El RIDO
602fc4705e
change for API consistency
2015-09-01 23:51:31 +02:00
El RIDO
b25022e403
refactored JSON API, its now possible to retrieve pastes as JSON, which
...
is now used when posting comments, eliminating the need to store the
password in sessionStorage
2015-09-01 22:33:07 +02:00
El RIDO
802a0b26b9
burn after reading messages are only deleted after callback by JS when
...
successfully decrypted, resolves #11
2015-08-31 22:10:41 +02:00
El RIDO
d3c4600806
slight configuration changes, template modifications to make discussions
...
and password configurable, removed generated configuration test as it
grows quite big and a new one can be generated easily if needed
2015-08-31 00:01:35 +02:00
El RIDO
2d0668af03
concluding work on configuration test generator for #16 . Replaced a few
...
die()s in the code with Exception, making it possible to test properly.
Fixed some outdated unit tests.
2015-08-29 20:29:14 +02:00
El RIDO
1c4d1aa6b6
working on configuration unit test generator as described in #16
2015-08-29 01:26:48 +02:00
El RIDO
ae82e84ef8
correcting php doc comments
2015-08-27 23:58:56 +02:00
El RIDO
d57d6cf44b
created initial unit tests for main zerobin class
2015-08-27 23:30:35 +02:00
El RIDO
f775da3931
fixing nasty deletion bug from #15 , included unit tests to trigger it
...
and reworked persistence classes to through exceptions rather to fail
silently
2015-08-27 21:41:21 +02:00
El RIDO
cb28056223
made highlighting more configurable, added all four themes, there is now a configurable flavour text (notice)
2015-08-17 23:18:33 +02:00
El RIDO
24d18c5313
cleaned up phpdoc comments, added README on how to install and use it
2015-08-16 15:55:31 +02:00
El RIDO
49c6e3c1b6
updated base64.js to version 2.1.9, using minified version found at
...
9192c510f5/base64.min.js
kudos Dan Kogai
small improvements to input checking
implementing default values for most configuration options
switching to versioned JS files to avoid version hack used in template
2015-08-16 12:27:06 +02:00
El RIDO
769768d25e
updated jquery to 1.11.3
2015-08-16 11:20:06 +02:00
El RIDO
8881b3047a
changing version string
2015-08-16 00:04:14 +02:00
Sebastien SAUVAGE
43a439e7d0
Time attack protection on hmac comparison
...
This fixes issue 2.7 of https://defuse.ca/audits/zerobin.htm , and thus
(with commit a24212afda90ca3e4b4ff5ce30d2012709b58a28) also issue 2.8.
(cherry picked from commit 0b4db7ece313dd268e51fc47a0293a649927558a)
Conflicts:
index.php
2015-08-15 23:44:03 +02:00
Sebastien SAUVAGE
e7feca0e53
Stronger server salt
...
ZeroBin now generates a much stronger salt. This fixes issue #68
(mentioned in section 2.1 of https://defuse.ca/audits/zerobin.htm )
(cherry picked from commit a24212afda90ca3e4b4ff5ce30d2012709b58a28)
Conflicts:
lib/serversalt.php
lib/vizhash16x16.php
2015-08-15 22:18:57 +02:00
jeldrik
4f72f04eda
Prevent inconstitent /data/trafic_limiter.php due to file read while writing
...
(cherry picked from commit 71a7f6adaea9a86a84fa8ebbcb9e5c506a785527)
Conflicts:
index.php
2015-08-15 22:10:05 +02:00
Sébastien SAUVAGE
5b54ca34ad
Update index.php
...
Removed ugly error message when paste identifier is invalid (eg. http://mydomain.com/zerobin?foo )
(cherry picked from commit 43fa904979a29e4c205b9f4f08e1c487555bbe1c)
Conflicts:
index.php
2015-08-15 22:07:07 +02:00
Sebastien SAUVAGE
bc8b23d35e
XSS flaw correction
...
With a client IE < 10 there was a XSS security flaw. Other browsers were
not affected.
Also corrected spacing display with IE<10.
(cherry picked from commit 28813cd82ae47e556b610da3c7302a6709e27431)
Conflicts:
CHANGELOG.md
index.php
js/zerobin.js
lib/vizhash16x16.php
2015-08-15 22:01:43 +02:00
El RIDO
e646729b2d
fixing regressions from cherrypicking
2015-08-15 21:39:08 +02:00
Sebastien SAUVAGE
5f87ea6843
ZeroBin 0.18
...
(cherry picked from commit 7a8cbee2f99cd74a50bce7e8df8130e2c477d903)
Conflicts:
CHANGELOG.md
index.php
js/zerobin.js
lib/vizhash16x16.php
2015-08-15 21:06:19 +02:00
Sebastien SAUVAGE
cff4d99f05
"Burn after reading" as a checkbox
...
"Burn after reading" option has been moved out of Expiration combo to a
separate checkbox.
Reason is: You can prevent a read-once paste to be available ad vitam
eternam on the net.
(cherry picked from commit 190b278402c086ebc4d1a78aae27d1e2666e3e7a)
Conflicts:
css/zerobin.css
index.php
js/zerobin.js
tpl/page.html
2015-08-15 19:01:03 +02:00
El RIDO
ad70051323
reviewed unit tests, fixing line endings, added more tests
2015-08-15 18:32:31 +02:00
Sebastien SAUVAGE
7db76d8d71
Updated json checking.
...
- adapted to SJCL changed
- added entropy checking (from
f2ee2e8ba2
)
(cherry picked from commit 57e6274c64e2c99c754b63586af6b34c374fbc2b)
Conflicts:
index.php
2015-08-15 18:16:55 +02:00
El RIDO
134d22c958
small unit testing improvements, removing never accessed code
2015-08-15 16:37:44 +02:00
Simon Rupf
badf459390
split common persistance logic into abstract class
2013-11-01 01:15:58 +01:00
Sebastien SAUVAGE
5b253cf77c
ZeroBin 0.17
...
* added deletion link.
* small refactoring.
* improved regex checks.
* larger server alt on installation.
2013-11-01 01:15:14 +01:00
Sébastien SAUVAGE
c26c4a8bec
arbitrary JSON file disclosure correction
...
The following securit issue has been fixed:
https://github.com/sebsauvage/ZeroBin/issues/30
2013-10-31 22:53:22 +01:00
Simon Rupf
d247bff897
syntax highlighting can now be turned off, template can be changed in
...
configuration
2013-10-31 22:24:40 +01:00
Simon Rupf
630e16c4a0
Added more configuration options, based on patch by Uli Köhler
2013-10-30 23:54:42 +01:00
Simon Rupf
51008d3e68
added test for entropy of cypher text - closes #3
2012-09-08 19:54:24 +02:00
Simon Rupf
2d4f155064
had to revert to HTML5 instead of XHTML5 because of compatibility
...
problem with code prettifier, fixed some display bugs
2012-08-28 23:28:41 +02:00
Simon Rupf
907538875b
removed leftovers from submodule uglifyjs, added credits file,
...
cleaned up CSS, changed template to output clean XHTML 5,
added unit tests for 60% of the code, found a few bugs by doing
that and fixed them
2012-08-26 00:49:11 +02:00
Simon Rupf
421e6cba97
implemented zerobin_db model, added more options for paste expiration, made comments and max data size configurable
2012-05-19 23:59:41 +02:00
Simon Rupf
edf95ff56d
added autoloading, configurable paste size limit, changed JS to calculate localized comment times instead of UTC
2012-04-30 22:58:08 +02:00
Simon Rupf
23487ce779
Fixed bug with missing directory separator and added .htaccess files to lib & cfg directories. If those are not present, the application will create them for you.
2012-04-30 13:58:29 +02:00
Simon Rupf
ba90d0cae2
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector
2012-04-29 19:15:06 +02:00
Thierry Poinot
6083c7a23c
refactoring files and directory structure
2012-04-22 13:34:17 +02:00
Thierry Poinot
d92d8658a5
refactoring zerobin js, adding JSDoc
2012-04-22 12:45:45 +02:00
Sebastien SAUVAGE
52630374e5
Initial commit of version 0.15 alpha.
2012-04-21 21:59:45 +02:00