Chapril/paste.chapril.org-privatebin
Chapril
/
paste.chapril.org-privatebin
24
0
Fork 0
Code Issues Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into php8

This commit is contained in:
github-actions[bot] 2022-11-03 18:55:30 +00:00
parent a731a1143c 66600e5eb3
commit ba5c859d85
5 changed files with 29 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
cfg/conf.sample.php
View File

@ -7,9 +7,10 @@
; (optional) set a project name to be displayed on the website
; name = "PrivateBin"
; The full URL, with the domain name and directories that point to the PrivateBin files
; This URL is essential to allow Opengraph images to be displayed on social networks
; basepath = ""
; The full URL, with the domain name and directories that point to the
; PrivateBin files, including an ending slash (/). This URL is essential to
; allow Opengraph images to be displayed on social networks.
; basepath = "https://privatebin.example.com/"
; enable or disable the discussion feature, defaults to true
discussion = true
@ -55,9 +56,9 @@ languageselection = false
; if this is set and language selection is disabled, this will be the only language
; languagedefault = "en"
; (optional) URL shortener address to offer after a new paste is created
; it is suggested to only use this with self-hosted shorteners as this will leak
; the pastes encryption key
; (optional) URL shortener address to offer after a new paste is created.
; It is suggested to only use this with self-hosted shorteners as this will leak
; the pastes encryption key.
; urlshortener = "https://shortener.example.com/api?link="
; (optional) Let users create a QR code for sharing the paste URL with one click.
@ -230,18 +231,18 @@ dir = PATH "data"
;secretkey = "secret access key"
[yourls]
; don't mix this up with "urlshortener" config item:
; - when using a standard configuration, "urlshortener" will point to the YOURLS
; API, including access credentials, and will be part of the PrivateBin public
; web page (insecure!)
; - when using the parameters in this section ("signature" and "apiurl"),
; "urlshortener" will point to a fixed PrivateBin page
; ("$basepath/shortenviayourls?link=") and that URL will in turn call YOURLS
; server-side, using the URL from "apiurl" and the "access signature" from the
; "signature" parameters below.
; When using YOURLS as a "urlshortener" config item:
; - By default, "urlshortener" will point to the YOURLS API URL, with or without
; credentials, and will be visible in public on the PrivateBin web page.
; Only use this if you allow short URL creation without credentials.
; - Alternatively, using the parameters in this section ("signature" and
; "apiurl"), "urlshortener" needs to point to the base URL of your PrivateBin
; instance with "shortenviayourls?link=" appended. For example:
; urlshortener = "${basepath}shortenviayourls?link="
; This URL will in turn call YOURLS on the server side, using the URL from
; "apiurl" and the "access signature" from the "signature" parameters below.
; (optional) the "signature" (access key) issued by YOURLS for the using account
; signature = ""
; (optional) the URL of the YOURLS API, called to shorten a PrivateBin URL
; apiurl = ""
; apiurl = "https://yourls.example.com/yourls-api.php"

8
lib/Configuration.php
View File

@ -236,6 +236,14 @@ class Configuration
if (!array_key_exists($this->_configuration['expire']['default'], $this->_configuration['expire_options'])) {
$this->_configuration['expire']['default'] = key($this->_configuration['expire_options']);
}
// ensure the basepath ends in a slash, if one is set
if (
strlen($this->_configuration['main']['basepath']) &&
substr_compare($this->_configuration['main']['basepath'], '/', -1) !== 0
) {
$this->_configuration['main']['basepath'] .= '/';
}
}
/**

2
lib/YourlsProxy.php
View File

@ -48,7 +48,7 @@ class YourlsProxy
*/
public function __construct(Configuration $conf, $link)
{
if (strpos($link, $conf->getKey('basepath') . '/?') === false) {
if (strpos($link, $conf->getKey('basepath') . '?') === false) {
$this->_error = 'Trying to shorten a URL that isn\'t pointing at our instance.';
return;
}

2
tst/JsonApiTest.php
View File

@ -273,7 +273,7 @@ class JsonApiTest extends TestCase
{
$mock_yourls_service = $this->_path . DIRECTORY_SEPARATOR . 'yourls.json';
$options = parse_ini_file(CONF, true);
$options['main']['basepath'] = 'https://example.com/path';
$options['main']['basepath'] = 'https://example.com/path'; // missing slash gets added by Configuration constructor
$options['main']['urlshortener'] = 'https://example.com/path/shortenviayourls?link=';
$options['yourls']['apiurl'] = $mock_yourls_service;
Helper::createIniFile(CONF, $options);

2
tst/YourlsProxyTest.php
View File

@ -21,7 +21,7 @@ class YourlsProxyTest extends TestCase
}
$this->_mock_yourls_service = $this->_path . DIRECTORY_SEPARATOR . 'yourls.json';
$options = parse_ini_file(CONF_SAMPLE, true);
$options['main']['basepath'] = 'https://example.com';
$options['main']['basepath'] = 'https://example.com/';
$options['main']['urlshortener'] = 'https://example.com/shortenviayourls?link=';
$options['yourls']['apiurl'] = $this->_mock_yourls_service;
Helper::confBackup();