El RIDO
0efe6f7a8e
simplify logic, fullfills the unit test
2019-12-25 08:11:25 +01:00
Lucas Savva
7d9ec9509b
Handle previously renamed CONFIG_PATH gracefully
2019-12-24 19:12:08 +00:00
Lucas Savva
d5d13fa831
Add logic to rename insecure CONFIG_PATH
2019-12-24 18:51:47 +00:00
Lucas Savva
b5c86e290f
squashme: fix code style issue
2019-12-20 10:42:59 +00:00
Lucas Savva
6b0468ebff
Add support for a CONFIG_PATH variable
2019-12-19 23:06:32 +00:00
El RIDO
8cf0c86ebb
simplify case statement, update documentation
2019-11-02 17:18:22 +01:00
Andriy Zhuk
65b7077756
Added plural rules for ukrainian
2019-10-18 12:31:40 +03:00
El RIDO
2d4edfe401
incrementing version number in preparation of release
2019-09-22 19:42:04 +02:00
El RIDO
d5aeba60ca
increase default size limit to 10 MiB, documenting change
2019-09-20 07:04:26 +02:00
El RIDO
5c0012cf51
adding database migration to increase data to MEDIUMBLOB on MySQL by default
2019-09-20 06:57:54 +02:00
El RIDO
7c61f59dcd
removing untranslated string for non-human entities, moving insecure notice to template, so it can remains translated
2019-09-19 19:14:48 +02:00
Haocen Xu
ab75b183fb
Fix click on new paste on clone paste editing view not removing custom
...
attachment
Fix cloning paste with attachment
Update CSP in sample and default configuration
Ensure clone paste also clone format
Fix clone button hiding logic when paste is burn after read
Remove attachment name when new paste clicked on
Enable file operation only when editing
2019-08-25 02:16:58 -04:00
El RIDO
b0d1a3949e
add bulgarian to the supported languages
2019-07-11 16:50:32 +02:00
El RIDO
07018e5876
incrementing version number in preparation of release
2019-07-08 18:35:34 +02:00
El RIDO
11375a4f59
moved referrer policy from CSP & meta to proper HTTP header to avoid browser console error message about unknown CSP header and to ensure it always applies before HTML is parsed, fixes #196
2019-06-27 20:31:10 +02:00
El RIDO
c2e060d464
made compression configurable, fixes #38
2019-06-23 19:45:40 +02:00
El RIDO
848d3563f4
making StyleCI & Scrutinizer happy
2019-06-23 16:10:05 +02:00
El RIDO
8dc9db90c9
added translation for Czech, provided by @info-path, fixes #424
2019-06-23 12:06:36 +02:00
El RIDO
42c2003220
made notice configurable, fixing a few CSS glitches
2019-06-17 21:40:37 +02:00
El RIDO
4d6897f063
increasing minimum PHP version to 5.5 as this is required by the yzalis/identicon library upgrade to version 1.2.0
2019-06-16 10:50:52 +02:00
El RIDO
362045c664
re-add data-URLs to CSP for img-src, as these are used for the comment icons
2019-06-16 07:06:58 +02:00
El RIDO
f915af1a5a
adjust CSP header to allow blob URLs
2019-06-15 09:36:09 +02:00
El RIDO
a459c4692c
correcting API use, avoid history glitch
2019-06-01 23:49:40 +02:00
El RIDO
398fabd664
Chrome requires unsafe-eval for it to parse and evaluate WASM modules
2019-05-20 18:29:37 +02:00
El RIDO
12a9b2ff8e
address Scrutinizer issues with the use of getParams method
2019-05-19 10:13:47 +02:00
El RIDO
1baa1c2b0a
fixing API doc issue found by Scrutinizer
2019-05-19 10:05:04 +02:00
El RIDO
800a0df8e3
apply StyleCI patch
2019-05-19 10:01:41 +02:00
El RIDO
909ff2daa7
handle scrutinizer issues (mostly changes in API documentation)
2019-05-19 09:42:55 +02:00
El RIDO
09162a3c57
fix display of v2 pastes in JS, fixing parsing of comments in PHP, avoid exposing expiration date (we provide time_to_live, would allow calculation of creation date of paste)
2019-05-15 07:44:03 +02:00
El RIDO
cc1c55129f
switching to full JSON API without POST array use, ensure all JSON operations are done with error detection
2019-05-13 22:31:52 +02:00
El RIDO
be1e7babc0
removing dead code and improving code coverage
2019-05-11 22:18:35 +02:00
El RIDO
a622c8f484
fix logic, avoid 5.5
2019-05-10 23:27:45 +02:00
El RIDO
c3719435a3
and fixing PHP 5.5
2019-05-10 23:09:35 +02:00
El RIDO
02f3cc739f
documentation on fnv1a64 is lacking, but tests show it was only introduced with PHP 5.6
2019-05-10 22:46:39 +02:00
El RIDO
9b6b25dac0
revert scalar type hints to retain support for PHP < 7.0
2019-05-10 22:35:18 +02:00
El RIDO
76007b6ee9
fixing class compatibility (why is this no longer enforced in PHP > 7.1?)
2019-05-10 22:21:03 +02:00
El RIDO
f58cbefd1e
revert scalar type hints to retain support for PHP < 7.0
2019-05-10 22:13:11 +02:00
El RIDO
fb0c9c595e
remove further type hints for compatibility
2019-05-10 22:04:47 +02:00
El RIDO
bd4dee0f3e
fixing copy/paste errors
2019-05-10 21:52:14 +02:00
El RIDO
1e44902340
apply StyleCI patch
2019-05-10 21:45:34 +02:00
El RIDO
632d70412a
revert scalar type hints to retain support for PHP < 7.0
2019-05-10 21:35:36 +02:00
El RIDO
700f8a0ea7
made all php unit tests pass again
2019-05-10 07:55:39 +02:00
El RIDO
59569bf9fc
working on JsonApi tests
2019-05-08 22:11:21 +02:00
El RIDO
76dc01b959
finishing changes in models, removing last md5 test cases, tightening up allowed POST data
2019-05-06 22:15:21 +02:00
El RIDO
06b90ff48e
sticking to arrays to reduce conversions, inversion of control to simplify logic
2019-05-05 21:03:58 +02:00
El RIDO
b7a03cfdb9
enforcing parameter types, avoiding unnecessary metadata in version 2 pastes
2019-05-05 18:22:57 +02:00
El RIDO
6e15903f1e
make DatabaseTest work pass again, support reading & writing version 1 & 2 pastes & comments
2019-05-05 14:36:47 +02:00
El RIDO
bbdcb3fb0f
remove duplicate code
2019-05-05 08:53:40 +02:00
El RIDO
3338bd792e
implement version 2 format validation, changing ID checksum algorithm, resolves #49
2019-05-03 23:03:57 +02:00
El RIDO
e418b083e8
Merge branch 'master' into webcrypto
2019-01-22 20:11:42 +01:00
rugk
34c64acb75
Apply StyleCi recommendation
2019-01-22 00:14:31 +01:00
rugk
7cb942aca3
Make PHP paste ID function more robust
2019-01-21 23:19:41 +01:00
rugk
541fff199a
Put PHP paste request into own function
2019-01-21 23:06:25 +01:00
El RIDO
79a858f176
extracting only the 16 hex characters of the query string as paste ID, addressing #396
2019-01-20 12:20:37 +01:00
El RIDO
cde96d8f24
fixing bug in jsonld processing with certain URL paths
2018-12-17 19:42:26 +01:00
El RIDO
9ce41022cf
correcting namespaces
2018-11-19 13:09:34 +01:00
El RIDO
b5ebc4a3d7
incrementing version
2018-08-11 19:29:58 +02:00
El RIDO
a5e8eeaaf9
StyleCI: Obey the alphabet #342
2018-07-29 16:15:52 +02:00
El RIDO
4a35428499
cleanup of PurgeLimiter #342
2018-07-29 16:05:57 +02:00
El RIDO
3470dcd9a8
more compact ServerSalt #342
2018-07-29 15:50:36 +02:00
El RIDO
5db3412b69
cleanup of TrafficLimiter #342
2018-07-29 15:43:28 +02:00
El RIDO
f9c8441edb
renaming controller #342
2018-07-29 15:17:35 +02:00
El RIDO
720897b902
correct CSP to allow password prompt
2018-07-21 06:45:09 +00:00
El RIDO
cfe60db8fd
increment version number
2018-07-01 13:11:32 +02:00
El RIDO
6225a8ef16
updating translators in credits
2018-06-11 20:29:47 +02:00
El RIDO
9a0318517b
correct PHPdoc, fixes #264
2018-05-27 15:18:25 +02:00
El RIDO
d6f203dc4c
Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state
2018-05-27 15:05:31 +02:00
El RIDO
05c1776ada
ensure ALL read errors are only exposed in the JSON API to avoid information leakage (i.e. beviour for deleted vs expired pastes), updated test cases & removed duplicate test
2018-05-27 14:36:30 +02:00
El RIDO
caf87cc6f1
Merge branch 'master' into burnafterreading-fix, regression in expired paste error
2018-04-30 20:01:38 +02:00
El RIDO
2c82279292
Merge branch 'attachment-handling' of https://github.com/thororm/PrivateBin into thororm-attachment-handling
...
apart from resolving conflicts:
- added missing docs
- inlined functions that were used in only one location
- updated unit test to support all previews
- fixed a regression that displayed the preview even when there was no preview and too early
2018-04-29 11:57:03 +02:00
rugk
9c132cd839
Disallow form-action in CSP to limit outgoing connections
...
See https://github.com/PrivateBin/PrivateBin/issues/272
2018-01-06 18:06:06 +01:00
El RIDO
3bca559826
moving access to into Request class
2018-01-06 10:27:58 +01:00
rugk
414ab0eb71
Add config and basic page template support
...
* load JS file asyncronously (just HTML5 async attribut)
* add basic support for page template, where it generates the code inside
of a simple div at the top
* added option to turn off QR code support
2017-12-25 14:59:15 +01:00
El RIDO
86ecdb1155
fixing post increment
2017-11-13 22:15:14 +01:00
El RIDO
502e96c129
StyleCI recommendations
2017-10-08 19:23:33 +02:00
El RIDO
a5d5f6066a
refactoring as recommended by Scrutinizer
2017-10-08 19:16:09 +02:00
El RIDO
9f26894b2e
PHP < 5.6 compatibility and StyleCI recommendations
2017-10-08 17:10:51 +02:00
El RIDO
4f06feef81
implemented JSON file conversion on purge and storage in PHP files for data leak protection
2017-10-08 16:59:31 +02:00
El RIDO
4ded4b7f8c
adding correct HTTP error to response, as per @rugk's recommentation
2017-10-08 16:43:46 +02:00
El RIDO
dbfb1e83ba
removing dead code
2017-10-08 16:43:10 +02:00
El RIDO
62f0b95377
making StyleCI happy
2017-10-08 16:42:43 +02:00
El RIDO
6e8eafe129
implemented INI cenversion functionality
2017-10-08 16:42:11 +02:00
El RIDO
6fa2bfe30e
updated documentation, incremented version
2017-10-08 16:40:51 +02:00
rugk
f037967820
changes the file extension to php and adds a small one-liner to stop PHP from presenting the file to any website visitor
...
Signed-off-by: El RIDO <elrido@gmx.net>
2017-10-08 16:25:48 +02:00
thororm
23f5dfbff8
Merge remote-tracking branch 'remotes/thororm/master' into attachment-handling
...
# Conflicts:
# tpl/bootstrap.php
# tpl/page.php
2017-05-13 19:48:25 +02:00
rugk
283873d89a
Fix stupid copy&paste error
2017-04-13 10:52:48 +02:00
rugk
9b6748c54d
Adjust requested changes
2017-04-13 10:46:09 +02:00
El RIDO
f54036976a
added instantburnafterreading option to address #174
2017-04-11 17:23:26 +02:00
rugk
183ebe518b
Force JSON request for getting paste data
2017-04-11 16:34:13 +02:00
thororm
096f07f86e
Merge branch 'master' into attachment-handling
...
# Conflicts:
# js/privatebin.js
# tpl/bootstrap.php
# tpl/page.php
2017-04-02 13:30:52 +02:00
El RIDO
bbcc3e167b
implementing recommendations of scrutinizer
2017-03-25 00:58:59 +01:00
El RIDO
9b2af0abf5
fixing documentation
2017-03-24 23:54:37 +01:00
El RIDO
18315e7de0
removing unused class
2017-03-24 23:45:10 +01:00
El RIDO
f7853cf439
removing duplicate code, cleanup of temporary test files
2017-03-24 23:42:11 +01:00
El RIDO
ce92bfa934
updated .htaccess format, refactored .htaccess creation logic and improving code coverage, fixes #194
2017-03-24 21:30:08 +01:00
El RIDO
88b02d866e
fixes #186 for good
2017-03-24 19:20:34 +01:00
El RIDO
be0919893d
updating shipped .htaccess files for Apache 2.4 as per https://httpd.apache.org/docs/2.4/upgrading.html#access - Thanks @EchoDev, fixes #194
2017-03-11 08:56:14 +01:00
El RIDO
823adb78ef
bumping required PHP to 5.4, removing unneccessary code, resolves #186
2017-03-05 11:22:24 +01:00
El RIDO
23b09d601d
credited Tulio for the portuguese translation, updated SRI hashes
2017-03-05 11:02:18 +01:00
El RIDO
db307c3a77
updated test cases and delete logic to properly implement documented API, thanks @r4sas #188
2017-02-22 21:42:14 +01:00