available
+    //       in nodejs -> replace the prompt in the "page" template with a modal
+    describe('requestPassword & getPassword', function () {
+        this.timeout(30000);
+        before(function () {
+            $.PrivateBin.Model.reset();
+            cleanup();
+        });
+
+        jsc.property(
+            'returns the password fed into the dialog',
+            'string',
+            function (password) {
+                password = password.replace(/\r+/g, '');
+                var clean = jsdom('', {url: 'ftp://example.com/?0000000000000000'});
+                $('body').html(
+                    '<div id="passwordmodal" class="modal fade" role="dialog">' +
+                    '<div class="modal-dialog"><div class="modal-content">' +
+                    '<div class="modal-body"><form id="passwordform" role="form">' +
+                    '<div class="form-group"><input id="passworddecrypt" ' +
+                    'type="password" class="form-control" placeholder="Enter ' +
+                    'password"></div><button type="submit">Decrypt</button>' +
+                    '</form></div></div></div></div>'
+                );
+                $.PrivateBin.Model.init();
+                $.PrivateBin.Prompt.init();
+                $.PrivateBin.Prompt.requestPassword();
+                $('#passworddecrypt').val(password);
+                // TODO triggers error messages in current jsDOM version, find better solution
+                //$('#passwordform').submit();
+                //var result = $.PrivateBin.Prompt.getPassword();
+                var result = $('#passworddecrypt').val();
+                $.PrivateBin.Model.reset();
+                clean();
+                return result === password;
+            }
+        );
+    });
+});
+
--- a/js/test/ServerInteraction.js
+++ b/js/test/ServerInteraction.js
@@ -0,0 +1,40 @@
+'use strict';
+require('../common');
+
+describe('ServerInteraction', function () {
+    describe('prepare', function () {
+        afterEach(async function () {
+            // pause to let async functions conclude
+            await new Promise(resolve => setTimeout(resolve, 1900));
+        });
+        this.timeout(30000);
+        it('can prepare an encrypted paste', function () {
+            jsc.assert(jsc.forall(
+                'string',
+                'string',
+                'string',
+                async function (key, password, message) {
+                    // pause to let async functions conclude
+                    await new Promise(resolve => setTimeout(resolve, 300));
+                    let clean = jsdom();
+                    window.crypto = new WebCrypto();
+                    message = message.trim();
+
+                    $.PrivateBin.ServerInteraction.prepare();
+                    $.PrivateBin.ServerInteraction.setCryptParameters(password, key);
+                    $.PrivateBin.ServerInteraction.setUnencryptedData('adata', [
+                        // encryption parameters defined by CryptTool, format, discussion, burn after reading
+                        null, 'plaintext', 0, 0
+                    ]);
+                    $.PrivateBin.ServerInteraction.setUnencryptedData('meta', {'expire': '5min'});
+                    await $.PrivateBin.ServerInteraction.setCipherMessage({'paste': message});
+                    //console.log($.PrivateBin.ServerInteraction.getData());
+                    clean();
+                    // TODO currently not testing anything and just used to generate v2 pastes for starting development of server side v2 implementation
+                    return true;
+                }
+            ),
+            {tests: 3});
+        });
+    });
+});
--- a/js/test/TopNav.js
+++ b/js/test/TopNav.js
@@ -0,0 +1,548 @@
+'use strict';
+var common = require('../common');
+
+describe('TopNav', function () {
+    describe('showViewButtons & hideViewButtons', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'displays & hides navigation elements for viewing an existing paste',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav class="navbar navbar-inverse navbar-static-top">' +
+                    '<div id="navbar" class="navbar-collapse collapse"><ul ' +
+                    'class="nav navbar-nav"><li><button id="newbutton" ' +
+                    'type="button" class="hidden btn btn-warning navbar-btn">' +
+                    '<span class="glyphicon glyphicon-file" aria-hidden="true">' +
+                    '</span> New</button><button id="clonebutton" type="button"' +
+                    ' class="hidden btn btn-warning navbar-btn">' +
+                    '<span class="glyphicon glyphicon-duplicate" ' +
+                    'aria-hidden="true"></span> Clone</button><button ' +
+                    'id="rawtextbutton" type="button" class="hidden btn ' +
+                    'btn-warning navbar-btn"><span class="glyphicon ' +
+                    'glyphicon-text-background" aria-hidden="true"></span> ' +
+                    'Raw text</button><button id="qrcodelink" type="button" ' +
+                    'data-toggle="modal" data-target="#qrcodemodal" ' +
+                    'class="hidden btn btn-warning navbar-btn"><span ' +
+                    'class="glyphicon glyphicon-qrcode" aria-hidden="true">' +
+                    '</span> QR code</button></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    $('#newbutton').hasClass('hidden') &&
+                    $('#clonebutton').hasClass('hidden') &&
+                    $('#rawtextbutton').hasClass('hidden') &&
+                    $('#qrcodelink').hasClass('hidden')
+                );
+                $.PrivateBin.TopNav.showViewButtons();
+                results.push(
+                    !$('#newbutton').hasClass('hidden') &&
+                    !$('#clonebutton').hasClass('hidden') &&
+                    !$('#rawtextbutton').hasClass('hidden') &&
+                    !$('#qrcodelink').hasClass('hidden')
+                );
+                $.PrivateBin.TopNav.hideViewButtons();
+                results.push(
+                    $('#newbutton').hasClass('hidden') &&
+                    $('#clonebutton').hasClass('hidden') &&
+                    $('#rawtextbutton').hasClass('hidden') &&
+                    $('#qrcodelink').hasClass('hidden')
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+
+    describe('showCreateButtons & hideCreateButtons', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'displays & hides navigation elements for creating a paste',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav><div id="navbar"><ul><li><button id="newbutton" ' +
+                    'type="button" class="hidden">New</button></li><li><a ' +
+                    'id="expiration" href="#" class="hidden">Expiration</a>' +
+                    '</li><li><div id="burnafterreadingoption" class="hidden">' +
+                    'Burn after reading</div></li><li><div id="opendiscussion' +
+                    'option" class="hidden">Open discussion</div></li><li>' +
+                    '<div id="password" class="hidden">Password</div></li>' +
+                    '<li id="attach" class="hidden">Attach a file</li><li>' +
+                    '<a id="formatter" href="#" class="hidden">Format</a>' +
+                    '</li><li><button id="sendbutton" type="button" ' +
+                    'class="hidden">Send</button></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    $('#sendbutton').hasClass('hidden') &&
+                    $('#expiration').hasClass('hidden') &&
+                    $('#formatter').hasClass('hidden') &&
+                    $('#burnafterreadingoption').hasClass('hidden') &&
+                    $('#opendiscussionoption').hasClass('hidden') &&
+                    $('#newbutton').hasClass('hidden') &&
+                    $('#password').hasClass('hidden') &&
+                    $('#attach').hasClass('hidden')
+                );
+                $.PrivateBin.TopNav.showCreateButtons();
+                results.push(
+                    !$('#sendbutton').hasClass('hidden') &&
+                    !$('#expiration').hasClass('hidden') &&
+                    !$('#formatter').hasClass('hidden') &&
+                    !$('#burnafterreadingoption').hasClass('hidden') &&
+                    !$('#opendiscussionoption').hasClass('hidden') &&
+                    !$('#newbutton').hasClass('hidden') &&
+                    !$('#password').hasClass('hidden') &&
+                    !$('#attach').hasClass('hidden')
+                );
+                $.PrivateBin.TopNav.hideCreateButtons();
+                results.push(
+                    $('#sendbutton').hasClass('hidden') &&
+                    $('#expiration').hasClass('hidden') &&
+                    $('#formatter').hasClass('hidden') &&
+                    $('#burnafterreadingoption').hasClass('hidden') &&
+                    $('#opendiscussionoption').hasClass('hidden') &&
+                    $('#newbutton').hasClass('hidden') &&
+                    $('#password').hasClass('hidden') &&
+                    $('#attach').hasClass('hidden')
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+
+    describe('showNewPasteButton', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'displays the button for creating a paste',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav><div id="navbar"><ul><li><button id="newbutton" type=' +
+                    '"button" class="hidden">New</button></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    $('#newbutton').hasClass('hidden')
+                );
+                $.PrivateBin.TopNav.showNewPasteButton();
+                results.push(
+                    !$('#newbutton').hasClass('hidden')
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+
+    describe('hideCloneButton', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'hides the button for cloning a paste',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav><div id="navbar"><ul><li><button id="clonebutton" ' +
+                    'type="button" class="btn btn-warning navbar-btn">' +
+                    '<span class="glyphicon glyphicon-duplicate" aria-hidden=' +
+                    '"true"></span> Clone</button></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    !$('#clonebutton').hasClass('hidden')
+                );
+                $.PrivateBin.TopNav.hideCloneButton();
+                results.push(
+                    $('#clonebutton').hasClass('hidden')
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+
+    describe('hideRawButton', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'hides the raw text button',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav><div id="navbar"><ul><li><button ' +
+                    'id="rawtextbutton" type="button" class="btn ' +
+                    'btn-warning navbar-btn"><span class="glyphicon ' +
+                    'glyphicon-text-background" aria-hidden="true"></span> ' +
+                    'Raw text</button></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    !$('#rawtextbutton').hasClass('hidden')
+                );
+                $.PrivateBin.TopNav.hideRawButton();
+                results.push(
+                    $('#rawtextbutton').hasClass('hidden')
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+
+    describe('hideFileSelector', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'hides the file attachment selection button',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav><div id="navbar"><ul><li id="attach" class="hidden ' +
+                    'dropdown"><a href="#" class="dropdown-toggle" data-' +
+                    'toggle="dropdown" role="button" aria-haspopup="true" ' +
+                    'aria-expanded="false">Attach a file <span class="caret">' +
+                    '</span></a><ul class="dropdown-menu"><li id="filewrap">' +
+                    '<div><input type="file" id="file" name="file" /></div>' +
+                    '</li><li id="customattachment" class="hidden"></li><li>' +
+                    '<a id="fileremovebutton"  href="#">Remove attachment</a>' +
+                    '</li></ul></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    !$('#filewrap').hasClass('hidden')
+                );
+                $.PrivateBin.TopNav.hideFileSelector();
+                results.push(
+                    $('#filewrap').hasClass('hidden')
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+
+    describe('showCustomAttachment', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'display the custom file attachment',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav><div id="navbar"><ul><li id="attach" class="hidden ' +
+                    'dropdown"><a href="#" class="dropdown-toggle" data-' +
+                    'toggle="dropdown" role="button" aria-haspopup="true" ' +
+                    'aria-expanded="false">Attach a file <span class="caret">' +
+                    '</span></a><ul class="dropdown-menu"><li id="filewrap">' +
+                    '<div><input type="file" id="file" name="file" /></div>' +
+                    '</li><li id="customattachment" class="hidden"></li><li>' +
+                    '<a id="fileremovebutton"  href="#">Remove attachment</a>' +
+                    '</li></ul></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    $('#customattachment').hasClass('hidden')
+                );
+                $.PrivateBin.TopNav.showCustomAttachment();
+                results.push(
+                    !$('#customattachment').hasClass('hidden')
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+
+    describe('collapseBar', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'collapses the navigation when displayed on a small screen',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav><div class="navbar-header"><button type="button" ' +
+                    'class="navbar-toggle collapsed" data-toggle="collapse" ' +
+                    'data-target="#navbar" aria-expanded="false" aria-controls' +
+                    '="navbar">Toggle navigation</button><a class="reloadlink ' +
+                    'navbar-brand" href=""><img alt="PrivateBin" ' +
+                    'src="img/icon.svg" width="38" /></a></div><div ' +
+                    'id="navbar"><ul><li><button id="newbutton" type=' +
+                    '"button" class="hidden">New</button></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    $('.navbar-toggle').hasClass('collapsed') &&
+                    $('#navbar').attr('aria-expanded') != 'true'
+                );
+                $.PrivateBin.TopNav.collapseBar();
+                results.push(
+                    $('.navbar-toggle').hasClass('collapsed') &&
+                    $('#navbar').attr('aria-expanded') != 'true'
+                );
+                $('.navbar-toggle').click();
+                results.push(
+                    !$('.navbar-toggle').hasClass('collapsed') &&
+                    $('#navbar').attr('aria-expanded') == 'true'
+                );
+                $.PrivateBin.TopNav.collapseBar();
+                results.push(
+                    $('.navbar-toggle').hasClass('collapsed') &&
+                    $('#navbar').attr('aria-expanded') == 'false'
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+
+    describe('getExpiration', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'returns the currently selected expiration date',
+            function () {
+                $.PrivateBin.TopNav.init();
+                assert.ok($.PrivateBin.TopNav.getExpiration() === '1week');
+            }
+        );
+    });
+
+    describe('getFileList', function () {
+        before(function () {
+            cleanup();
+        });
+
+        var File = window.File,
+            FileList = window.FileList,
+            path = require('path'),
+            mime = require('mime-types');
+
+        // mocking file input as per https://github.com/jsdom/jsdom/issues/1272
+        function createFile(file_path) {
+            var file = fs.statSync(file_path),
+                lastModified = file.mtimeMs,
+                size = file.size;
+
+            return new File(
+                [new fs.readFileSync(file_path)],
+                path.basename(file_path),
+                {
+                    lastModified,
+                    type: mime.lookup(file_path) || '',
+                }
+            )
+        }
+
+        function addFileList(input, file_paths) {
+            if (typeof file_paths === 'string')
+                file_paths = [file_paths]
+            else if (!Array.isArray(file_paths)) {
+                throw new Error('file_paths needs to be a file path string or an Array of file path strings')
+            }
+
+            const file_list = file_paths.map(fp => createFile(fp))
+            file_list.__proto__ = Object.create(FileList.prototype)
+
+            Object.defineProperty(input, 'files', {
+                value: file_list,
+                writeable: false,
+            })
+
+            return input
+        }
+
+        it(
+            'returns the selected files',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav><div id="navbar"><ul><li id="attach" class="hidden ' +
+                    'dropdown"><a href="#" class="dropdown-toggle" data-' +
+                    'toggle="dropdown" role="button" aria-haspopup="true" ' +
+                    'aria-expanded="false">Attach a file <span class="caret">' +
+                    '</span></a><ul class="dropdown-menu"><li id="filewrap">' +
+                    '<div><input type="file" id="file" name="file" /></div>' +
+                    '</li><li id="customattachment" class="hidden"></li><li>' +
+                    '<a id="fileremovebutton"  href="#">Remove attachment</a>' +
+                    '</li></ul></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    $.PrivateBin.TopNav.getFileList() === null
+                );
+                addFileList($('#file')[0], [
+                    '../img/logo.svg',
+                    '../img/busy.gif'
+                ]);
+                var files = $.PrivateBin.TopNav.getFileList();
+                results.push(
+                    files[0].name === 'logo.svg' &&
+                    files[1].name === 'busy.gif'
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+
+    describe('getBurnAfterReading', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'returns if the burn-after-reading checkbox was ticked',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav><div id="navbar"><ul><li id="burnafterreadingoption" ' +
+                    'class="hidden"><label><input type="checkbox" ' +
+                    'id="burnafterreading" name="burnafterreading" /> ' +
+                    'Burn after reading</label></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    !$.PrivateBin.TopNav.getBurnAfterReading()
+                );
+                $('#burnafterreading').attr('checked', 'checked');
+                results.push(
+                    $.PrivateBin.TopNav.getBurnAfterReading()
+                );
+                $('#burnafterreading').removeAttr('checked');
+                results.push(
+                    !$.PrivateBin.TopNav.getBurnAfterReading()
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+
+    describe('getOpenDiscussion', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'returns if the open-discussion checkbox was ticked',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav><div id="navbar"><ul><li id="opendiscussionoption" ' +
+                    'class="hidden"><label><input type="checkbox" ' +
+                    'id="opendiscussion" name="opendiscussion" /> ' +
+                    'Open discussion</label></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    !$.PrivateBin.TopNav.getOpenDiscussion()
+                );
+                $('#opendiscussion').attr('checked', 'checked');
+                results.push(
+                    $.PrivateBin.TopNav.getOpenDiscussion()
+                );
+                $('#opendiscussion').removeAttr('checked');
+                results.push(
+                    !$.PrivateBin.TopNav.getOpenDiscussion()
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+
+
+    describe('getPassword', function () {
+        before(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'returns the contents of the password input',
+            'string',
+            function (password) {
+                password = password.replace(/\r+/g, '');
+                var results = [];
+                $('body').html(
+                    '<nav><div id="navbar"><ul><li><div id="password" ' +
+                    'class="navbar-form hidden"><input type="password" ' +
+                    'id="passwordinput" placeholder="Password (recommended)" ' +
+                    'class="form-control" size="23" /></div></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    $.PrivateBin.TopNav.getPassword() === ''
+                );
+                $('#passwordinput').val(password);
+                results.push(
+                    $.PrivateBin.TopNav.getPassword() === password
+                );
+                $('#passwordinput').val('');
+                results.push(
+                    $.PrivateBin.TopNav.getPassword() === ''
+                );
+                cleanup();
+                return results.every(element => element);
+            }
+        );
+    });
+
+    describe('getCustomAttachment', function () {
+        before(function () {
+            cleanup();
+        });
+
+        it(
+            'returns the custom attachment element',
+            function () {
+                var results = [];
+                $('body').html(
+                    '<nav><div id="navbar"><ul><li id="attach" class="hidden ' +
+                    'dropdown"><a href="#" class="dropdown-toggle" data-' +
+                    'toggle="dropdown" role="button" aria-haspopup="true" ' +
+                    'aria-expanded="false">Attach a file <span class="caret">' +
+                    '</span></a><ul class="dropdown-menu"><li id="filewrap">' +
+                    '<div><input type="file" id="file" name="file" /></div>' +
+                    '</li><li id="customattachment" class="hidden"></li><li>' +
+                    '<a id="fileremovebutton"  href="#">Remove attachment</a>' +
+                    '</li></ul></li></ul></div></nav>'
+                );
+                $.PrivateBin.TopNav.init();
+                results.push(
+                    !$.PrivateBin.TopNav.getCustomAttachment().hasClass('test')
+                );
+                $('#customattachment').addClass('test');
+                results.push(
+                    $.PrivateBin.TopNav.getCustomAttachment().hasClass('test')
+                );
+                cleanup();
+                assert.ok(results.every(element => element));
+            }
+        );
+    });
+});
+
--- a/js/test/UiHelper.js
+++ b/js/test/UiHelper.js
@@ -0,0 +1,124 @@
+'use strict';
+var common = require('../common');
+
+describe('UiHelper', function () {
+    // TODO: As per https://github.com/tmpvar/jsdom/issues/1565 there is no navigation support in jsdom, yet.
+    // for now we use a mock function to trigger the event
+    describe('historyChange', function () {
+        this.timeout(30000);
+        beforeEach(function () {
+            $.PrivateBin.Helper.reset();
+            cleanup();
+        });
+
+        jsc.property(
+            'redirects to home, when the state is null',
+            common.jscSchemas(),
+            jsc.nearray(common.jscA2zString()),
+            function (schema, address) {
+                var expected = schema + '://' + address.join('') + '/',
+                    clean = jsdom('', {url: expected});
+
+                // make window.location.href writable
+                Object.defineProperty(window.location, 'href', {
+                    writable: true,
+                    value: window.location.href
+                });
+                $.PrivateBin.UiHelper.mockHistoryChange();
+                $.PrivateBin.Helper.reset();
+                var result = window.location.href;
+                clean();
+                return expected === result;
+            }
+        );
+
+        jsc.property(
+            'does not redirect to home, when a new paste is created',
+            common.jscSchemas(),
+            jsc.nearray(common.jscA2zString()),
+            jsc.array(common.jscQueryString()),
+            jsc.nearray(common.jscBase64String()),
+            function (schema, address, query, fragment) {
+                var expected = schema + '://' + address.join('') + '/?' +
+                               query.join('') + '#' + fragment.join(''),
+                    clean = jsdom('', {url: expected});
+
+                // make window.location.href writable
+                Object.defineProperty(window.location, 'href', {
+                    writable: true,
+                    value: window.location.href
+                });
+                $.PrivateBin.UiHelper.mockHistoryChange([
+                    {type: 'newpaste'}, '', expected
+                ]);
+                $.PrivateBin.Helper.reset();
+                var result = window.location.href;
+                clean();
+                return expected === result;
+            }
+        );
+    });
+
+    describe('reloadHome', function () {
+        this.timeout(30000);
+        before(function () {
+            $.PrivateBin.Helper.reset();
+        });
+
+        jsc.property(
+            'redirects to home',
+            common.jscSchemas(),
+            jsc.nearray(common.jscA2zString()),
+            jsc.array(common.jscQueryString()),
+            jsc.nearray(common.jscBase64String()),
+            function (schema, address, query, fragment) {
+                var expected = schema + '://' + address.join('') + '/',
+                    clean = jsdom('', {
+                        url: expected + '?' + query.join('') + '#' + fragment.join('')
+                    });
+
+                // make window.location.href writable
+                Object.defineProperty(window.location, 'href', {
+                    writable: true,
+                    value: window.location.href
+                });
+                $.PrivateBin.UiHelper.reloadHome();
+                $.PrivateBin.Helper.reset();
+                var result = window.location.href;
+                clean();
+                return expected === result;
+            }
+        );
+    });
+
+    describe('isVisible', function () {
+        // TODO As per https://github.com/tmpvar/jsdom/issues/1048 there is no layout support in jsdom, yet.
+        // once it is supported or a workaround is found, uncomment the section below
+        /*
+        before(function () {
+            $.PrivateBin.Helper.reset();
+        });
+
+        jsc.property(
+            'detect visible elements',
+            jsc.nearray(common.jscAlnumString()),
+            jsc.nearray(common.jscA2zString()),
+            function (id, element) {
+                id = id.join('');
+                element = element.join('');
+                var clean = jsdom(
+                    '<' + element + ' id="' + id + '"></' + element + '>'
+                );
+                var result = $.PrivateBin.UiHelper.isVisible($('#' + id));
+                clean();
+                return result;
+            }
+        );
+        */
+    });
+
+    describe('scrollTo', function () {
+        // TODO Did not find a way to test that, see isVisible test above
+    });
+});
+
--- a/js/test/compression-sample.txt
+++ b/js/test/compression-sample.txt
--- a/js/types.jsonld
+++ b/js/types.jsonld
@@ -0,0 +1,124 @@
+{
+	"@context": {
+		"so": "https://schema.org/",
+		"dp": "http://dbpedia.org/resource/",
+		"pb": "?jsonld=types#"
+	},
+	"Base64": {
+		"@type": "so:Text"
+	},
+	"CipherText": {
+		"@type": "pb:Base64"
+	},
+	"PasteCipherMessage": {
+		"paste": {
+			"@type": "so:Text"
+		},
+		"attachment": {
+			"@type": "so:MediaObject"
+		},
+		"attachment_name": {
+			"@type": "so:Text"
+		}
+	},
+	"CommentCipherMessage": {
+		"comment": {
+			"@type": "so:Text"
+		},
+		"nickname": {
+			"@type": "so:Text"
+		}
+	},
+	"InitializationVector": {
+		"@type": "pb:Base64"
+	},
+	"Salt": {
+		"@type": "pb:Base64"
+	},
+	"Iterations": {
+		"@type": "so:Integer",
+		"@minimum": 1
+	},
+	"KeySize": {
+		"@type": "so:Integer",
+		"@value": 256,
+		"@minimum": 128,
+		"@maximum": 256,
+		"@enum": [128, 196, 256]
+	},
+	"TagSize": {
+		"@type": "so:Integer",
+		"@value": 128,
+		"@minimum": 32,
+		"@maximum": 128,
+		"@enum": [32, 64, 96, 104, 112, 120, 128]
+	},
+	"Algorithm": {
+		"@type": "so:Text",
+		"@value": "aes"
+	},
+	"Mode": {
+		"@type": "so:Text",
+		"@value": "gcm",
+		"@enum": ["ctr", "cbc", "gcm"]
+	},
+	"Compression": {
+		"@type": "so:Text",
+		"@value": "zlib",
+		"@enum": ["zlib", "none"]
+	},
+	"Formatter": {
+		"@type": "so:Text",
+		"@value": "plaintext",
+		"@enum": ["plaintext", "syntaxhighlighting", "markdown"]
+	},
+	"Expiration": {
+		"@type": "so:Text",
+		"@value": "1week",
+		"@enum": ["5min", "10min", "1hour", "1day", "1week", "1month", "1year", "never"]
+	},
+	"OpenDiscussion": {
+		"@type": "so:Boolean",
+		"@enum": [false, true]
+	},
+	"BurnAfterReading": {
+		"@type": "so:Boolean",
+		"@enum": [false, true]
+	},
+	"CreationTime": {
+		"@type": "dp:Unix_time"
+	},
+	"RemainingSeconds": {
+		"@type": "dp:Second",
+		"@minimum": 1
+	},
+	"CipherParameters": {
+		"@container": "@list",
+		"@value": [
+			{
+				"@type": "pb:InitializationVector"
+			},
+			{
+				"@type": "pb:Salt"
+			},
+			{
+				"@type": "pb:Iterations"
+			},
+			{
+				"@type": "pb:KeySize"
+			},
+			{
+				"@type": "pb:TagSize"
+			},
+			{
+				"@type": "pb:Algorithm"
+			},
+			{
+				"@type": "pb:Mode"
+			},
+			{
+				"@type": "pb:Compression"
+			}
+		]
+	}
+}
--- a/js/zlib-1.2.11.js
+++ b/js/zlib-1.2.11.js
@@ -0,0 +1,146 @@
+'use strict';
+
+(function() {
+    let ret;
+
+    async function initialize() {
+        if (ret) return ret;
+
+        const COMPRESSION_LEVEL = 7;
+        const NO_ZLIB_HEADER = -1;
+        const CHUNK_SIZE = 32 * 1024;
+        const map = {};
+        const memory = new WebAssembly.Memory({
+            initial: 1,
+            maximum: 1024, // 64MB
+        });
+        const env = {
+            memory,
+            writeToJs(ptr, size) {
+                const o = map[ptr];
+                o.onData(new Uint8Array(memory.buffer, dstPtr, size));
+            },
+            _abort: errno => { console.error(`Error: ${errno}`) },
+            _grow: () => { },
+        };
+
+        let buff;
+        if (typeof fetch === 'undefined') {
+            buff = fs.readFileSync('zlib-1.2.11.wasm');
+        } else {
+            const resp = await fetch('js/zlib-1.2.11.wasm');
+            buff = await resp.arrayBuffer();
+        }
+        const module = await WebAssembly.compile(buff);
+        const ins = await WebAssembly.instantiate(module, { env });
+
+        const srcPtr = ins.exports._malloc(CHUNK_SIZE);
+        const dstPtr = ins.exports._malloc(CHUNK_SIZE);
+
+        class RawDef {
+            constructor() {
+                this.zstreamPtr = ins.exports._createDeflateContext(COMPRESSION_LEVEL, NO_ZLIB_HEADER);
+                map[this.zstreamPtr] = this;
+                this.offset = 0;
+                this.buff = new Uint8Array(CHUNK_SIZE);
+            }
+
+            deflate(chunk, flush) {
+                const src = new Uint8Array(memory.buffer, srcPtr, chunk.length);
+                src.set(chunk);
+                ins.exports._deflate(this.zstreamPtr, srcPtr, dstPtr, chunk.length, CHUNK_SIZE, flush);
+            }
+
+            onData(chunk) {
+                if (this.buff.length < this.offset + chunk.length) {
+                    const buff = this.buff;
+                    this.buff = new Uint8Array(this.buff.length * 2);
+                    this.buff.set(buff);
+                }
+                this.buff.set(chunk, this.offset);
+                this.offset += chunk.length;
+            }
+
+            destroy() {
+                ins.exports._freeDeflateContext(this.zstreamPtr);
+                delete map[this.zstreamPtr];
+                this.buff = null;
+            }
+
+            getBuffer() {
+                const res = new Uint8Array(this.offset);
+                for (let i = 0; i < this.offset; ++i) {
+                    res[i] = this.buff[i];
+                }
+                return res;
+            }
+        }
+
+        class RawInf {
+            constructor() {
+                this.zstreamPtr = ins.exports._createInflateContext(NO_ZLIB_HEADER);
+                map[this.zstreamPtr] = this;
+                this.offset = 0;
+                this.buff = new Uint8Array(CHUNK_SIZE);
+            }
+
+            inflate(chunk) {
+                const src = new Uint8Array(memory.buffer, srcPtr, chunk.length);
+                src.set(chunk);
+                ins.exports._inflate(this.zstreamPtr, srcPtr, dstPtr, chunk.length, CHUNK_SIZE);
+            }
+
+            onData(chunk) {
+                if (this.buff.length < this.offset + chunk.length) {
+                    const buff = this.buff;
+                    this.buff = new Uint8Array(this.buff.length * 2);
+                    this.buff.set(buff);
+                }
+                this.buff.set(chunk, this.offset);
+                this.offset += chunk.length;
+            }
+
+            destroy() {
+                ins.exports._freeInflateContext(this.zstreamPtr);
+                delete map[this.zstreamPtr];
+                this.buff = null;
+            }
+
+            getBuffer() {
+                const res = new Uint8Array(this.offset);
+                for (let i = 0; i < this.offset; ++i) {
+                    res[i] = this.buff[i];
+                }
+                return res;
+            }
+        }
+
+        ret = {
+                inflate(rawDeflateBuffer) {
+                    const rawInf = new RawInf();
+                    for (let offset = 0; offset < rawDeflateBuffer.length; offset += CHUNK_SIZE) {
+                        const end = Math.min(offset + CHUNK_SIZE, rawDeflateBuffer.length);
+                        const chunk = rawDeflateBuffer.subarray(offset, end);
+                        rawInf.inflate(chunk);
+                    }
+                    const ret = rawInf.getBuffer();
+                    rawInf.destroy();
+                    return ret;
+                },
+                deflate(rawInflateBuffer) {
+                    const rawDef = new RawDef();
+                    for (let offset = 0; offset < rawInflateBuffer.length; offset += CHUNK_SIZE) {
+                        const end = Math.min(offset + CHUNK_SIZE, rawInflateBuffer.length);
+                        const chunk = rawInflateBuffer.subarray(offset, end);
+                        rawDef.deflate(chunk, rawInflateBuffer.length <= offset + CHUNK_SIZE);
+                    }
+                    const ret = rawDef.getBuffer();
+                    rawDef.destroy();
+                    return ret;
+                },
+        }
+
+        return ret;
+    }
+    this.zlib = initialize();
+}).call(this);
--- a/js/zlib-1.2.11.wasm
+++ b/js/zlib-1.2.11.wasm
--- a/lib/.htaccess
+++ b/lib/.htaccess
@@ -1,2 +1 @@
-Allow from none
-Deny from all
+Require all denied
--- a/lib/Configuration.php
+++ b/lib/Configuration.php
@@ -7,13 +7,14 @@
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.1
+ * @version   1.3
 */

 namespace PrivateBin;

 use Exception;
 use PDO;
+use PrivateBin\Persistence\DataStore;

 /**
 * Configuration
@@ -50,13 +51,15 @@ class Configuration
            'languageselection'        => false,
            'languagedefault'          => '',
            'urlshortener'             => '',
+            'qrcode'                   => true,
            'icon'                     => 'identicon',
-            'cspheader'                => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data:; referrer no-referrer; sandbox allow-same-origin allow-scripts allow-forms allow-popups',
+            'cspheader'                => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\' \'unsafe-eval\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals',
            'zerobincompatibility'     => false,
+            'httpwarning'              => true,
+            'compression'              => 'zlib',
        ),
        'expire' => array(
            'default' => '1week',
-            'clone'   => true,
        ),
        'expire_options' => array(
            '5min'   => 300,
@@ -99,7 +102,20 @@ class Configuration
    public function __construct()
    {
        $config     = array();
-        $configFile = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini';
+        $configFile = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.php';
+        $configIni  = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini';
+
+        // rename INI files to avoid configuration leakage
+        if (is_readable($configIni)) {
+            DataStore::prependRename($configIni, $configFile, ';');
+
+            // cleanup sample, too
+            $configIniSample = $configIni . '.sample';
+            if (is_readable($configIniSample)) {
+                DataStore::prependRename($configIniSample, PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php', ';');
+            }
+        }
+
        if (is_readable($configFile)) {
            $config = parse_ini_file($configFile, true);
            foreach (array('main', 'model', 'model_options') as $section) {
@@ -108,6 +124,7 @@ class Configuration
                }
            }
        }
+
        $opts = '_options';
        foreach (self::getDefaults() as $section => $values) {
            // fill missing sections with default values
@@ -196,7 +213,7 @@ class Configuration
    /**
     * get configuration as array
     *
-     * return array
+     * @return array
     */
    public function get()
    {
@@ -206,7 +223,7 @@ class Configuration
    /**
     * get default configuration as array
     *
-     * return array
+     * @return array
     */
    public static function getDefaults()
    {
@@ -219,7 +236,7 @@ class Configuration
     * @param string $key
     * @param string $section defaults to main
     * @throws Exception
-     * return mixed
+     * @return mixed
     */
    public function getKey($key, $section = 'main')
    {
@@ -235,7 +252,7 @@ class Configuration
     *
     * @param string $section
     * @throws Exception
-     * return mixed
+     * @return mixed
     */
    public function getSection($section)
    {
--- a/lib/Controller.php
+++ b/lib/Controller.php
@@ -7,7 +7,7 @@
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.1
+ * @version   1.3
 */

 namespace PrivateBin;
@@ -17,18 +17,25 @@ use PrivateBin\Persistence\ServerSalt;
 use PrivateBin\Persistence\TrafficLimiter;

 /**
- * PrivateBin
+ * Controller
 *
- * Controller, puts it all together.
+ * Puts it all together.
 */
-class PrivateBin
+class Controller
 {
    /**
     * version
     *
     * @const string
     */
-    const VERSION = '1.1';
+    const VERSION = '1.3';
+
+    /**
+     * minimal required PHP version
+     *
+     * @const string
+     */
+    const MIN_PHP_VERSION = '5.5.0';

    /**
     * show the same error message if the paste expired or does not exist
@@ -45,22 +52,6 @@ class PrivateBin
     */
    private $_conf;

-    /**
-     * data
-     *
-     * @access private
-     * @var    string
-     */
-    private $_data = '';
-
-    /**
-     * does the paste expire
-     *
-     * @access private
-     * @var    bool
-     */
-    private $_doesExpire = false;
-
    /**
     * error message
     *
@@ -116,12 +107,11 @@ class PrivateBin
     *
     * @access public
     * @throws Exception
-     * @return void
     */
    public function __construct()
    {
-        if (version_compare(PHP_VERSION, '5.3.0') < 0) {
-            throw new Exception(I18n::_('%s requires php 5.3.0 or above to work. Sorry.', I18n::_('PrivateBin')), 1);
+        if (version_compare(PHP_VERSION, self::MIN_PHP_VERSION) < 0) {
+            throw new Exception(I18n::_('%s requires php %s or above to work. Sorry.', I18n::_('PrivateBin'), self::MIN_PHP_VERSION), 1);
        }
        if (strlen(PATH) < 0 && substr(PATH, -1) !== DIRECTORY_SEPARATOR) {
            throw new Exception(I18n::_('%s requires the PATH to end in a "%s". Please update the PATH in your index.php.', I18n::_('PrivateBin'), DIRECTORY_SEPARATOR), 5);
@@ -161,29 +151,17 @@ class PrivateBin
    }

    /**
-     * initialize privatebin
+     * initialize PrivateBin
     *
     * @access private
-     * @return void
+     * @throws Exception
     */
    private function _init()
    {
-        foreach (array('cfg', 'lib') as $dir) {
-            if (!is_file(PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess')) {
-                file_put_contents(
-                PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess',
-                'Allow from none' . PHP_EOL .
-                'Deny from all' . PHP_EOL,
-                LOCK_EX
-            );
-            }
-        }
-
        $this->_conf    = new Configuration;
        $this->_model   = new Model($this->_conf);
        $this->_request = new Request;
-        $this->_urlBase = array_key_exists('REQUEST_URI', $_SERVER) ?
-            htmlspecialchars($_SERVER['REQUEST_URI']) : '/';
+        $this->_urlBase = $this->_request->getRequestUri();
        ServerSalt::setPath($this->_conf->getKey('dir', 'traffic'));

        // set default language
@@ -200,16 +178,16 @@ class PrivateBin
     * Store new paste or comment
     *
     * POST contains one or both:
-     * data = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
-     * attachment = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
+     * data = json encoded FormatV2 encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
+     * attachment = json encoded FormatV2 encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
     *
     * All optional data will go to meta information:
     * expire (optional) = expiration delay (never,5min,10min,1hour,1day,1week,1month,1year,burn) (default:never)
     * formatter (optional) = format to display the paste as (plaintext,syntaxhighlighting,markdown) (default:syntaxhighlighting)
     * burnafterreading (optional) = if this paste may only viewed once ? (0/1) (default:0)
     * opendiscusssion (optional) = is the discussion allowed on this paste ? (0/1) (default:0)
-     * attachmentname = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
-     * nickname (optional) = in discussion, encoded SJCL encrypted text nickname of author of comment (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
+     * attachmentname = json encoded FormatV2 encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
+     * nickname (optional) = in discussion, encoded FormatV2 encrypted text nickname of author of comment (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
     * parentid (optional) = in discussion, which comment this comment replies to.
     * pasteid (optional) = in discussion, which paste this comment belongs to.
     *
@@ -221,59 +199,52 @@ class PrivateBin
        // Ensure last paste from visitors IP address was more than configured amount of seconds ago.
        TrafficLimiter::setConfiguration($this->_conf);
        if (!TrafficLimiter::canPass()) {
-            return $this->_return_message(
-            1, I18n::_(
-                'Please wait %d seconds between each post.',
-                $this->_conf->getKey('limit', 'traffic')
-            )
-        );
+            $this->_return_message(
+                1, I18n::_(
+                    'Please wait %d seconds between each post.',
+                    $this->_conf->getKey('limit', 'traffic')
+                )
+            );
+            return;
        }

-        $data           = $this->_request->getParam('data');
-        $attachment     = $this->_request->getParam('attachment');
-        $attachmentname = $this->_request->getParam('attachmentname');
-
-        // Ensure content is not too big.
+        $data      = $this->_request->getData();
+        $isComment = array_key_exists('pasteid', $data) &&
+            !empty($data['pasteid']) &&
+            array_key_exists('parentid', $data) &&
+            !empty($data['parentid']);
+        if (!FormatV2::isValid($data, $isComment)) {
+            $this->_return_message(1, I18n::_('Invalid data.'));
+            return;
+        }
        $sizelimit = $this->_conf->getKey('sizelimit');
-        if (
-            strlen($data) + strlen($attachment) + strlen($attachmentname) > $sizelimit
-        ) {
-            return $this->_return_message(
-            1,
-            I18n::_(
-                'Paste is limited to %s of encrypted data.',
-                Filter::formatHumanReadableSize($sizelimit)
-            )
-        );
-        }
-
-        // Ensure attachment did not get lost due to webserver limits or Suhosin
-        if (strlen($attachmentname) > 0 && strlen($attachment) == 0) {
-            return $this->_return_message(1, 'Attachment missing in data received by server. Please check your webserver or suhosin configuration for maximum POST parameter limitations.');
+        // Ensure content is not too big.
+        if (strlen($data['ct']) > $sizelimit) {
+            $this->_return_message(
+                1,
+                I18n::_(
+                    'Paste is limited to %s of encrypted data.',
+                    Filter::formatHumanReadableSize($sizelimit)
+                )
+            );
+            return;
        }

        // The user posts a comment.
-        $pasteid  = $this->_request->getParam('pasteid');
-        $parentid = $this->_request->getParam('parentid');
-        if (!empty($pasteid) && !empty($parentid)) {
-            $paste = $this->_model->getPaste($pasteid);
+        if ($isComment) {
+            $paste = $this->_model->getPaste($data['pasteid']);
            if ($paste->exists()) {
                try {
-                    $comment = $paste->getComment($parentid);
-
-                    $nickname = $this->_request->getParam('nickname');
-                    if (!empty($nickname)) {
-                        $comment->setNickname($nickname);
-                    }
-
+                    $comment = $paste->getComment($data['parentid']);
                    $comment->setData($data);
                    $comment->store();
                } catch (Exception $e) {
-                    return $this->_return_message(1, $e->getMessage());
+                    $this->_return_message(1, $e->getMessage());
+                    return;
                }
                $this->_return_message(0, $comment->getId());
            } else {
-                $this->_return_message(1, 'Invalid data.');
+                $this->_return_message(1, I18n::_('Invalid data.'));
            }
        }
        // The user posts a standard paste.
@@ -282,34 +253,6 @@ class PrivateBin
            $paste = $this->_model->getPaste();
            try {
                $paste->setData($data);
-
-                if (!empty($attachment)) {
-                    $paste->setAttachment($attachment);
-                    if (!empty($attachmentname)) {
-                        $paste->setAttachmentName($attachmentname);
-                    }
-                }
-
-                $expire = $this->_request->getParam('expire');
-                if (!empty($expire)) {
-                    $paste->setExpiration($expire);
-                }
-
-                $burnafterreading = $this->_request->getParam('burnafterreading');
-                if (!empty($burnafterreading)) {
-                    $paste->setBurnafterreading($burnafterreading);
-                }
-
-                $opendiscussion = $this->_request->getParam('opendiscussion');
-                if (!empty($opendiscussion)) {
-                    $paste->setOpendiscussion($opendiscussion);
-                }
-
-                $formatter = $this->_request->getParam('formatter');
-                if (!empty($formatter)) {
-                    $paste->setFormatter($formatter);
-                }
-
                $paste->store();
            } catch (Exception $e) {
                return $this->_return_message(1, $e->getMessage());
@@ -324,29 +267,23 @@ class PrivateBin
     * @access private
     * @param  string $dataid
     * @param  string $deletetoken
-     * @return void
     */
    private function _delete($dataid, $deletetoken)
    {
        try {
            $paste = $this->_model->getPaste($dataid);
            if ($paste->exists()) {
-                // accessing this property ensures that the paste would be
+                // accessing this method ensures that the paste would be
                // deleted if it has already expired
-                $burnafterreading = $paste->isBurnafterreading();
+                $paste->get();
                if (
-                    ($burnafterreading && $deletetoken == 'burnafterreading') ||
                    Filter::slowEquals($deletetoken, $paste->getDeleteToken())
                ) {
                    // Paste exists and deletion token is valid: Delete the paste.
                    $paste->delete();
                    $this->_status = 'Paste was properly deleted.';
                } else {
-                    if (!$burnafterreading && $deletetoken == 'burnafterreading') {
-                        $this->_error = 'Paste is not of burn-after-reading type.';
-                    } else {
-                        $this->_error = 'Wrong deletion token. Paste was not deleted.';
-                    }
+                    $this->_error = 'Wrong deletion token. Paste was not deleted.';
                }
            } else {
                $this->_error = self::GENERIC_ERROR;
@@ -364,44 +301,37 @@ class PrivateBin
    }

    /**
-     * Read an existing paste or comment
+     * Read an existing paste or comment, only allowed via a JSON API call
     *
     * @access private
     * @param  string $dataid
-     * @return void
     */
    private function _read($dataid)
    {
+        if (!$this->_request->isJsonApiCall()) {
+            return;
+        }
+
        try {
            $paste = $this->_model->getPaste($dataid);
            if ($paste->exists()) {
-                $data              = $paste->get();
-                $this->_doesExpire = property_exists($data, 'meta') && property_exists($data->meta, 'expire_date');
-                if (property_exists($data->meta, 'salt')) {
-                    unset($data->meta->salt);
+                $data = $paste->get();
+                if (array_key_exists('salt', $data['meta'])) {
+                    unset($data['meta']['salt']);
                }
-                $this->_data = json_encode($data);
+                $this->_return_message(0, $dataid, (array) $data);
            } else {
-                $this->_error = self::GENERIC_ERROR;
+                $this->_return_message(1, self::GENERIC_ERROR);
            }
        } catch (Exception $e) {
-            $this->_error = $e->getMessage();
-        }
-
-        if ($this->_request->isJsonApiCall()) {
-            if (strlen($this->_error)) {
-                $this->_return_message(1, $this->_error);
-            } else {
-                $this->_return_message(0, $dataid, json_decode($this->_data, true));
-            }
+            $this->_return_message(1, $e->getMessage());
        }
    }

    /**
-     * Display PrivateBin frontend.
+     * Display frontend.
     *
     * @access private
-     * @return void
     */
    private function _view()
    {
@@ -413,6 +343,7 @@ class PrivateBin
        header('Last-Modified: ' . $time);
        header('Vary: Accept');
        header('Content-Security-Policy: ' . $this->_conf->getKey('cspheader'));
+        header('Referrer-Policy: no-referrer');
        header('X-Xss-Protection: 1; mode=block');
        header('X-Frame-Options: DENY');
        header('X-Content-Type-Options: nosniff');
@@ -435,7 +366,6 @@ class PrivateBin

        $page = new View;
        $page->assign('NAME', $this->_conf->getKey('name'));
-        $page->assign('CIPHERDATA', $this->_data);
        $page->assign('ERROR', I18n::_($this->_error));
        $page->assign('STATUS', I18n::_($this->_status));
        $page->assign('VERSION', self::VERSION);
@@ -455,8 +385,10 @@ class PrivateBin
        $page->assign('LANGUAGES', I18n::getLanguageLabels(I18n::getAvailableLanguages()));
        $page->assign('EXPIRE', $expire);
        $page->assign('EXPIREDEFAULT', $this->_conf->getKey('default', 'expire'));
-        $page->assign('EXPIRECLONE', !$this->_doesExpire || ($this->_doesExpire && $this->_conf->getKey('clone', 'expire')));
        $page->assign('URLSHORTENER', $this->_conf->getKey('urlshortener'));
+        $page->assign('QRCODE', $this->_conf->getKey('qrcode'));
+        $page->assign('HTTPWARNING', $this->_conf->getKey('httpwarning'));
+        $page->assign('COMPRESSION', $this->_conf->getKey('compression'));
        $page->draw($this->_conf->getKey('template'));
    }

@@ -465,7 +397,6 @@ class PrivateBin
     *
     * @access private
     * @param string $type
-     * @return void
     */
    private function _jsonld($type)
    {
@@ -498,7 +429,6 @@ class PrivateBin
     * @param  int $status
     * @param  string $message
     * @param  array $other
-     * @return void
     */
    private function _return_message($status, $message, $other = array())
    {
@@ -510,6 +440,6 @@ class PrivateBin
            $result['url'] = $this->_urlBase . '?' . $message;
        }
        $result += $other;
-        $this->_json = json_encode($result);
+        $this->_json = Json::encode($result);
    }
 }
--- a/lib/Data/AbstractData.php
+++ b/lib/Data/AbstractData.php
@@ -7,13 +7,11 @@
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.1
+ * @version   1.3
 */

 namespace PrivateBin\Data;

-use stdClass;
-
 /**
 * AbstractData
 *
@@ -58,9 +56,9 @@ abstract class AbstractData
     * @access public
     * @static
     * @param  array $options
-     * @return privatebin_abstract
+     * @return AbstractData
     */
-    public static function getInstance($options)
+    public static function getInstance(array $options)
    {
    }

@@ -72,14 +70,14 @@ abstract class AbstractData
     * @param  array  $paste
     * @return bool
     */
-    abstract public function create($pasteid, $paste);
+    abstract public function create($pasteid, array $paste);

    /**
     * Read a paste.
     *
     * @access public
     * @param  string $pasteid
-     * @return stdClass|false
+     * @return array|false
     */
    abstract public function read($pasteid);

@@ -88,7 +86,6 @@ abstract class AbstractData
     *
     * @access public
     * @param  string $pasteid
-     * @return void
     */
    abstract public function delete($pasteid);

@@ -111,7 +108,7 @@ abstract class AbstractData
     * @param  array  $comment
     * @return bool
     */
-    abstract public function createComment($pasteid, $parentid, $commentid, $comment);
+    abstract public function createComment($pasteid, $parentid, $commentid, array $comment);

    /**
     * Read all comments of paste.
@@ -147,7 +144,6 @@ abstract class AbstractData
     *
     * @access public
     * @param  int $batchsize
-     * @return void
     */
    public function purge($batchsize)
    {
@@ -165,12 +161,12 @@ abstract class AbstractData
    /**
     * Get next free slot for comment from postdate.
     *
-     * @access public
+     * @access protected
     * @param  array $comments
     * @param  int|string $postdate
     * @return int|string
     */
-    protected function getOpenSlot(&$comments, $postdate)
+    protected function getOpenSlot(array &$comments, $postdate)
    {
        if (array_key_exists($postdate, $comments)) {
            $parts = explode('.', $postdate, 2);
@@ -182,4 +178,25 @@ abstract class AbstractData
        }
        return $postdate;
    }
+
+    /**
+     * Upgrade pre-version 1 pastes with attachment to version 1 format.
+     *
+     * @access protected
+     * @static
+     * @param  array $paste
+     * @return array
+     */
+    protected static function upgradePreV1Format(array $paste)
+    {
+        if (array_key_exists('attachment', $paste['meta'])) {
+            $paste['attachment'] = $paste['meta']['attachment'];
+            unset($paste['meta']['attachment']);
+            if (array_key_exists('attachmentname', $paste['meta'])) {
+                $paste['attachmentname'] = $paste['meta']['attachmentname'];
+                unset($paste['meta']['attachmentname']);
+            }
+        }
+        return $paste;
+    }
 }
--- a/lib/Data/Database.php
+++ b/lib/Data/Database.php
@@ -7,7 +7,7 @@
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.1
+ * @version   1.3
 */

 namespace PrivateBin\Data;
@@ -15,8 +15,8 @@ namespace PrivateBin\Data;
 use Exception;
 use PDO;
 use PDOException;
-use PrivateBin\PrivateBin;
-use stdClass;
+use PrivateBin\Controller;
+use PrivateBin\Json;

 /**
 * Database
@@ -68,80 +68,78 @@ class Database extends AbstractData
     * @throws Exception
     * @return Database
     */
-    public static function getInstance($options = null)
+    public static function getInstance(array $options)
    {
        // if needed initialize the singleton
        if (!(self::$_instance instanceof self)) {
            self::$_instance = new self;
        }

-        if (is_array($options)) {
-            // set table prefix if given
-            if (array_key_exists('tbl', $options)) {
-                self::$_prefix = $options['tbl'];
+        // set table prefix if given
+        if (array_key_exists('tbl', $options)) {
+            self::$_prefix = $options['tbl'];
+        }
+
+        // initialize the db connection with new options
+        if (
+            array_key_exists('dsn', $options) &&
+            array_key_exists('usr', $options) &&
+            array_key_exists('pwd', $options) &&
+            array_key_exists('opt', $options)
+        ) {
+            // set default options
+            $options['opt'][PDO::ATTR_ERRMODE]          = PDO::ERRMODE_EXCEPTION;
+            $options['opt'][PDO::ATTR_EMULATE_PREPARES] = false;
+            $options['opt'][PDO::ATTR_PERSISTENT]       = true;
+            $db_tables_exist                            = true;
+
+            // setup type and dabase connection
+            self::$_type = strtolower(
+                substr($options['dsn'], 0, strpos($options['dsn'], ':'))
+            );
+            $tableQuery = self::_getTableQuery(self::$_type);
+            self::$_db  = new PDO(
+                $options['dsn'],
+                $options['usr'],
+                $options['pwd'],
+                $options['opt']
+            );
+
+            // check if the database contains the required tables
+            $tables = self::$_db->query($tableQuery)->fetchAll(PDO::FETCH_COLUMN, 0);
+
+            // create paste table if necessary
+            if (!in_array(self::_sanitizeIdentifier('paste'), $tables)) {
+                self::_createPasteTable();
+                $db_tables_exist = false;
            }

-            // initialize the db connection with new options
-            if (
-                array_key_exists('dsn', $options) &&
-                array_key_exists('usr', $options) &&
-                array_key_exists('pwd', $options) &&
-                array_key_exists('opt', $options)
-            ) {
-                // set default options
-                $options['opt'][PDO::ATTR_ERRMODE]          = PDO::ERRMODE_EXCEPTION;
-                $options['opt'][PDO::ATTR_EMULATE_PREPARES] = false;
-                $options['opt'][PDO::ATTR_PERSISTENT]       = true;
-                $db_tables_exist                            = true;
+            // create comment table if necessary
+            if (!in_array(self::_sanitizeIdentifier('comment'), $tables)) {
+                self::_createCommentTable();
+                $db_tables_exist = false;
+            }

-                // setup type and dabase connection
-                self::$_type = strtolower(
-                    substr($options['dsn'], 0, strpos($options['dsn'], ':'))
-                );
-                $tableQuery = self::_getTableQuery(self::$_type);
-                self::$_db  = new PDO(
-                    $options['dsn'],
-                    $options['usr'],
-                    $options['pwd'],
-                    $options['opt']
-                );
-
-                // check if the database contains the required tables
-                $tables = self::$_db->query($tableQuery)->fetchAll(PDO::FETCH_COLUMN, 0);
-
-                // create paste table if necessary
-                if (!in_array(self::_sanitizeIdentifier('paste'), $tables)) {
-                    self::_createPasteTable();
-                    $db_tables_exist = false;
-                }
-
-                // create comment table if necessary
-                if (!in_array(self::_sanitizeIdentifier('comment'), $tables)) {
-                    self::_createCommentTable();
-                    $db_tables_exist = false;
-                }
-
-                // create config table if necessary
-                $db_version = PrivateBin::VERSION;
-                if (!in_array(self::_sanitizeIdentifier('config'), $tables)) {
-                    self::_createConfigTable();
-                    // if we only needed to create the config table, the DB is older then 0.22
-                    if ($db_tables_exist) {
-                        $db_version = '0.21';
-                    }
-                } else {
-                    $db_version = self::_getConfig('VERSION');
-                }
-
-                // update database structure if necessary
-                if (version_compare($db_version, PrivateBin::VERSION, '<')) {
-                    self::_upgradeDatabase($db_version);
+            // create config table if necessary
+            $db_version = Controller::VERSION;
+            if (!in_array(self::_sanitizeIdentifier('config'), $tables)) {
+                self::_createConfigTable();
+                // if we only needed to create the config table, the DB is older then 0.22
+                if ($db_tables_exist) {
+                    $db_version = '0.21';
                }
            } else {
-                throw new Exception(
-                    'Missing configuration for key dsn, usr, pwd or opt in the section model_options, please check your configuration file', 6
-                );
+                $db_version = self::_getConfig('VERSION');
            }
+
+            // update database structure if necessary
+            if (version_compare($db_version, Controller::VERSION, '<')) {
+                self::_upgradeDatabase($db_version);
+            }
+        } else {
+            throw new Exception(
+                'Missing configuration for key dsn, usr, pwd or opt in the section model_options, please check your configuration file', 6
+            );
        }

        return self::$_instance;
@@ -155,7 +153,7 @@ class Database extends AbstractData
     * @param  array  $paste
     * @return bool
     */
-    public function create($pasteid, $paste)
+    public function create($pasteid, array $paste)
    {
        if (
            array_key_exists($pasteid, self::$_cache)
@@ -167,42 +165,50 @@ class Database extends AbstractData
            }
        }

-        $opendiscussion = $burnafterreading = false;
-        $attachment     = $attachmentname     = '';
-        $meta           = $paste['meta'];
-        unset($meta['postdate']);
-        $expire_date = 0;
-        if (array_key_exists('expire_date', $paste['meta'])) {
-            $expire_date = (int) $paste['meta']['expire_date'];
+        $expire_date      = 0;
+        $opendiscussion   = $burnafterreading = false;
+        $attachment       = $attachmentname   = null;
+        $meta             = $paste['meta'];
+        $isVersion1       = array_key_exists('data', $paste);
+        list($createdKey) = self::_getVersionedKeys($isVersion1 ? 1 : 2);
+        $created          = (int) $meta[$createdKey];
+        unset($meta[$createdKey], $paste['meta']);
+        if (array_key_exists('expire_date', $meta)) {
+            $expire_date = (int) $meta['expire_date'];
            unset($meta['expire_date']);
        }
-        if (array_key_exists('opendiscussion', $paste['meta'])) {
-            $opendiscussion = (bool) $paste['meta']['opendiscussion'];
+        if (array_key_exists('opendiscussion', $meta)) {
+            $opendiscussion = $meta['opendiscussion'];
            unset($meta['opendiscussion']);
        }
-        if (array_key_exists('burnafterreading', $paste['meta'])) {
-            $burnafterreading = (bool) $paste['meta']['burnafterreading'];
+        if (array_key_exists('burnafterreading', $meta)) {
+            $burnafterreading = $meta['burnafterreading'];
            unset($meta['burnafterreading']);
        }
-        if (array_key_exists('attachment', $paste['meta'])) {
-            $attachment = $paste['meta']['attachment'];
-            unset($meta['attachment']);
-        }
-        if (array_key_exists('attachmentname', $paste['meta'])) {
-            $attachmentname = $paste['meta']['attachmentname'];
-            unset($meta['attachmentname']);
+        if ($isVersion1) {
+            if (array_key_exists('attachment', $meta)) {
+                $attachment = $meta['attachment'];
+                unset($meta['attachment']);
+            }
+            if (array_key_exists('attachmentname', $meta)) {
+                $attachmentname = $meta['attachmentname'];
+                unset($meta['attachmentname']);
+            }
+        } else {
+            $opendiscussion   = $paste['adata'][2];
+            $burnafterreading = $paste['adata'][3];
        }
        return self::_exec(
            'INSERT INTO ' . self::_sanitizeIdentifier('paste') .
            ' VALUES(?,?,?,?,?,?,?,?,?)',
            array(
                $pasteid,
-                $paste['data'],
-                $paste['meta']['postdate'],
+                $isVersion1 ? $paste['data'] : Json::encode($paste),
+                $created,
                $expire_date,
                (int) $opendiscussion,
                (int) $burnafterreading,
-                json_encode($meta),
+                Json::encode($meta),
                $attachment,
                $attachmentname,
            )
@@ -214,65 +220,63 @@ class Database extends AbstractData
     *
     * @access public
     * @param  string $pasteid
-     * @return stdClass|false
+     * @return array|false
     */
    public function read($pasteid)
    {
-        if (
-            !array_key_exists($pasteid, self::$_cache)
-        ) {
-            self::$_cache[$pasteid] = false;
-            $paste                  = self::_select(
-                'SELECT * FROM ' . self::_sanitizeIdentifier('paste') .
-                ' WHERE dataid = ?', array($pasteid), true
-            );
+        if (array_key_exists($pasteid, self::$_cache)) {
+            return self::$_cache[$pasteid];
+        }

-            if (false !== $paste) {
-                // create object
-                self::$_cache[$pasteid]       = new stdClass;
-                self::$_cache[$pasteid]->data = $paste['data'];
+        self::$_cache[$pasteid] = false;
+        $paste                  = self::_select(
+            'SELECT * FROM ' . self::_sanitizeIdentifier('paste') .
+            ' WHERE dataid = ?', array($pasteid), true
+        );

-                $meta = json_decode($paste['meta']);
-                if (!is_object($meta)) {
-                    $meta = new stdClass;
-                }
+        if ($paste === false) {
+            return false;
+        }
+        // create array
+        $data       = Json::decode($paste['data']);
+        $isVersion2 = array_key_exists('v', $data) && $data['v'] >= 2;
+        if ($isVersion2) {
+            self::$_cache[$pasteid] = $data;
+            list($createdKey)       = self::_getVersionedKeys(2);
+        } else {
+            self::$_cache[$pasteid] = array('data' => $paste['data']);
+            list($createdKey)       = self::_getVersionedKeys(1);
+        }

-                // support older attachments
-                if (property_exists($meta, 'attachment')) {
-                    self::$_cache[$pasteid]->attachment = $meta->attachment;
-                    unset($meta->attachment);
-                    if (property_exists($meta, 'attachmentname')) {
-                        self::$_cache[$pasteid]->attachmentname = $meta->attachmentname;
-                        unset($meta->attachmentname);
-                    }
-                }
-                // support current attachments
-                elseif (array_key_exists('attachment', $paste) && strlen($paste['attachment'])) {
-                    self::$_cache[$pasteid]->attachment = $paste['attachment'];
-                    if (array_key_exists('attachmentname', $paste) && strlen($paste['attachmentname'])) {
-                        self::$_cache[$pasteid]->attachmentname = $paste['attachmentname'];
-                    }
-                }
-                self::$_cache[$pasteid]->meta           = $meta;
-                self::$_cache[$pasteid]->meta->postdate = (int) $paste['postdate'];
-                $expire_date                            = (int) $paste['expiredate'];
-                if (
-                    $expire_date > 0
-                ) {
-                    self::$_cache[$pasteid]->meta->expire_date = $expire_date;
-                }
-                if (
-                    $paste['opendiscussion']
-                ) {
-                    self::$_cache[$pasteid]->meta->opendiscussion = true;
-                }
-                if (
-                    $paste['burnafterreading']
-                ) {
-                    self::$_cache[$pasteid]->meta->burnafterreading = true;
-                }
+        try {
+            $paste['meta'] = Json::decode($paste['meta']);
+        } catch (Exception $e) {
+            $paste['meta'] = array();
+        }
+        $paste                                       = self::upgradePreV1Format($paste);
+        self::$_cache[$pasteid]['meta']              = $paste['meta'];
+        self::$_cache[$pasteid]['meta'][$createdKey] = (int) $paste['postdate'];
+        $expire_date                                 = (int) $paste['expiredate'];
+        if ($expire_date > 0) {
+            self::$_cache[$pasteid]['meta']['expire_date'] = $expire_date;
+        }
+        if ($isVersion2) {
+            return self::$_cache[$pasteid];
+        }
+
+        // support v1 attachments
+        if (array_key_exists('attachment', $paste) && strlen($paste['attachment'])) {
+            self::$_cache[$pasteid]['attachment'] = $paste['attachment'];
+            if (array_key_exists('attachmentname', $paste) && strlen($paste['attachmentname'])) {
+                self::$_cache[$pasteid]['attachmentname'] = $paste['attachmentname'];
            }
        }
+        if ($paste['opendiscussion']) {
+            self::$_cache[$pasteid]['meta']['opendiscussion'] = true;
+        }
+        if ($paste['burnafterreading']) {
+            self::$_cache[$pasteid]['meta']['burnafterreading'] = true;
+        }

        return self::$_cache[$pasteid];
    }
@@ -282,7 +286,6 @@ class Database extends AbstractData
     *
     * @access public
     * @param  string $pasteid
-     * @return void
     */
    public function delete($pasteid)
    {
@@ -328,11 +331,21 @@ class Database extends AbstractData
     * @param  array  $comment
     * @return bool
     */
-    public function createComment($pasteid, $parentid, $commentid, $comment)
+    public function createComment($pasteid, $parentid, $commentid, array $comment)
    {
-        foreach (array('nickname', 'vizhash') as $key) {
-            if (!array_key_exists($key, $comment['meta'])) {
-                $comment['meta'][$key] = null;
+        if (array_key_exists('data', $comment)) {
+            $version = 1;
+            $data    = $comment['data'];
+        } else {
+            $version = 2;
+            $data    = Json::encode($comment);
+        }
+        list($createdKey, $iconKey) = self::_getVersionedKeys($version);
+        $meta                       = $comment['meta'];
+        unset($comment['meta']);
+        foreach (array('nickname', $iconKey) as $key) {
+            if (!array_key_exists($key, $meta)) {
+                $meta[$key] = null;
            }
        }
        return self::_exec(
@@ -342,10 +355,10 @@ class Database extends AbstractData
                $commentid,
                $pasteid,
                $parentid,
-                $comment['data'],
-                $comment['meta']['nickname'],
-                $comment['meta']['vizhash'],
-                $comment['meta']['postdate'],
+                $data,
+                $meta['nickname'],
+                $meta[$iconKey],
+                $meta[$createdKey],
            )
        );
    }
@@ -368,18 +381,23 @@ class Database extends AbstractData
        $comments = array();
        if (count($rows)) {
            foreach ($rows as $row) {
-                $i                            = $this->getOpenSlot($comments, (int) $row['postdate']);
-                $comments[$i]                 = new stdClass;
-                $comments[$i]->id             = $row['dataid'];
-                $comments[$i]->parentid       = $row['parentid'];
-                $comments[$i]->data           = $row['data'];
-                $comments[$i]->meta           = new stdClass;
-                $comments[$i]->meta->postdate = (int) $row['postdate'];
-                if (array_key_exists('nickname', $row) && !empty($row['nickname'])) {
-                    $comments[$i]->meta->nickname = $row['nickname'];
+                $i    = $this->getOpenSlot($comments, (int) $row['postdate']);
+                $data = Json::decode($row['data']);
+                if (array_key_exists('v', $data) && $data['v'] >= 2) {
+                    $version      = 2;
+                    $comments[$i] = $data;
+                } else {
+                    $version      = 1;
+                    $comments[$i] = array('data' => $row['data']);
                }
-                if (array_key_exists('vizhash', $row) && !empty($row['vizhash'])) {
-                    $comments[$i]->meta->vizhash = $row['vizhash'];
+                list($createdKey, $iconKey) = self::_getVersionedKeys($version);
+                $comments[$i]['id']         = $row['dataid'];
+                $comments[$i]['parentid']   = $row['parentid'];
+                $comments[$i]['meta']       = array($createdKey => (int) $row['postdate']);
+                foreach (array('nickname' => 'nickname', 'vizhash' => $iconKey) as $rowKey => $commentKey) {
+                    if (array_key_exists($rowKey, $row) && !empty($row[$rowKey])) {
+                        $comments[$i]['meta'][$commentKey] = $row[$rowKey];
+                    }
                }
            }
            ksort($comments);
@@ -417,7 +435,8 @@ class Database extends AbstractData
        $pastes = array();
        $rows   = self::_select(
            'SELECT dataid FROM ' . self::_sanitizeIdentifier('paste') .
-            ' WHERE expiredate < ? AND expiredate != ? LIMIT ?', array(time(), 0, $batchsize)
+            ' WHERE expiredate < ? AND expiredate != ? LIMIT ?',
+            array(time(), 0, $batchsize)
        );
        if (count($rows)) {
            foreach ($rows as $row) {
@@ -454,7 +473,7 @@ class Database extends AbstractData
     * @param  array $params
     * @param  bool $firstOnly if only the first row should be returned
     * @throws PDOException
-     * @return array
+     * @return array|false
     */
    private static function _select($sql, array $params, $firstOnly = false)
    {
@@ -467,6 +486,22 @@ class Database extends AbstractData
        return $result;
    }

+    /**
+     * get version dependent key names
+     *
+     * @access private
+     * @static
+     * @param  int $version
+     * @return array
+     */
+    private static function _getVersionedKeys($version)
+    {
+        if ($version === 1) {
+            return array('postdate', 'vizhash');
+        }
+        return array('created', 'icon');
+    }
+
    /**
     * get table list query, depending on the database type
     *
@@ -545,7 +580,7 @@ class Database extends AbstractData
     *
     * @access private
     * @static
-     * @param string $key
+     * @param  string $key
     * @return array
     */
    private static function _getPrimaryKeyClauses($key = 'dataid')
@@ -559,17 +594,40 @@ class Database extends AbstractData
        return array($main_key, $after_key);
    }

+    /**
+     * get the data type, depending on the database driver
+     *
+     * @access private
+     * @static
+     * @return string
+     */
+    private static function _getDataType()
+    {
+        return self::$_type === 'pgsql' ? 'TEXT' : 'BLOB';
+    }
+
+    /**
+     * get the attachment type, depending on the database driver
+     *
+     * @access private
+     * @static
+     * @return string
+     */
+    private static function _getAttachmentType()
+    {
+        return self::$_type === 'pgsql' ? 'TEXT' : 'MEDIUMBLOB';
+    }
+
    /**
     * create the paste table
     *
     * @access private
     * @static
-     * @return void
     */
    private static function _createPasteTable()
    {
        list($main_key, $after_key) = self::_getPrimaryKeyClauses();
-        $dataType                   = self::$_type === 'pgsql' ? 'TEXT' : 'BLOB';
+        $dataType                   = self::_getDataType();
        self::$_db->exec(
            'CREATE TABLE ' . self::_sanitizeIdentifier('paste') . ' ( ' .
            "dataid CHAR(16) NOT NULL$main_key, " .
@@ -579,7 +637,7 @@ class Database extends AbstractData
            'opendiscussion INT, ' .
            'burnafterreading INT, ' .
            'meta TEXT, ' .
-            'attachment ' . (self::$_type === 'pgsql' ? 'TEXT' : 'MEDIUMBLOB') . ', ' .
+            'attachment ' . self::_getAttachmentType() . ', ' .
            "attachmentname $dataType$after_key );"
        );
    }
@@ -589,12 +647,11 @@ class Database extends AbstractData
     *
     * @access private
     * @static
-     * @return void
     */
    private static function _createCommentTable()
    {
        list($main_key, $after_key) = self::_getPrimaryKeyClauses();
-        $dataType                   = self::$_type === 'pgsql' ? 'text' : 'BLOB';
+        $dataType                   = self::_getDataType();
        self::$_db->exec(
            'CREATE TABLE ' . self::_sanitizeIdentifier('comment') . ' ( ' .
            "dataid CHAR(16) NOT NULL$main_key, " .
@@ -616,7 +673,6 @@ class Database extends AbstractData
     *
     * @access private
     * @static
-     * @return void
     */
    private static function _createConfigTable()
    {
@@ -628,7 +684,7 @@ class Database extends AbstractData
        self::_exec(
            'INSERT INTO ' . self::_sanitizeIdentifier('config') .
            ' VALUES(?,?)',
-            array('VERSION', PrivateBin::VERSION)
+            array('VERSION', Controller::VERSION)
        );
    }

@@ -651,11 +707,10 @@ class Database extends AbstractData
     * @access private
     * @static
     * @param  string $oldversion
-     * @return void
     */
    private static function _upgradeDatabase($oldversion)
    {
-        $dataType = self::$_type === 'pgsql' ? 'TEXT' : 'BLOB';
+        $dataType = self::_getDataType();
        switch ($oldversion) {
            case '0.21':
                // create the meta column if necessary (pre 0.21 change)
@@ -667,8 +722,7 @@ class Database extends AbstractData
                // SQLite only allows one ALTER statement at a time...
                self::$_db->exec(
                    'ALTER TABLE ' . self::_sanitizeIdentifier('paste') .
-                    ' ADD COLUMN attachment ' .
-                    (self::$_type === 'pgsql' ? 'TEXT' : 'MEDIUMBLOB') . ';'
+                    ' ADD COLUMN attachment ' . self::_getAttachmentType() . ';'
                );
                self::$_db->exec(
                    'ALTER TABLE ' . self::_sanitizeIdentifier('paste') . " ADD COLUMN attachmentname $dataType;"
@@ -699,13 +753,12 @@ class Database extends AbstractData
                    'CREATE INDEX IF NOT EXISTS comment_parent ON ' .
                    self::_sanitizeIdentifier('comment') . '(pasteid);'
                );
-                // no break, continue with updates for 0.22
-            case '0.22':
-            case '1.0':
+                // no break, continue with updates for 0.22 and later
+            default:
                self::_exec(
                    'UPDATE ' . self::_sanitizeIdentifier('config') .
                    ' SET value = ? WHERE id = ?',
-                    array(PrivateBin::VERSION, 'VERSION')
+                    array(Controller::VERSION, 'VERSION')
                );
        }
    }
--- a/lib/Data/Filesystem.php
+++ b/lib/Data/Filesystem.php
@@ -7,13 +7,12 @@
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.1
+ * @version   1.3
 */

 namespace PrivateBin\Data;

-use PrivateBin\Json;
-use PrivateBin\Model\Paste;
+use PrivateBin\Persistence\DataStore;

 /**
 * Filesystem
@@ -22,15 +21,6 @@ use PrivateBin\Model\Paste;
 */
 class Filesystem extends AbstractData
 {
-    /**
-     * directory where data is stored
-     *
-     * @access private
-     * @static
-     * @var string
-     */
-    private static $_dir = 'data/';
-
    /**
     * get instance of singleton
     *
@@ -39,19 +29,18 @@ class Filesystem extends AbstractData
     * @param  array $options
     * @return Filesystem
     */
-    public static function getInstance($options = null)
+    public static function getInstance(array $options)
    {
+        // if needed initialize the singleton
+        if (!(self::$_instance instanceof self)) {
+            self::$_instance = new self;
+        }
        // if given update the data directory
        if (
            is_array($options) &&
            array_key_exists('dir', $options)
        ) {
-            self::$_dir = $options['dir'] . DIRECTORY_SEPARATOR;
-        }
-        // if needed initialize the singleton
-        if (!(self::$_instance instanceof self)) {
-            self::$_instance = new self;
-            self::_init();
+            DataStore::setPath($options['dir']);
        }
        return self::$_instance;
    }
@@ -62,19 +51,19 @@ class Filesystem extends AbstractData
     * @access public
     * @param  string $pasteid
     * @param  array  $paste
-     * @throws Exception
     * @return bool
     */
-    public function create($pasteid, $paste)
+    public function create($pasteid, array $paste)
    {
        $storagedir = self::_dataid2path($pasteid);
-        if (is_file($storagedir . $pasteid)) {
+        $file       = $storagedir . $pasteid . '.php';
+        if (is_file($file)) {
            return false;
        }
        if (!is_dir($storagedir)) {
            mkdir($storagedir, 0700, true);
        }
-        return (bool) file_put_contents($storagedir . $pasteid, Json::encode($paste));
+        return DataStore::store($file, $paste);
    }

    /**
@@ -82,25 +71,16 @@ class Filesystem extends AbstractData
     *
     * @access public
     * @param  string $pasteid
-     * @return stdClass|false
+     * @return array|false
     */
    public function read($pasteid)
    {
        if (!$this->exists($pasteid)) {
            return false;
        }
-        $paste = json_decode(
-            file_get_contents(self::_dataid2path($pasteid) . $pasteid)
+        return self::upgradePreV1Format(
+            DataStore::get(self::_dataid2path($pasteid) . $pasteid . '.php')
        );
-        if (property_exists($paste->meta, 'attachment')) {
-            $paste->attachment = $paste->meta->attachment;
-            unset($paste->meta->attachment);
-            if (property_exists($paste->meta, 'attachmentname')) {
-                $paste->attachmentname = $paste->meta->attachmentname;
-                unset($paste->meta->attachmentname);
-            }
-        }
-        return $paste;
    }

    /**
@@ -108,15 +88,14 @@ class Filesystem extends AbstractData
     *
     * @access public
     * @param  string $pasteid
-     * @return void
     */
    public function delete($pasteid)
    {
        $pastedir = self::_dataid2path($pasteid);
        if (is_dir($pastedir)) {
            // Delete the paste itself.
-            if (is_file($pastedir . $pasteid)) {
-                unlink($pastedir . $pasteid);
+            if (is_file($pastedir . $pasteid . '.php')) {
+                unlink($pastedir . $pasteid . '.php');
            }

            // Delete discussion if it exists.
@@ -144,7 +123,26 @@ class Filesystem extends AbstractData
     */
    public function exists($pasteid)
    {
-        return is_file(self::_dataid2path($pasteid) . $pasteid);
+        $basePath  = self::_dataid2path($pasteid) . $pasteid;
+        $pastePath = $basePath . '.php';
+        // convert to PHP protected files if needed
+        if (is_readable($basePath)) {
+            DataStore::prependRename($basePath, $pastePath);
+
+            // convert comments, too
+            $discdir = self::_dataid2discussionpath($pasteid);
+            if (is_dir($discdir)) {
+                $dir = dir($discdir);
+                while (false !== ($filename = $dir->read())) {
+                    if (substr($filename, -4) !== '.php' && strlen($filename) >= 16) {
+                        $commentFilename = $discdir . $filename . '.php';
+                        DataStore::prependRename($discdir . $filename, $commentFilename);
+                    }
+                }
+                $dir->close();
+            }
+        }
+        return is_readable($pastePath);
    }

    /**
@@ -155,20 +153,19 @@ class Filesystem extends AbstractData
     * @param  string $parentid
     * @param  string $commentid
     * @param  array  $comment
-     * @throws Exception
     * @return bool
     */
-    public function createComment($pasteid, $parentid, $commentid, $comment)
+    public function createComment($pasteid, $parentid, $commentid, array $comment)
    {
        $storagedir = self::_dataid2discussionpath($pasteid);
-        $filename   = $pasteid . '.' . $commentid . '.' . $parentid;
-        if (is_file($storagedir . $filename)) {
+        $file       = $storagedir . $pasteid . '.' . $commentid . '.' . $parentid . '.php';
+        if (is_file($file)) {
            return false;
        }
        if (!is_dir($storagedir)) {
            mkdir($storagedir, 0700, true);
        }
-        return (bool) file_put_contents($storagedir . $filename, Json::encode($comment));
+        return DataStore::store($file, $comment);
    }

    /**
@@ -183,22 +180,21 @@ class Filesystem extends AbstractData
        $comments = array();
        $discdir  = self::_dataid2discussionpath($pasteid);
        if (is_dir($discdir)) {
-            // Delete all files in discussion directory
            $dir = dir($discdir);
            while (false !== ($filename = $dir->read())) {
-                // Filename is in the form pasteid.commentid.parentid:
+                // Filename is in the form pasteid.commentid.parentid.php:
                // - pasteid is the paste this reply belongs to.
                // - commentid is the comment identifier itself.
                // - parentid is the comment this comment replies to (It can be pasteid)
                if (is_file($discdir . $filename)) {
-                    $comment = json_decode(file_get_contents($discdir . $filename));
+                    $comment = DataStore::get($discdir . $filename);
                    $items   = explode('.', $filename);
                    // Add some meta information not contained in file.
-                    $comment->id       = $items[1];
-                    $comment->parentid = $items[2];
+                    $comment['id']       = $items[1];
+                    $comment['parentid'] = $items[2];

                    // Store in array
-                    $key            = $this->getOpenSlot($comments, (int) $comment->meta->postdate);
+                    $key            = $this->getOpenSlot($comments, (int) $comment['meta']['created']);
                    $comments[$key] = $comment;
                }
            }
@@ -223,7 +219,7 @@ class Filesystem extends AbstractData
    {
        return is_file(
            self::_dataid2discussionpath($pasteid) .
-            $pasteid . '.' . $commentid . '.' . $parentid
+            $pasteid . '.' . $commentid . '.' . $parentid . '.php'
        );
    }

@@ -237,8 +233,9 @@ class Filesystem extends AbstractData
    protected function _getExpiredPastes($batchsize)
    {
        $pastes     = array();
+        $mainpath   = DataStore::getPath();
        $firstLevel = array_filter(
-            scandir(self::$_dir),
+            scandir($mainpath),
            'self::_isFirstLevelDir'
        );
        if (count($firstLevel) > 0) {
@@ -246,7 +243,7 @@ class Filesystem extends AbstractData
            for ($i = 0, $max = $batchsize * 10; $i < $max; ++$i) {
                $firstKey    = array_rand($firstLevel);
                $secondLevel = array_filter(
-                    scandir(self::$_dir . $firstLevel[$firstKey]),
+                    scandir($mainpath . DIRECTORY_SEPARATOR . $firstLevel[$firstKey]),
                    'self::_isSecondLevelDir'
                );

@@ -257,13 +254,21 @@ class Filesystem extends AbstractData
                }

                $secondKey = array_rand($secondLevel);
-                $path      = self::$_dir . $firstLevel[$firstKey] .
-                    DIRECTORY_SEPARATOR . $secondLevel[$secondKey];
+                $path      = $mainpath . DIRECTORY_SEPARATOR .
+                    $firstLevel[$firstKey] . DIRECTORY_SEPARATOR .
+                    $secondLevel[$secondKey];
                if (!is_dir($path)) {
                    continue;
                }
                $thirdLevel = array_filter(
-                    scandir($path),
+                    array_map(
+                        function ($filename) {
+                            return strlen($filename) >= 20 ?
+                                substr($filename, 0, -4) :
+                                $filename;
+                        },
+                        scandir($path)
+                    ),
                    'PrivateBin\\Model\\Paste::isValidId'
                );
                if (count($thirdLevel) == 0) {
@@ -278,8 +283,8 @@ class Filesystem extends AbstractData
                if ($this->exists($pasteid)) {
                    $data = $this->read($pasteid);
                    if (
-                        property_exists($data->meta, 'expire_date') &&
-                        $data->meta->expire_date < time()
+                        array_key_exists('expire_date', $data['meta']) &&
+                        $data['meta']['expire_date'] < time()
                    ) {
                        $pastes[] = $pasteid;
                        if (count($pastes) >= $batchsize) {
@@ -292,29 +297,6 @@ class Filesystem extends AbstractData
        return $pastes;
    }

-    /**
-     * initialize privatebin
-     *
-     * @access private
-     * @static
-     * @return void
-     */
-    private static function _init()
-    {
-        // Create storage directory if it does not exist.
-        if (!is_dir(self::$_dir)) {
-            mkdir(self::$_dir, 0700);
-        }
-        // Create .htaccess file if it does not exist.
-        if (!is_file(self::$_dir . '.htaccess')) {
-            file_put_contents(
-                self::$_dir . '.htaccess',
-                'Allow from none' . PHP_EOL .
-                'Deny from all' . PHP_EOL
-            );
-        }
-    }
-
    /**
     * Convert paste id to storage path.
     *
@@ -332,8 +314,10 @@ class Filesystem extends AbstractData
     */
    private static function _dataid2path($dataid)
    {
-        return self::$_dir . substr($dataid, 0, 2) . DIRECTORY_SEPARATOR .
-            substr($dataid, 2, 2) . DIRECTORY_SEPARATOR;
+        return DataStore::getPath(
+            substr($dataid, 0, 2) . DIRECTORY_SEPARATOR .
+            substr($dataid, 2, 2) . DIRECTORY_SEPARATOR
+        );
    }

    /**
@@ -363,7 +347,7 @@ class Filesystem extends AbstractData
    private static function _isFirstLevelDir($element)
    {
        return self::_isSecondLevelDir($element) &&
-            is_dir(self::$_dir . DIRECTORY_SEPARATOR . $element);
+            is_dir(DataStore::getPath($element));
    }

    /**
--- a/lib/Filter.php
+++ b/lib/Filter.php
@@ -7,7 +7,7 @@
 * @link      https://github.com/PrivateBin/PrivateBin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.1
+ * @version   1.3
 */

 namespace PrivateBin;
@@ -21,27 +21,10 @@ use Exception;
 */
 class Filter
 {
-    /**
-     * strips slashes deeply
-     *
-     * @access public
-     * @static
-     * @param  mixed $value
-     * @return mixed
-     */
-    public static function stripslashesDeep($value)
-    {
-        return is_array($value) ?
-            array_map('self::stripslashesDeep', $value) :
-            stripslashes($value);
-    }
-
    /**
     * format a given time string into a human readable label (localized)
     *
-     * accepts times in the format "[integer][time unit]", valid time units are:
-     * sec, second, seconds, min, minute, minutes, hour, hours, day, days, week,
-     * weeks, month, months, year, years
+     * accepts times in the format "[integer][time unit]"
     *
     * @access public
     * @static
@@ -81,7 +64,7 @@ class Filter
        $i   = 0;
        while (($size / 1024) >= 1) {
            $size = $size / 1024;
-            $i++;
+            ++$i;
        }
        return number_format($size, ($i ? 2 : 0), '.', ' ') . ' ' . I18n::_($iec[$i]);
    }
@@ -99,7 +82,7 @@ class Filter
    public static function slowEquals($a, $b)
    {
        $diff = strlen($a) ^ strlen($b);
-        for ($i = 0; $i < strlen($a) && $i < strlen($b); $i++) {
+        for ($i = 0; $i < strlen($a) && $i < strlen($b); ++$i) {
            $diff |= ord($a[$i]) ^ ord($b[$i]);
        }
        return $diff === 0;
--- a/lib/FormatV2.php
+++ b/lib/FormatV2.php
@@ -0,0 +1,127 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.3
+ */
+
+namespace PrivateBin;
+
+/**
+ * FormatV2
+ *
+ * Provides validation function for version 2 format of pastes & comments.
+ */
+class FormatV2
+{
+    /**
+     * version 2 format validator
+     *
+     * Checks if the given array is a proper version 2 formatted, encrypted message.
+     *
+     * @access public
+     * @static
+     * @param  array $message
+     * @param  bool  $isComment
+     * @return bool
+     */
+    public static function isValid($message, $isComment = false)
+    {
+        $required_keys = array('adata', 'v', 'ct');
+        if ($isComment) {
+            $required_keys[] = 'pasteid';
+            $required_keys[] = 'parentid';
+        } else {
+            $required_keys[] = 'meta';
+        }
+
+        // Make sure no additionnal keys were added.
+        if (count(array_keys($message)) != count($required_keys)) {
+            return false;
+        }
+
+        // Make sure required fields are present.
+        foreach ($required_keys as $k) {
+            if (!array_key_exists($k, $message)) {
+                return false;
+            }
+        }
+
+        $cipherParams = $isComment ? $message['adata'] : $message['adata'][0];
+
+        // Make sure some fields are base64 data:
+        // - initialization vector
+        if (!base64_decode($cipherParams[0], true)) {
+            return false;
+        }
+        // - salt
+        if (!base64_decode($cipherParams[1], true)) {
+            return false;
+        }
+        // - cipher text
+        if (!($ct = base64_decode($message['ct'], true))) {
+            return false;
+        }
+
+        // Make sure some fields have a reasonable size:
+        // - initialization vector
+        if (strlen($cipherParams[0]) > 24) {
+            return false;
+        }
+        // - salt
+        if (strlen($cipherParams[1]) > 14) {
+            return false;
+        }
+
+        // Make sure some fields contain no unsupported values:
+        // - version
+        if (!(is_int($message['v']) || is_float($message['v'])) || (float) $message['v'] < 2) {
+            return false;
+        }
+        // - iterations, refuse less then 10000 iterations (minimum NIST recommendation)
+        if (!is_int($cipherParams[2]) || $cipherParams[2] <= 10000) {
+            return false;
+        }
+        // - key size
+        if (!in_array($cipherParams[3], array(128, 192, 256), true)) {
+            return false;
+        }
+        // - tag size
+        if (!in_array($cipherParams[4], array(64, 96, 128), true)) {
+            return false;
+        }
+        // - algorithm, must be AES
+        if ($cipherParams[5] !== 'aes') {
+            return false;
+        }
+        // - mode
+        if (!in_array($cipherParams[6], array('ctr', 'cbc', 'gcm'), true)) {
+            return false;
+        }
+        // - compression
+        if (!in_array($cipherParams[7], array('zlib', 'none'), true)) {
+            return false;
+        }
+
+        // Reject data if entropy is too low
+        if (strlen($ct) > strlen(gzdeflate($ct))) {
+            return false;
+        }
+
+        // require only the key 'expire' in the metadata of pastes
+        if (!$isComment && (
+            count($message['meta']) === 0 ||
+            !array_key_exists('expire', $message['meta']) ||
+            count($message['meta']) > 1
+        )) {
+            return false;
+        }
+
+        return true;
+    }
+}
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				(function(global){"use strict";var _Base64=global.Base64;var version="2.1.9";var buffer;if(typeof module!=="undefined"&&module.exports){try{buffer=require("buffer").Buffer}catch(err){}}var b64chars="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";var b64tab=function(bin){var t={};for(var i=0,l=bin.length;i<l;i++)t[bin.charAt(i)]=i;return t}(b64chars);var fromCharCode=String.fromCharCode;var cb_utob=function(c){if(c.length<2){var cc=c.charCodeAt(0);return cc<128?c:cc<2048?fromCharCode(192\|cc>>>6)+fromCharCode(128\|cc&63):fromCharCode(224\|cc>>>12&15)+fromCharCode(128\|cc>>>6&63)+fromCharCode(128\|cc&63)}else{var cc=65536+(c.charCodeAt(0)-55296)*1024+(c.charCodeAt(1)-56320);return fromCharCode(240\|cc>>>18&7)+fromCharCode(128\|cc>>>12&63)+fromCharCode(128\|cc>>>6&63)+fromCharCode(128\|cc&63)}};var re_utob=/[\uD800-\uDBFF][\uDC00-\uDFFFF]\|[^\x00-\x7F]/g;var utob=function(u){return u.replace(re_utob,cb_utob)};var cb_encode=function(ccc){var padlen=[0,2,1][ccc.length%3],ord=ccc.charCodeAt(0)<<16\|(ccc.length>1?ccc.charCodeAt(1):0)<<8\|(ccc.length>2?ccc.charCodeAt(2):0),chars=[b64chars.charAt(ord>>>18),b64chars.charAt(ord>>>12&63),padlen>=2?"=":b64chars.charAt(ord>>>6&63),padlen>=1?"=":b64chars.charAt(ord&63)];return chars.join("")};var btoa=global.btoa?function(b){return global.btoa(b)}:function(b){return b.replace(/[\s\S]{1,3}/g,cb_encode)};var _encode=buffer?function(u){return(u.constructor===buffer.constructor?u:new buffer(u)).toString("base64")}:function(u){return btoa(utob(u))};var encode=function(u,urisafe){return!urisafe?_encode(String(u)):_encode(String(u)).replace(/[+\/]/g,function(m0){return m0=="+"?"-":"_"}).replace(/=/g,"")};var encodeURI=function(u){return encode(u,true)};var re_btou=new RegExp(["[À-ß][-¿]","[à-ï][-¿]{2}","[ð-÷][-¿]{3}"].join("\|"),"g");var cb_btou=function(cccc){switch(cccc.length){case 4:var cp=(7&cccc.charCodeAt(0))<<18\|(63&cccc.charCodeAt(1))<<12\|(63&cccc.charCodeAt(2))<<6\|63&cccc.charCodeAt(3),offset=cp-65536;return fromCharCode((offset>>>10)+55296)+fromCharCode((offset&1023)+56320);case 3:return fromCharCode((15&cccc.charCodeAt(0))<<12\|(63&cccc.charCodeAt(1))<<6\|63&cccc.charCodeAt(2));default:return fromCharCode((31&cccc.charCodeAt(0))<<6\|63&cccc.charCodeAt(1))}};var btou=function(b){return b.replace(re_btou,cb_btou)};var cb_decode=function(cccc){var len=cccc.length,padlen=len%4,n=(len>0?b64tab[cccc.charAt(0)]<<18:0)\|(len>1?b64tab[cccc.charAt(1)]<<12:0)\|(len>2?b64tab[cccc.charAt(2)]<<6:0)\|(len>3?b64tab[cccc.charAt(3)]:0),chars=[fromCharCode(n>>>16),fromCharCode(n>>>8&255),fromCharCode(n&255)];chars.length-=[0,0,2,1][padlen];return chars.join("")};var atob=global.atob?function(a){return global.atob(a)}:function(a){return a.replace(/[\s\S]{1,4}/g,cb_decode)};var _decode=buffer?function(a){return(a.constructor===buffer.constructor?a:new buffer(a,"base64")).toString()}:function(a){return btou(atob(a))};var decode=function(a){return _decode(String(a).replace(/[-_]/g,function(m0){return m0=="-"?"+":"/"}).replace(/[^A-Za-z0-9\+\/]/g,""))};var noConflict=function(){var Base64=global.Base64;global.Base64=_Base64;return Base64};global.Base64={VERSION:version,atob:atob,btoa:btoa,fromBase64:decode,toBase64:encode,utob:utob,encode:encode,encodeURI:encodeURI,btou:btou,decode:decode,noConflict:noConflict};if(typeof Object.defineProperty==="function"){var noEnum=function(v){return{value:v,enumerable:false,writable:true,configurable:true}};global.Base64.extendString=function(){Object.defineProperty(String.prototype,"fromBase64",noEnum(function(){return decode(this)}));Object.defineProperty(String.prototype,"toBase64",noEnum(function(urisafe){return encode(this,urisafe)}));Object.defineProperty(String.prototype,"toBase64URI",noEnum(function(){return encode(this,true)}))}}if(global["Meteor"]){Base64=global.Base64}})(this);