Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state
This commit is contained in:
parent
05c1776ada
commit
d6f203dc4c
7 changed files with 2 additions and 37 deletions
|
@ -6,6 +6,7 @@
|
|||
* CHANGED: Minimum required PHP version is 5.4 (#186)
|
||||
* CHANGED: Shipped .htaccess files were updated for Apache 2.4 (#192)
|
||||
* CHANGED: Cleanup of bootstrap template variants and moved icons to `img` directory
|
||||
* CHANGED: Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state
|
||||
* **1.1.1 (2017-10-06)**
|
||||
* CHANGED: Switched to `.php` file extension for configuration file, to avoid leaking configuration data in unprotected installation.
|
||||
* **1.1 (2016-12-26)**
|
||||
|
|
|
@ -81,10 +81,6 @@ zerobincompatibility = false
|
|||
; make sure the value exists in [expire_options]
|
||||
default = "1week"
|
||||
|
||||
; optionally the "clone" button can be disabled on expiring pastes
|
||||
; note that this only hides the button, copy & paste is still possible
|
||||
; clone = false
|
||||
|
||||
[expire_options]
|
||||
; Set each one of these to the number of seconds in the expiration period,
|
||||
; or 0 if it should never expire
|
||||
|
|
|
@ -58,7 +58,6 @@ class Configuration
|
|||
),
|
||||
'expire' => array(
|
||||
'default' => '1week',
|
||||
'clone' => true,
|
||||
),
|
||||
'expire_options' => array(
|
||||
'5min' => 300,
|
||||
|
|
|
@ -52,22 +52,6 @@ class PrivateBin
|
|||
*/
|
||||
private $_conf;
|
||||
|
||||
/**
|
||||
* data
|
||||
*
|
||||
* @access private
|
||||
* @var string
|
||||
*/
|
||||
private $_data = '';
|
||||
|
||||
/**
|
||||
* does the paste expire
|
||||
*
|
||||
* @access private
|
||||
* @var bool
|
||||
*/
|
||||
private $_doesExpire = false;
|
||||
|
||||
/**
|
||||
* error message
|
||||
*
|
||||
|
@ -370,8 +354,7 @@ class PrivateBin
|
|||
try {
|
||||
$paste = $this->_model->getPaste($dataid);
|
||||
if ($paste->exists()) {
|
||||
$data = $paste->get();
|
||||
$this->_doesExpire = property_exists($data, 'meta') && property_exists($data->meta, 'expire_date');
|
||||
$data = $paste->get();
|
||||
if (property_exists($data->meta, 'salt')) {
|
||||
unset($data->meta->salt);
|
||||
}
|
||||
|
@ -440,7 +423,6 @@ class PrivateBin
|
|||
$page->assign('LANGUAGES', I18n::getLanguageLabels(I18n::getAvailableLanguages()));
|
||||
$page->assign('EXPIRE', $expire);
|
||||
$page->assign('EXPIREDEFAULT', $this->_conf->getKey('default', 'expire'));
|
||||
$page->assign('EXPIRECLONE', !$this->_doesExpire || ($this->_doesExpire && $this->_conf->getKey('clone', 'expire')));
|
||||
$page->assign('URLSHORTENER', $this->_conf->getKey('urlshortener'));
|
||||
$page->assign('QRCODE', $this->_conf->getKey('qrcode'));
|
||||
$page->draw($this->_conf->getKey('template'));
|
||||
|
|
|
@ -164,15 +164,9 @@ else:
|
|||
endif;
|
||||
?>
|
||||
</button>
|
||||
<?php
|
||||
if ($EXPIRECLONE):
|
||||
?>
|
||||
<button id="clonebutton" type="button" class="hidden btn btn-<?php echo $isDark ? 'warning' : 'default'; ?> navbar-btn">
|
||||
<span class="glyphicon glyphicon-duplicate" aria-hidden="true"></span> <?php echo I18n::_('Clone'), PHP_EOL; ?>
|
||||
</button>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
<button id="rawtextbutton" type="button" class="hidden btn btn-<?php echo $isDark ? 'warning' : 'default'; ?> navbar-btn">
|
||||
<span class="glyphicon glyphicon-text-background" aria-hidden="true"></span> <?php echo I18n::_('Raw text'), PHP_EOL; ?>
|
||||
</button>
|
||||
|
|
|
@ -98,13 +98,7 @@ endif;
|
|||
<button id="newbutton" class="reloadlink hidden"><img src="img/icon_new.png" width="11" height="15" alt="" /><?php echo I18n::_('New'); ?></button>
|
||||
<button id="retrybutton" class="reloadlink hidden"><?php echo I18n::_('Retry'), PHP_EOL; ?></button>
|
||||
<button id="sendbutton" class="hidden"><img src="img/icon_send.png" width="18" height="15" alt="" /><?php echo I18n::_('Send'); ?></button>
|
||||
<?php
|
||||
if ($EXPIRECLONE):
|
||||
?>
|
||||
<button id="clonebutton" class="hidden"><img src="img/icon_clone.png" width="15" height="17" alt="" /><?php echo I18n::_('Clone'); ?></button>
|
||||
<?php
|
||||
endif;
|
||||
?>
|
||||
<button id="rawtextbutton" class="hidden"><img src="img/icon_raw.png" width="15" height="15" alt="" /><?php echo I18n::_('Raw text'); ?></button>
|
||||
<?php
|
||||
if ($QRCODE):
|
||||
|
|
|
@ -53,7 +53,6 @@ class ViewTest extends PHPUnit_Framework_TestCase
|
|||
$page->assign('LANGUAGES', I18n::getLanguageLabels(I18n::getAvailableLanguages()));
|
||||
$page->assign('EXPIRE', self::$expire);
|
||||
$page->assign('EXPIREDEFAULT', self::$expire_default);
|
||||
$page->assign('EXPIRECLONE', true);
|
||||
$page->assign('URLSHORTENER', '');
|
||||
$page->assign('QRCODE', true);
|
||||
|
||||
|
|
Loading…
Reference in a new issue