updating favicons, resolves #23
1
.gitattributes
vendored
|
@ -2,3 +2,4 @@ doc/ export-ignore
|
|||
tst/ export-ignore
|
||||
.gitattributes export-ignore
|
||||
.gitignore export-ignore
|
||||
img/bee*.png export-ignore
|
||||
|
|
48
README.md
|
@ -6,15 +6,15 @@
|
|||
[![Codacy Badge](https://api.codacy.com/project/badge/Coverage/094500f62abf4c9aa0c8a8a4520e4789)](https://www.codacy.com/app/PrivateBin/PrivateBin)
|
||||
[![Test Coverage](https://codeclimate.com/github/PrivateBin/PrivateBin/badges/coverage.svg)](https://codeclimate.com/github/PrivateBin/PrivateBin/coverage) [![Code Coverage](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/?branch=master)
|
||||
|
||||
PrivateBin is a minimalist, open source online pastebin where the server has zero
|
||||
knowledge of pasted data.
|
||||
PrivateBin is a minimalist, open source online pastebin where the server has
|
||||
zero knowledge of pasted data.
|
||||
|
||||
Data is encrypted/decrypted in the browser using 256 bit AES.
|
||||
|
||||
This is a fork of ZeroBin, originally developed by
|
||||
[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). It was refactored
|
||||
to allow easier and cleaner extensions and has now much more features than the
|
||||
original. It is however still fully compatible to the original PrivateBin 0.19
|
||||
original. It is however still fully compatible to the original ZeroBin 0.19
|
||||
data storage scheme. Therefore such installations can be upgraded to this fork
|
||||
without loosing any data.
|
||||
|
||||
|
@ -35,15 +35,16 @@ without loosing any data.
|
|||
|
||||
## What it doesn't provide
|
||||
|
||||
- As a user you have to trust the server administrator. If the server you use does
|
||||
not use HTTPS (which is *not* recommend!) you also have to trust your internet provider
|
||||
- As a user you have to trust the server administrator, your internet provider
|
||||
and any country the traffic passes not to inject any malicious javascript code.
|
||||
All ZeroBin installation should use HTTPS. Ideally secured by
|
||||
Ideally, the PrivateBin installation used should provide HTTPS, secured by
|
||||
[HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and
|
||||
[HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a
|
||||
certificate either validated by a trusted third party (in most cases Certificate
|
||||
Authorities) or self-signed by the server operator, validated using a
|
||||
[DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) protected
|
||||
certificate either validated by a trusted third party (check the certificate
|
||||
when first using a new PrivateBin instance) or self-signed by the server
|
||||
operator, validated using a
|
||||
[DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions)
|
||||
protected
|
||||
[DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities)
|
||||
record.
|
||||
|
||||
|
@ -53,16 +54,16 @@ without loosing any data.
|
|||
use a strong password and do only share it privately and end-to-end-encrypted.
|
||||
|
||||
- A server admin might be forced to hand over access logs to the authorities.
|
||||
ZeroBin encrypts your text and the discussion contents, but who accessed it
|
||||
PrivateBin encrypts your text and the discussion contents, but who accessed it
|
||||
first might still be disclosed via such access logs.
|
||||
|
||||
- In case of a server breach your data is secure as it is only stored encrypted on
|
||||
the server. However the server could be misused or the server admin could be legally
|
||||
forced into sending malicious JavaScript to all web users, which grabs the decryption key
|
||||
and send it to the server when a user accesses a ZeroBin.
|
||||
Therefore do not access any ZeroBin instance if you think it has been compromised. As long
|
||||
as no user accesses this instance with a previously generated URL, the content cannot be
|
||||
decrypted.
|
||||
- In case of a server breach your data is secure as it is only stored encrypted
|
||||
on the server. However the server could be misused or the server admin could
|
||||
be legally forced into sending malicious JavaScript to all web users, which
|
||||
grabs the decryption key and send it to the server when a user accesses a
|
||||
PrivateBin. Therefore do not access any PrivateBin instance if you think it
|
||||
has been compromised. As long as no user accesses this instance with a
|
||||
previously generated URL, the content can''t be decrypted.
|
||||
|
||||
## Options
|
||||
|
||||
|
@ -77,14 +78,17 @@ file](https://github.com/PrivateBin/PrivateBin/wiki/Configuration):
|
|||
|
||||
* Markdown format support for HTML formatted pastes
|
||||
|
||||
* Syntax highlighting for source code using prettify.js, including 4 prettify themes
|
||||
* Syntax highlighting for source code using prettify.js, including 4 prettify
|
||||
themes
|
||||
|
||||
* File upload support, images get displayed (disabled by default, possibility to adjust size limit)
|
||||
* File upload support, images get displayed (disabled by default, possibility
|
||||
to adjust size limit)
|
||||
|
||||
* Templates: By default there is a bootstrap CSS and a "classic ZeroBin" theme
|
||||
and it is easy to adapt these to your own websites layout or create your own.
|
||||
|
||||
* Translation system and automatic browser language detection (if enabled in browser)
|
||||
* Translation system and automatic browser language detection (if enabled in
|
||||
browser)
|
||||
|
||||
* Language selection (disabled by default, as it uses a session cookie)
|
||||
|
||||
|
@ -92,7 +96,7 @@ file](https://github.com/PrivateBin/PrivateBin/wiki/Configuration):
|
|||
|
||||
* [Installation guide](https://github.com/PrivateBin/PrivateBin/wiki/Installation)
|
||||
|
||||
* [Upgrading from 0.19 Alpha](https://github.com/PrivateBin/PrivateBin/wiki/Upgrading-from-ZeroBin-0.19-Alpha)
|
||||
* [Upgrading from ZeroBin 0.19 Alpha](https://github.com/PrivateBin/PrivateBin/wiki/Upgrading-from-ZeroBin-0.19-Alpha)
|
||||
|
||||
* [Configuration guide](https://github.com/PrivateBin/PrivateBin/wiki/Configuration)
|
||||
|
||||
|
@ -104,3 +108,5 @@ file](https://github.com/PrivateBin/PrivateBin/wiki/Configuration):
|
|||
|
||||
Run into any issues? Have ideas for further developments? Please
|
||||
[report](https://github.com/PrivateBin/PrivateBin/issues) them!
|
||||
|
||||
![PrivateBin Logo](https://raw.githubusercontent.com/PrivateBin/PrivateBin/master/img/favicons/android-chrome-192x192.png)
|
||||
|
|
BIN
favicon.ico
Before Width: | Height: | Size: 2.7 KiB After Width: | Height: | Size: 318 B |
Before Width: | Height: | Size: 711 B After Width: | Height: | Size: 4 KiB |
Before Width: | Height: | Size: 720 B After Width: | Height: | Size: 5.1 KiB |
Before Width: | Height: | Size: 200 B After Width: | Height: | Size: 417 B |
Before Width: | Height: | Size: 262 B After Width: | Height: | Size: 778 B |
Before Width: | Height: | Size: 425 B After Width: | Height: | Size: 2.3 KiB |