diff --git a/js/common.js b/js/common.js index 9f8a11f6..f593f0c7 100644 --- a/js/common.js +++ b/js/common.js @@ -5,7 +5,7 @@ global.assert = require('assert'); global.jsc = require('jsverify'); global.jsdom = require('jsdom-global'); global.cleanup = global.jsdom(); -global.window.URL = require('jsdom-url'); +global.URL = require('jsdom-url').URL; global.fs = require('fs'); global.WebCrypto = require('node-webcrypto-ossl'); diff --git a/js/privatebin.js b/js/privatebin.js index a43e1cb0..45bd2501 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -1196,30 +1196,20 @@ jQuery.PrivateBin = (function($, RawDeflate) { } // do use URL interface, if possible - if (window.URL && window.URL.prototype && ('searchParams' in window.URL.prototype)) { - try { - const url = new URL(window.location); + const url = new URL(window.location); - for (const param of url.searchParams) { - const key = param[0]; - const value = param[1]; + for (const param of url.searchParams) { + const key = param[0]; + const value = param[1]; - if (value === '' && idRegEx.test(key)) { - // safe, as the whole regex is matched - id = key; - return id; - } - } - } catch (e) { - // fallback below - console.error('URL interface not properly supported, error:', e); + if (value === '' && idRegEx.test(key)) { + // safe, as the whole regex is matched + id = key; + return key; } } - // Attention: This also returns the delete token inside of the ID, if it is specified - id = (window.location.search.match(idRegExFind) || [''])[0]; - - if (id === '') { + if (id === null) { throw 'no paste id given'; } @@ -4587,7 +4577,7 @@ jQuery.PrivateBin = (function($, RawDeflate) { */ function isInsecureConnection() { - const url = new URL(document.URL); + const url = new URL(window.location); // HTTP is obviously insecure if (url.protocol !== 'http:') { diff --git a/js/test/Model.js b/js/test/Model.js index 57aa22ec..cfcd6dba 100644 --- a/js/test/Model.js +++ b/js/test/Model.js @@ -93,8 +93,9 @@ describe('Model', function () { clean = jsdom('', { url: schema.join('') + '://' + address.join('') + '/?' + queryString + '#' + fragment - }), - result = $.PrivateBin.Model.getPasteId(); + }); + global.URL = require('jsdom-url').URL; + var result = $.PrivateBin.Model.getPasteId(); $.PrivateBin.Model.reset(); clean(); return pasteIdString === result; @@ -111,6 +112,7 @@ describe('Model', function () { '/#' + fragment }), result = false; + global.URL = require('jsdom-url').URL; try { $.PrivateBin.Model.getPasteId(); } diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php index ab7da24e..08c8739e 100644 --- a/tpl/bootstrap.php +++ b/tpl/bootstrap.php @@ -72,7 +72,7 @@ if ($MARKDOWN): endif; ?> - + diff --git a/tpl/page.php b/tpl/page.php index 9e54e228..8947d533 100644 --- a/tpl/page.php +++ b/tpl/page.php @@ -50,7 +50,7 @@ if ($MARKDOWN): endif; ?> - +