Merge branch '162' into encrypt-browser
This commit is contained in:
commit
8516a3f4a4
@ -228,7 +228,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||||||
'<': '<',
|
'<': '<',
|
||||||
'>': '>',
|
'>': '>',
|
||||||
'"': '"',
|
'"': '"',
|
||||||
"'": ''',
|
'\'': ''',
|
||||||
'/': '/',
|
'/': '/',
|
||||||
'`': '`',
|
'`': '`',
|
||||||
'=': '='
|
'=': '='
|
||||||
@ -1512,7 +1512,12 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||||||
me.getPasteKey = function()
|
me.getPasteKey = function()
|
||||||
{
|
{
|
||||||
if (symmetricKey === null) {
|
if (symmetricKey === null) {
|
||||||
let newKey = window.location.hash.substring(1);
|
let pos = 1;
|
||||||
|
const pt = '#protected/';
|
||||||
|
if(window.location.hash.startsWith(pt)) {
|
||||||
|
pos = pt.length;
|
||||||
|
}
|
||||||
|
let newKey = window.location.hash.substring(pos);
|
||||||
if (newKey === '') {
|
if (newKey === '') {
|
||||||
throw 'no encryption key given';
|
throw 'no encryption key given';
|
||||||
}
|
}
|
||||||
@ -2237,7 +2242,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||||||
* @function
|
* @function
|
||||||
* @param {Event} event
|
* @param {Event} event
|
||||||
*/
|
*/
|
||||||
function submitPasswordModal(event)
|
async function submitPasswordModal(event)
|
||||||
{
|
{
|
||||||
event.preventDefault();
|
event.preventDefault();
|
||||||
|
|
||||||
@ -2247,6 +2252,34 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||||||
// hide modal
|
// hide modal
|
||||||
$passwordModal.modal('hide');
|
$passwordModal.modal('hide');
|
||||||
|
|
||||||
|
// check if protected pathname
|
||||||
|
const url = new URL(window.location);
|
||||||
|
|
||||||
|
// if protected request password
|
||||||
|
if(url.hash.startsWith('#protected/')) {
|
||||||
|
const pt = '#protected/';
|
||||||
|
let pos = pt.length;
|
||||||
|
let newKey = window.location.hash.substring(pos);
|
||||||
|
if (newKey === '') {
|
||||||
|
throw 'no encryption key given';
|
||||||
|
}
|
||||||
|
|
||||||
|
// Some web 2.0 services and redirectors add data AFTER the anchor
|
||||||
|
// (such as &utm_source=...). We will strip any additional data.
|
||||||
|
let ampersandPos = newKey.indexOf('&');
|
||||||
|
if (ampersandPos > -1)
|
||||||
|
{
|
||||||
|
newKey = newKey.substring(0, ampersandPos);
|
||||||
|
}
|
||||||
|
const enc = CryptTool.base58decode(newKey).padStart(32, '\u0000');
|
||||||
|
const dt = JSON.parse(enc);
|
||||||
|
const cipherdata = [dt.ct, dt.adata]
|
||||||
|
|
||||||
|
const plaindata = await CryptTool.decipher(dt.k, password, cipherdata);
|
||||||
|
window.location.replace(Helper.baseUri() + plaindata);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
PasteDecrypter.run();
|
PasteDecrypter.run();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -4818,16 +4851,43 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||||||
* @param {int} status
|
* @param {int} status
|
||||||
* @param {object} data
|
* @param {object} data
|
||||||
*/
|
*/
|
||||||
function showCreatedPaste(status, data) {
|
async function showCreatedPaste(status, data) {
|
||||||
Alert.hideLoading();
|
Alert.hideLoading();
|
||||||
Alert.hideMessages();
|
Alert.hideMessages();
|
||||||
|
|
||||||
// show notification
|
// show notification
|
||||||
const baseUri = Helper.baseUri() + '?',
|
const baseUri = Helper.baseUri(),
|
||||||
url = baseUri + data.id + '#' + CryptTool.base58encode(data.encryptionKey),
|
deleteUrl = baseUri + '?pasteid=' + data.id + '&deletetoken=' + data.deletetoken;
|
||||||
deleteUrl = baseUri + 'pasteid=' + data.id + '&deletetoken=' + data.deletetoken;
|
let url;
|
||||||
|
|
||||||
|
const pw = TopNav.getPassword()
|
||||||
|
|
||||||
|
if(pw && pw.length) {
|
||||||
|
|
||||||
|
const sm = CryptTool.getSymmetricKey();
|
||||||
|
|
||||||
|
let openUri = '?' + data.id + '#' + CryptTool.base58encode(data.encryptionKey);
|
||||||
|
let cipherResult = await CryptTool.cipher(sm, pw, openUri, []);
|
||||||
|
|
||||||
|
let dt = {}
|
||||||
|
dt['v'] = 2;
|
||||||
|
dt['ct'] = cipherResult[0];
|
||||||
|
dt['adata'] = cipherResult[1];
|
||||||
|
dt['k'] = sm;
|
||||||
|
|
||||||
|
const encUrl = CryptTool.base58encode(JSON.stringify(dt))
|
||||||
|
|
||||||
|
url = baseUri + '#protected/' + encUrl;
|
||||||
|
} else {
|
||||||
|
url = baseUri + '?' + data.id + '#' + CryptTool.base58encode(data.encryptionKey);
|
||||||
|
}
|
||||||
|
|
||||||
PasteStatus.createPasteNotification(url, deleteUrl);
|
PasteStatus.createPasteNotification(url, deleteUrl);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// show new URL in browser bar
|
// show new URL in browser bar
|
||||||
history.pushState({type: 'newpaste'}, document.title, url);
|
history.pushState({type: 'newpaste'}, document.title, url);
|
||||||
|
|
||||||
@ -4972,7 +5032,9 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||||||
|
|
||||||
// prepare server interaction
|
// prepare server interaction
|
||||||
ServerInteraction.prepare();
|
ServerInteraction.prepare();
|
||||||
ServerInteraction.setCryptParameters(TopNav.getPassword());
|
// This is not needed when encrypting browser side
|
||||||
|
// ServerInteraction.setCryptParameters(TopNav.getPassword());
|
||||||
|
ServerInteraction.setCryptParameters('');
|
||||||
|
|
||||||
// set success/fail functions
|
// set success/fail functions
|
||||||
ServerInteraction.setSuccess(showCreatedPaste);
|
ServerInteraction.setSuccess(showCreatedPaste);
|
||||||
@ -5558,6 +5620,16 @@ jQuery.PrivateBin = (function($, RawDeflate) {
|
|||||||
try {
|
try {
|
||||||
Model.getPasteId();
|
Model.getPasteId();
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
|
|
||||||
|
// check if protected pathname
|
||||||
|
const url = new URL(window.location);
|
||||||
|
|
||||||
|
// if protected request password
|
||||||
|
if(url.hash.startsWith('#protected/')) {
|
||||||
|
return Prompt.requestPassword();
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
// otherwise create a new paste
|
// otherwise create a new paste
|
||||||
return me.newPaste();
|
return me.newPaste();
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user