Merge branch master into httpinsecure
This commit is contained in:
El RIDO
commit
748b85e025
@ -4552,6 +4552,70 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||||||
return me;
|
return me;
|
||||||
})();
|
})();
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* initial (security) check
|
||||||
|
*
|
||||||
|
* @name InitialCheck
|
||||||
|
* @param {object} window
|
||||||
|
* @param {object} document
|
||||||
|
* @class
|
||||||
|
*/
|
||||||
|
var InitialCheck = (function (window, document) {
|
||||||
|
var me = {};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* check if the connection is insecure
|
||||||
|
*
|
||||||
|
* @private
|
||||||
|
* @name InitialCheck.isInsecureConnection
|
||||||
|
* @function
|
||||||
|
*/
|
||||||
|
function isInsecureConnection()
|
||||||
|
{
|
||||||
|
const url = new URL(document.URL);
|
||||||
|
|
||||||
|
// HTTP is obviously insecure
|
||||||
|
if (url.protocol !== 'http:') {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// filter out actually secure connections over HTTP
|
||||||
|
if (
|
||||||
|
url.hostname.endsWith('.onion') ||
|
||||||
|
url.hostname.endsWith('.i2p')
|
||||||
|
) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// whitelist localhost for development
|
||||||
|
if (
|
||||||
|
url.hostname === 'localhost' ||
|
||||||
|
url.hostname === '127.0.0.1'
|
||||||
|
) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// totally INSECURE http protocol!
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* init on application start
|
||||||
|
*
|
||||||
|
* @name InitialCheck.init
|
||||||
|
* @function
|
||||||
|
*/
|
||||||
|
me.init = function()
|
||||||
|
{
|
||||||
|
if (isInsecureConnection()) {
|
||||||
|
Alert.showError('This instance is using an insecure connection! Please only use this for testing.');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return me;
|
||||||
|
})(window, document);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* (controller) main PrivateBin logic
|
* (controller) main PrivateBin logic
|
||||||
*
|
*
|
||||||
@ -4747,6 +4811,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||||||
Prompt.init();
|
Prompt.init();
|
||||||
TopNav.init();
|
TopNav.init();
|
||||||
UiHelper.init();
|
UiHelper.init();
|
||||||
|
InitialCheck.init();
|
||||||
z = (await zlib);
|
z = (await zlib);
|
||||||
|
|
||||||
// check whether existing paste needs to be shown
|
// check whether existing paste needs to be shown
|
||||||
@ -4794,6 +4859,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||||||
ServerInteraction: ServerInteraction,
|
ServerInteraction: ServerInteraction,
|
||||||
PasteEncrypter: PasteEncrypter,
|
PasteEncrypter: PasteEncrypter,
|
||||||
PasteDecrypter: PasteDecrypter,
|
PasteDecrypter: PasteDecrypter,
|
||||||
|
InitialCheck: InitialCheck,
|
||||||
Controller: Controller
|
Controller: Controller
|
||||||
};
|
};
|
||||||
})(jQuery, RawDeflate);
|
})(jQuery, RawDeflate);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user