Compare commits

...
Sign in to create a new pull request.

5 commits

Author SHA1 Message Date
rugk
470e0fc33c Add missing break in switch 2020-03-06 10:03:27 +01:00
rugk
f13a5d0a55 Cleanup variables/logic
It only assigns and DomPurfies things once, instead of doing
it again and again.
Also uses less variables and cleans up the logic.
2020-03-04 14:32:04 +01:00
rugk
552e0cac3a Fix .getText of PasteViewer to return original text string
The issue was that I reused an existing module variable.

Now we have (yet another one) temp var for that.

Practically this fixes the "clone paste" button by using the original text.
2020-03-04 13:44:57 +01:00
rugk
294b8804a4 Fix source code escaping in comments
Also fix comments.
2020-03-04 13:29:06 +01:00
rugk
005d223c0d Fix source code being not rendered
If special characters were included the source code (HTML-like ones like < and >) is was not rendered.

Fixes https://github.com/PrivateBin/PrivateBin/issues/588

It includes a change in the RegEx for URLs because that was broken when a
& character later followed at any time after a link (even after a newline).
(with a negative lookahead)

Test with https://regex101.com/r/i7bZ73/1

Now the RegEx does not check for _all_ chars after a link, but just for the
one following the link.
(So the lookahead is not * anymore. I guess thsi behaviour was
the expectation when it has been implemented.)
2020-03-04 11:45:56 +01:00
3 changed files with 101 additions and 70 deletions

View file

@ -18,14 +18,14 @@ jQuery.fn.draghover = function() {
return this.each(function() { return this.each(function() {
let collection = $(), let collection = $(),
self = $(this); self = $(this);
self.on('dragenter', function(e) { self.on('dragenter', function(e) {
if (collection.length === 0) { if (collection.length === 0) {
self.trigger('draghoverstart'); self.trigger('draghoverstart');
} }
collection = collection.add(e.target); collection = collection.add(e.target);
}); });
self.on('dragleave drop', function(e) { self.on('dragleave drop', function(e) {
collection = collection.not(e.target); collection = collection.not(e.target);
if (collection.length === 0) { if (collection.length === 0) {
@ -374,6 +374,31 @@ jQuery.PrivateBin = (function($, RawDeflate) {
} }
}; };
/**
* formats the text that needs to be formatted, so DomPurify can properly escape it.
*
* @name Helper.preformatTextForDomPurify
* @function
* @param {string} html
* @param {'markdown'|'syntaxhighlighting'|'plaintext'} text
* @return {string} new text
*/
me.preformatTextForDomPurify = function(text, format)
{
if (!format) {
throw new TypeError('invalid format parameter');
}
// encode < to make sure DomPurify does not interpret e.g. HTML or XML markup as code
// cf. https://developer.mozilla.org/en-US/docs/Web/HTML/Element/xmp#Summary
// As Markdown, by definition, is/allows HTML code, we do not do anything there.
if (format !== 'markdown') {
// one character is enough, as this is not security-relevant (all output will go through DOMPurify later)
text = text.replace(/</g, '&lt;');
}
return text;
};
/** /**
* convert URLs to clickable links. * convert URLs to clickable links.
* *
@ -392,7 +417,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
me.urls2links = function(html) me.urls2links = function(html)
{ {
return html.replace( return html.replace(
/(((https?|ftp):\/\/[\w?!=&.\/-;#@~%+*-]+(?![\w\s?!&.\/;#~%"=-]*>))|((magnet):[\w?=&.\/-;#@~%+*-]+))/ig, /(((https?|ftp):\/\/[\w?!=&.\/-;#@~%+*-]+(?![\w\s?!&.\/;#~%"=-]>))|((magnet):[\w?=&.\/-;#@~%+*-]+))/ig,
'<a href="$1" rel="nofollow">$1</a>' '<a href="$1" rel="nofollow">$1</a>'
); );
}; };
@ -518,7 +543,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
/** /**
* calculate expiration date given initial date and expiration period * calculate expiration date given initial date and expiration period
* *
* @name Helper.calculateExpirationDate * @name Helper.calculateExpirationDate
* @function * @function
* @param {Date} initialDate - may not be empty * @param {Date} initialDate - may not be empty
@ -531,7 +556,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
if (typeof expirationDisplayStringOrSecondsToExpire === 'string') { if (typeof expirationDisplayStringOrSecondsToExpire === 'string') {
secondsToExpiration = me.durationToSeconds(expirationDisplayStringOrSecondsToExpire); secondsToExpiration = me.durationToSeconds(expirationDisplayStringOrSecondsToExpire);
} }
if (typeof secondsToExpiration !== 'number') { if (typeof secondsToExpiration !== 'number') {
throw new Error('Cannot calculate expiration date.'); throw new Error('Cannot calculate expiration date.');
} }
@ -2504,18 +2529,25 @@ jQuery.PrivateBin = (function($, RawDeflate) {
return; return;
} }
// escape HTML entities, link URLs, sanitize let processedText = Helper.preformatTextForDomPurify(text, format);
const escapedLinkedText = Helper.urls2links(text),
sanitizedLinkedText = DOMPurify.sanitize( // link URLs
escapedLinkedText, { processedText = Helper.urls2links(processedText);
ALLOWED_TAGS: ['a'],
ALLOWED_ATTR: ['href', 'rel']
}
);
$plainText.html(sanitizedLinkedText);
$prettyPrint.html(sanitizedLinkedText);
switch (format) { switch (format) {
case 'syntaxhighlighting':
// yes, this is really needed to initialize the environment
if (typeof prettyPrint === 'function')
{
prettyPrint();
}
$prettyPrint.html(
DOMPurify.sanitize(
prettyPrintOne(processedText, null, true)
)
);
break;
case 'markdown': case 'markdown':
const converter = new showdown.Converter({ const converter = new showdown.Converter({
strikethrough: true, strikethrough: true,
@ -2527,29 +2559,27 @@ jQuery.PrivateBin = (function($, RawDeflate) {
// let showdown convert the HTML and sanitize HTML *afterwards*! // let showdown convert the HTML and sanitize HTML *afterwards*!
$plainText.html( $plainText.html(
DOMPurify.sanitize( DOMPurify.sanitize(
// use original text, because showdown handles autolinking on it's own
converter.makeHtml(text) converter.makeHtml(text)
) )
); );
// add table classes from bootstrap css // add table classes from bootstrap css
$plainText.find('table').addClass('table-condensed table-bordered'); $plainText.find('table').addClass('table-condensed table-bordered');
break; break;
case 'syntaxhighlighting':
// yes, this is really needed to initialize the environment
if (typeof prettyPrint === 'function')
{
prettyPrint();
}
$prettyPrint.html(
DOMPurify.sanitize(
prettyPrintOne(escapedLinkedText, null, true)
)
);
// fall through, as the rest is the same
default: // = 'plaintext' default: // = 'plaintext'
$prettyPrint.css('white-space', 'pre-wrap'); $prettyPrint.html(DOMPurify.sanitize(
$prettyPrint.css('word-break', 'normal'); processedText, {
$prettyPrint.removeClass('prettyprint'); ALLOWED_TAGS: ['a'],
ALLOWED_ATTR: ['href', 'rel']
}
));
}
// set block style for non-Markdown formatting
if (format !== 'markdown') {
$prettyPrint.css('white-space', 'pre-wrap');
$prettyPrint.css('word-break', 'normal');
$prettyPrint.removeClass('prettyprint');
} }
} }
@ -3313,7 +3343,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
*/ */
me.addComment = function(comment, commentText, nickname) me.addComment = function(comment, commentText, nickname)
{ {
if (commentText === '') { if (!commentText) {
commentText = 'comment decryption failed'; commentText = 'comment decryption failed';
} }
@ -3323,6 +3353,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
const $commentEntryData = $commentEntry.find('div.commentdata'); const $commentEntryData = $commentEntry.find('div.commentdata');
// set & parse text // set & parse text
commentText = Helper.preformatTextForDomPurify(commentText, 'plaintext');
$commentEntryData.html( $commentEntryData.html(
DOMPurify.sanitize( DOMPurify.sanitize(
Helper.urls2links(commentText), { Helper.urls2links(commentText), {
@ -3735,11 +3766,11 @@ jQuery.PrivateBin = (function($, RawDeflate) {
/** /**
* Template Email body. * Template Email body.
* *
* @name TopNav.templateEmailBody * @name TopNav.templateEmailBody
* @private * @private
* @param {string} expirationDateString * @param {string} expirationDateString
* @param {bool} isBurnafterreading * @param {bool} isBurnafterreading
*/ */
function templateEmailBody(expirationDateString, isBurnafterreading) function templateEmailBody(expirationDateString, isBurnafterreading)
{ {
@ -3777,10 +3808,10 @@ jQuery.PrivateBin = (function($, RawDeflate) {
/** /**
* Trigger Email send. * Trigger Email send.
* *
* @name TopNav.triggerEmailSend * @name TopNav.triggerEmailSend
* @private * @private
* @param {string} emailBody * @param {string} emailBody
*/ */
function triggerEmailSend(emailBody) function triggerEmailSend(emailBody)
{ {
@ -3993,7 +4024,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
/** /**
* show the "email" button * show the "email" button
* *
* @name TopNav.showEmailbutton * @name TopNav.showEmailbutton
* @function * @function
* @param {int|undefined} optionalRemainingTimeInSeconds * @param {int|undefined} optionalRemainingTimeInSeconds
@ -4021,7 +4052,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
/** /**
* hide the "email" button * hide the "email" button
* *
* @name TopNav.hideEmailButton * @name TopNav.hideEmailButton
* @function * @function
*/ */
@ -4055,7 +4086,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
/** /**
* only hides the qr code button * only hides the qr code button
* *
* @name TopNav.hideQrCodeButton * @name TopNav.hideQrCodeButton
* @function * @function
*/ */
@ -4066,7 +4097,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
/** /**
* hide all irrelevant buttons when viewing burn after reading paste * hide all irrelevant buttons when viewing burn after reading paste
* *
* @name TopNav.hideBurnAfterReadingButtons * @name TopNav.hideBurnAfterReadingButtons
* @function * @function
*/ */
@ -4102,7 +4133,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
/** /**
* hides the custom attachment * hides the custom attachment
* *
* @name TopNav.hideCustomAttachment * @name TopNav.hideCustomAttachment
* @function * @function
*/ */
@ -4226,7 +4257,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
/** /**
* Highlight file upload * Highlight file upload
* *
* @name TopNav.highlightFileupload * @name TopNav.highlightFileupload
* @function * @function
*/ */
@ -4245,7 +4276,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
/** /**
* set the format on bootstrap templates in dropdown programmatically * set the format on bootstrap templates in dropdown programmatically
* *
* @name TopNav.setFormat * @name TopNav.setFormat
* @function * @function
*/ */
@ -4256,7 +4287,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
/** /**
* returns if attachment dropdown is readonly, not editable * returns if attachment dropdown is readonly, not editable
* *
* @name TopNav.isAttachmentReadonly * @name TopNav.isAttachmentReadonly
* @function * @function
* @return {bool} * @return {bool}

View file

@ -41,38 +41,38 @@ if ($SYNTAXHIGHLIGHTING):
endif; endif;
?> ?>
<noscript><link type="text/css" rel="stylesheet" href="css/noscript.css" /></noscript> <noscript><link type="text/css" rel="stylesheet" href="css/noscript.css" /></noscript>
<script type="text/javascript" data-cfasync="false" src="js/jquery-3.4.1.js" integrity="sha512-bnIvzh6FU75ZKxp0GXLH9bewza/OIw6dLVh9ICg0gogclmYGguQJWl8U30WpbsGTqbIiAwxTsbe76DErLq5EDQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/jquery-3.4.1.js" integrity="sha512-9anGruNHwVXk3XlsUXFrdEe8Iq5EdB/Otrz+4C+VWtQGPThhPyQRCKPh8+H1QPyu2NmEi5oPuCPACVXPmhnvrQ==" crossorigin="anonymous"></script>
<?php <?php
if ($QRCODE): if ($QRCODE):
?> ?>
<script async type="text/javascript" data-cfasync="false" src="js/kjua-0.6.0.js" integrity="sha512-GEEIHvphDt1NmaxzX8X1ZkBiGKXCv+Ofzwi8SMEH5wQVWqdGIvBO/fnxxKZ90RU1bVp6srS68nHIpZo6iVcG9g==" crossorigin="anonymous"></script> <script async type="text/javascript" data-cfasync="false" src="js/kjua-0.6.0.js" integrity="sha512-mS5pSr1OST+Q29k4J4epdY+UFR9EmQ/mm96tV4QN22NHQPaWAXuDOAEAA9RAPpmY5jY2SDz8lMHN9CPysV/Dsg==" crossorigin="anonymous"></script>
<?php <?php
endif; endif;
if ($ZEROBINCOMPATIBILITY): if ($ZEROBINCOMPATIBILITY):
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/base64-1.7.js" integrity="sha512-JdwsSP3GyHR+jaCkns9CL9NTt4JUJqm/BsODGmYhBcj5EAPKcHYh+OiMfyHbcDLECe17TL0hjXADFkusAqiYgA==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/base64-1.7.js" integrity="sha512-V6V3jxySWm/c62rSuY64hIU1/xYwaeQ+RJQyOzUMiZEMMlZXlnbif6/v/4v3Nck/cch7LylQU8lMplZUnIhSoA==" crossorigin="anonymous"></script>
<?php <?php
endif; endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/zlib-1.2.11.js" integrity="sha512-Yey/0yoaVmSbqMEyyff3DIu8kCPwpHvHf7tY1AuZ1lrX9NPCMg87PwzngMi+VNbe4ilCApmePeuKT869RTcyCQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/zlib-1.2.11.js" integrity="sha512-ltQiYRTMNyL8c4rObU3wsq1IY9qXWlw3ev19xbLZywKhzLy9Ys3QWkUfbokF8V1yZPGdfFqCPLGpbj+D4NhtDA==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/base-x-3.0.7.js" integrity="sha512-/Bi1AJIP0TtxEB+Jh6Hk809H1G7vn4iJV80qagslf0+Hm0UjUi1s3qNrn1kZULjzUYuaf6ck0ndLGJ7MxWLmgQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/base-x-3.0.7.js" integrity="sha512-1PEa62gwxcuweDJX3y/hE5hqV1WwUcKWdXnCPVBPu2J0QoONNH90gJSfKqdQCnsJhjMGNUWH6/UFQs1D3ufczQ==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/rawinflate-0.3.js" integrity="sha512-g8uelGgJW9A/Z1tB6Izxab++oj5kdD7B4qC7DHwZkB6DGMXKyzx7v5mvap2HXueI2IIn08YlRYM56jwWdm2ucQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/rawinflate-0.3.js" integrity="sha512-oC3qyjPVFoECDz+NY8EWEweqMF9Aobh+bxwfQsWTO+75CzsvHkZUZHiFI1iWPnCymurCZ8N1IRiA1lQstakAjw==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/bootstrap-3.3.7.js" integrity="sha512-iztkobsvnjKfAtTNdHkGVjAYTrrtlC7mGp/54c40wowO7LhURYl3gVzzcEqGl/qKXQltJ2HwMrdLcNUdo+N/RQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/bootstrap-3.3.7.js" integrity="sha512-4nvga8iY3PiT8GzEnK/LtrpuOmkQaomlAPaZPldgCzY2OSeEgRI3oaeDln2+BdV6B2nHj4B0oMOlmxa2VbHTUA==" crossorigin="anonymous"></script>
<?php <?php
if ($SYNTAXHIGHLIGHTING): if ($SYNTAXHIGHLIGHTING):
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-puO0Ogy++IoA2Pb9IjSxV1n4+kQkKXYAEUtVzfZpQepyDPyXk8hokiYDS7ybMogYlyyEIwMLpZqVhCkARQWLMg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-8Yo8AyWGdIAIogswah43R44ykWSTkNhgYaR4fsn49WSIsZ6GQF8HgO5ZbomYG7N459Rd2Ycl+JZTmJWovIy5TA==" crossorigin="anonymous"></script>
<?php <?php
endif; endif;
if ($MARKDOWN): if ($MARKDOWN):
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/showdown-1.9.1.js" integrity="sha512-nRri7kqh3iRLdHbhtjfe8w9eAQPmt+ubH5U88UZyKbz6O9Q0q4haaXF0krOUclKmRJou/kKZYulgBHvHXPqOvg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/showdown-1.9.1.js" integrity="sha512-XaY4Yp8taiarnpsT49pd5AWWq9BfheHGV7MTt7ER2N5/rcq3v2DK7lbhdAhMic9eCoOD1cnBIgMCcV85ew4OSA==" crossorigin="anonymous"></script>
<?php <?php
endif; endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/purify-2.0.8.js" integrity="sha512-QwcEKGuEmKtMguCO9pqNtUtZqq9b/tJ8gNr5qhY8hykq3zKTlDOvpZAmf6Rs8yH35Bz1ZdctUjj2qEWxT5aXCg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/purify-2.0.8.js" integrity="sha512-x2Kev3A7fqc/QKCzRHoJ7qCiglgxXtY8WDUMPOUBI6jVueqRkRMGjP1IqD9iUWVuND81ckCCS27Br5M11tw0IA==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-3L/E22cdC3wDFXKM1i32bw4HdrfX14du2xswUKanOY6CLrD+e0hykmLvES+zfBKF1GFQFKr3OmdCVH2y+zHlsA==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-5GFThJ8KstWT1bNvB5JTAAXA+5QCNDv21foF7hSNoAc0oOxrHiUCP1ZlZs9zk4SbdIsmTSGL12Ecdj5CRISYxg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-orzZ0Xa2whu2x2rgs9pUPD3cbbw2kMK9GeCIQPC50/H66tgobl3LjsGNREI6s0porBoJ+Wp6icp+Z1FqyQ/bxA==" crossorigin="anonymous"></script>
<link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" /> <link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" />
<link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" /> <link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" />
<link rel="icon" type="image/png" href="img/favicon-16x16.png?<?php echo rawurlencode($VERSION); ?>" sizes="16x16" /> <link rel="icon" type="image/png" href="img/favicon-16x16.png?<?php echo rawurlencode($VERSION); ?>" sizes="16x16" />

View file

@ -20,37 +20,37 @@ if ($SYNTAXHIGHLIGHTING):
endif; endif;
endif; endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/jquery-3.4.1.js" integrity="sha512-bnIvzh6FU75ZKxp0GXLH9bewza/OIw6dLVh9ICg0gogclmYGguQJWl8U30WpbsGTqbIiAwxTsbe76DErLq5EDQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/jquery-3.4.1.js" integrity="sha512-9anGruNHwVXk3XlsUXFrdEe8Iq5EdB/Otrz+4C+VWtQGPThhPyQRCKPh8+H1QPyu2NmEi5oPuCPACVXPmhnvrQ==" crossorigin="anonymous"></script>
<?php <?php
if ($QRCODE): if ($QRCODE):
?> ?>
<script async type="text/javascript" data-cfasync="false" src="js/kjua-0.6.0.js" integrity="sha512-GEEIHvphDt1NmaxzX8X1ZkBiGKXCv+Ofzwi8SMEH5wQVWqdGIvBO/fnxxKZ90RU1bVp6srS68nHIpZo6iVcG9g==" crossorigin="anonymous"></script> <script async type="text/javascript" data-cfasync="false" src="js/kjua-0.6.0.js" integrity="sha512-mS5pSr1OST+Q29k4J4epdY+UFR9EmQ/mm96tV4QN22NHQPaWAXuDOAEAA9RAPpmY5jY2SDz8lMHN9CPysV/Dsg==" crossorigin="anonymous"></script>
<?php <?php
endif; endif;
if ($ZEROBINCOMPATIBILITY): if ($ZEROBINCOMPATIBILITY):
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/base64-1.7.js" integrity="sha512-JdwsSP3GyHR+jaCkns9CL9NTt4JUJqm/BsODGmYhBcj5EAPKcHYh+OiMfyHbcDLECe17TL0hjXADFkusAqiYgA==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/base64-1.7.js" integrity="sha512-V6V3jxySWm/c62rSuY64hIU1/xYwaeQ+RJQyOzUMiZEMMlZXlnbif6/v/4v3Nck/cch7LylQU8lMplZUnIhSoA==" crossorigin="anonymous"></script>
<?php <?php
endif; endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/zlib-1.2.11.js" integrity="sha512-Yey/0yoaVmSbqMEyyff3DIu8kCPwpHvHf7tY1AuZ1lrX9NPCMg87PwzngMi+VNbe4ilCApmePeuKT869RTcyCQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/zlib-1.2.11.js" integrity="sha512-ltQiYRTMNyL8c4rObU3wsq1IY9qXWlw3ev19xbLZywKhzLy9Ys3QWkUfbokF8V1yZPGdfFqCPLGpbj+D4NhtDA==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/base-x-3.0.7.js" integrity="sha512-/Bi1AJIP0TtxEB+Jh6Hk809H1G7vn4iJV80qagslf0+Hm0UjUi1s3qNrn1kZULjzUYuaf6ck0ndLGJ7MxWLmgQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/base-x-3.0.7.js" integrity="sha512-1PEa62gwxcuweDJX3y/hE5hqV1WwUcKWdXnCPVBPu2J0QoONNH90gJSfKqdQCnsJhjMGNUWH6/UFQs1D3ufczQ==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/rawinflate-0.3.js" integrity="sha512-g8uelGgJW9A/Z1tB6Izxab++oj5kdD7B4qC7DHwZkB6DGMXKyzx7v5mvap2HXueI2IIn08YlRYM56jwWdm2ucQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/rawinflate-0.3.js" integrity="sha512-oC3qyjPVFoECDz+NY8EWEweqMF9Aobh+bxwfQsWTO+75CzsvHkZUZHiFI1iWPnCymurCZ8N1IRiA1lQstakAjw==" crossorigin="anonymous"></script>
<?php <?php
if ($SYNTAXHIGHLIGHTING): if ($SYNTAXHIGHLIGHTING):
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-puO0Ogy++IoA2Pb9IjSxV1n4+kQkKXYAEUtVzfZpQepyDPyXk8hokiYDS7ybMogYlyyEIwMLpZqVhCkARQWLMg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-8Yo8AyWGdIAIogswah43R44ykWSTkNhgYaR4fsn49WSIsZ6GQF8HgO5ZbomYG7N459Rd2Ycl+JZTmJWovIy5TA==" crossorigin="anonymous"></script>
<?php <?php
endif; endif;
if ($MARKDOWN): if ($MARKDOWN):
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/showdown-1.9.1.js" integrity="sha512-nRri7kqh3iRLdHbhtjfe8w9eAQPmt+ubH5U88UZyKbz6O9Q0q4haaXF0krOUclKmRJou/kKZYulgBHvHXPqOvg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/showdown-1.9.1.js" integrity="sha512-XaY4Yp8taiarnpsT49pd5AWWq9BfheHGV7MTt7ER2N5/rcq3v2DK7lbhdAhMic9eCoOD1cnBIgMCcV85ew4OSA==" crossorigin="anonymous"></script>
<?php <?php
endif; endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/purify-2.0.8.js" integrity="sha512-QwcEKGuEmKtMguCO9pqNtUtZqq9b/tJ8gNr5qhY8hykq3zKTlDOvpZAmf6Rs8yH35Bz1ZdctUjj2qEWxT5aXCg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/purify-2.0.8.js" integrity="sha512-x2Kev3A7fqc/QKCzRHoJ7qCiglgxXtY8WDUMPOUBI6jVueqRkRMGjP1IqD9iUWVuND81ckCCS27Br5M11tw0IA==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-3L/E22cdC3wDFXKM1i32bw4HdrfX14du2xswUKanOY6CLrD+e0hykmLvES+zfBKF1GFQFKr3OmdCVH2y+zHlsA==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-5GFThJ8KstWT1bNvB5JTAAXA+5QCNDv21foF7hSNoAc0oOxrHiUCP1ZlZs9zk4SbdIsmTSGL12Ecdj5CRISYxg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-orzZ0Xa2whu2x2rgs9pUPD3cbbw2kMK9GeCIQPC50/H66tgobl3LjsGNREI6s0porBoJ+Wp6icp+Z1FqyQ/bxA==" crossorigin="anonymous"></script>
<link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" /> <link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" />
<link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" /> <link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" />
<link rel="icon" type="image/png" href="img/favicon-16x16.png?<?php echo rawurlencode($VERSION); ?>" sizes="16x16" /> <link rel="icon" type="image/png" href="img/favicon-16x16.png?<?php echo rawurlencode($VERSION); ?>" sizes="16x16" />