Commit graph

638 commits

Author SHA1 Message Date
rugk
2cd4717bd2
Use default csp value by default
Otherwise the CSP may break updates if we later change the behaviour of PrivateBin somehow.
We should have done this before the v1.0 release, but well...
2016-09-18 12:21:42 +02:00
El RIDO
8cfcf1c9f5
Adding HTTP headers to address certain XSS attacks, resolves #91 2016-09-18 11:29:37 +02:00
rugk
ec7af3a738
Improve formatting 2016-09-14 23:55:55 +02:00
rugk
8cb1a0a14d
Improve issue template 2016-09-03 18:23:03 +02:00
rugk
23febfc5ca
Remove unintentially submitted test file 2016-09-03 18:14:14 +02:00
rugk
1a159c973f
Prevent referrer to be send
Uses both CSP and Referrer-Policy
Fixes #96
2016-09-03 18:12:24 +02:00
rugk
b7184b92a3 Fix csp config unit tests 2016-08-27 14:47:21 +02:00
El RIDO
7da4723112 Merge pull request #97 from matunixe/master
Fix some french translation issues (typo + minor problems).
2016-08-27 13:53:50 +02:00
Mathias
8cb9e9d871 Fix some french translation issues (typo + minor problems). 2016-08-27 12:33:44 +02:00
rugk
b11866a63b Allow manifest loading via CSP (2) 2016-08-27 00:02:50 +02:00
rugk
9ff74e8841 Allow manifest loading via CSP 2016-08-27 00:01:19 +02:00
El RIDO
a13266a784 ensure the server salt path is initialized, instead of relying on the default 2016-08-25 15:02:38 +02:00
El RIDO
e925833090 bumping version number to 1.0 2016-08-25 09:53:31 +02:00
rugk
2ee9325f49 Make clear that HTTPS provides basic security...
whereas the other things are advantaged security features.
2016-08-24 23:28:54 +02:00
rugk
2cde59821a Add FAQ note to issue template 2016-08-24 17:35:29 +02:00
rugk
932c0b573d More useful links for Libsodium installation
Also mentioning one needs to install the PHP extension too.
2016-08-24 16:43:44 +02:00
rugk
61f0eaa757 Fix typo 2016-08-23 20:56:45 +02:00
rugk
1bc2caf459 Correct order of PRNG
As stated in 76e90f747b/ERRATA.md
2016-08-23 20:56:14 +02:00
rugk
19e5467b79 Revert "Add PHPv7 to list of "requires /dev/urandom in open_basedir""
This reverts commit b229fb6041.
2016-08-23 20:44:16 +02:00
rugk
b229fb6041 Add PHPv7 to list of "requires /dev/urandom in open_basedir" 2016-08-23 17:24:51 +02:00
El RIDO
91eabd8489 readded /dev/urandom, the primary source for safe randomness in PHP 7, random_compat and mcrypt 2016-08-23 08:54:26 +02:00
rugk
226a64d8a4 Clarify randomness & add PDO link
* Remove "some disk space" - Everyone knows that files need some place to be stored. Additionally nowadays disk space is not problem in general.
* Add link to PDO.
* Clarify randomness. I am however not sure whether `com_dotnet` needs access to `/dev/urandom` (with open_basedir set).
2016-08-22 19:28:20 +02:00
El RIDO
3d7b35aed4 PSR-2/4 fixes 2016-08-22 16:20:14 +02:00
El RIDO
62dd25b91a added note for phpdoc with PHP 7 2016-08-22 10:58:01 +02:00
El RIDO
313b5d34d2 updating docs 2016-08-22 10:34:37 +02:00
El RIDO
1907586b39 changing link to project page 2016-08-22 09:50:28 +02:00
El RIDO
6aba39488f adding check for PATH ending in DIRECTORY_SEPARATOR, fixes #86 2016-08-22 09:46:26 +02:00
El RIDO
47d6bd7a02 Clarifying requirement for safe randomness in installation document 2016-08-22 09:44:49 +02:00
El RIDO
38a185ef22 shrinking icon to avoid renderering glitches 2016-08-21 20:42:58 +02:00
El RIDO
6c49bd09b8 Merge pull request #88 from PrivateBin/iconupdate
Readd icon instead of logo for header
2016-08-21 20:03:26 +02:00
rugk
5621f32752 Readd icon instead of logo for header
Continues #87
2016-08-21 16:51:54 +02:00
rugk
c6e71d2972 Add link to info page to logo
This overwrites the useless link to the logo.
2016-08-21 15:24:02 +02:00
El RIDO
ba2ce38077 added alt text 2016-08-21 07:34:45 +02:00
El RIDO
057047094d Merge pull request #87 from PrivateBin/newicon
Replace icon with logo with text
2016-08-20 19:10:19 +02:00
rugk
f7a75a9d33 Merge branch 'master' into newicon 2016-08-20 19:09:39 +02:00
rugk
d7896fbd95 Fix header link in subdir installations
Now this does link to PrivateBin and not to the top-root (file) of the webserver
2016-08-20 18:53:07 +02:00
rugk
a7c3b6079d Update logo 2016-08-20 18:25:56 +02:00
rugk
8f19045b58 Replace icon with logo with text 2016-08-20 18:01:52 +02:00
rugk
f82533f479 Use icon with text for Readme 2016-08-20 17:57:02 +02:00
El RIDO
47646e056b fixing urlshortening regression caused by CSP introduction, resolves #10 2016-08-18 15:09:58 +02:00
El RIDO
cd02c6e916 Merge pull request #83 from PrivateBin/novendorignore
Clever gitignore for vendor dir
2016-08-17 21:00:27 +02:00
rugk
e4f615d8be Exclude doch folder 2016-08-17 20:43:59 +02:00
rugk
c6af0ebfce Fix typo of Composer name 2016-08-17 20:00:29 +02:00
rugk
e7d5b34f4f Also exclude PHP phar builder 2016-08-17 19:56:35 +02:00
rugk
47b5d315f6 Delete excluded files & adjsut exlcusion
Also add Composer license to LICENSE.md as it is excluded right now
2016-08-17 19:44:03 +02:00
rugk
49beb2ff64 Allow PHP files in vendor dir to be committed 2016-08-17 19:37:40 +02:00
El RIDO
a9759f1872 updated changelog 2016-08-16 11:38:52 +02:00
El RIDO
f72e260ee7 adding subresource integrity hashes for all javascript includes, resolves #6 2016-08-16 11:11:03 +02:00
El RIDO
f957a1868f push state to history when displaying raw text to allow use of back button, fixes #7 2016-08-16 09:51:36 +02:00
El RIDO
e49e1e2079 added missing library files and license 2016-08-16 08:58:55 +02:00