From dc193f75554e7ef5ef1f8fb890e3e90434e78e6b Mon Sep 17 00:00:00 2001
From: El RIDO <elrido@gmx.net>
Date: Sun, 23 Jun 2019 09:54:48 +0200
Subject: [PATCH] Revert "removing exceptions - in these cases server admins
 can opt to disable the warning message in the configuration"

This reverts commit d0365faf769ddadd0f1322d54ad3da6323bd3ebf.
---
 js/privatebin.js  | 19 +++++++++++++++++++
 tpl/bootstrap.php |  2 +-
 tpl/page.php      |  2 +-
 3 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/js/privatebin.js b/js/privatebin.js
index 2d330622..c2085f9b 100644
--- a/js/privatebin.js
+++ b/js/privatebin.js
@@ -4538,10 +4538,29 @@ jQuery.PrivateBin = (function($, RawDeflate) {
             }
 
             const url = new URL(window.location);
+
             // HTTP is obviously insecure
             if (url.protocol !== 'http:') {
                 return false;
             }
+
+            // filter out actually secure connections over HTTP
+            if (
+                url.hostname.endsWith('.onion') ||
+                url.hostname.endsWith('.i2p')
+            ) {
+                return false;
+            }
+
+            // whitelist localhost for development
+            if (
+                url.hostname === 'localhost' ||
+                url.hostname === '127.0.0.1'
+            ) {
+                return false;
+            }
+
+            // totally INSECURE http protocol!
             return true;
         }
 
diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php
index b60a9ce2..45b231e4 100644
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@@ -72,7 +72,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.10.js" integrity="sha512-CqskSFXERL38A1PJP9BlO04me7kmwgDIhN1+k24RoFiisEwXA0BMdm0lzJC7g5jCRZ4k5OYdOJGEqW9CwDl4CA==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-0Vv7H6Clyx/hCJ0CZGXO+aJr6UERFwpxHXhhqfYyQNTj0F7pZKAYFrKePW3xn/EZVAUvUXnVmVCRFuziKkcOYg==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-5gKAd6tYYmYAFpoLXkuB0nmvFrNpgK9E79RrlwEfde/aWrdAczlD6lL06IFg0E00vUajgMzxM3WlTw25M7lFLw==" crossorigin="anonymous"></script>
 		<!--[if IE]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
 		<![endif]-->
diff --git a/tpl/page.php b/tpl/page.php
index 32e662b9..aaddba1f 100644
--- a/tpl/page.php
+++ b/tpl/page.php
@@ -50,7 +50,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.10.js" integrity="sha512-CqskSFXERL38A1PJP9BlO04me7kmwgDIhN1+k24RoFiisEwXA0BMdm0lzJC7g5jCRZ4k5OYdOJGEqW9CwDl4CA==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-0Vv7H6Clyx/hCJ0CZGXO+aJr6UERFwpxHXhhqfYyQNTj0F7pZKAYFrKePW3xn/EZVAUvUXnVmVCRFuziKkcOYg==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-5gKAd6tYYmYAFpoLXkuB0nmvFrNpgK9E79RrlwEfde/aWrdAczlD6lL06IFg0E00vUajgMzxM3WlTw25M7lFLw==" crossorigin="anonymous"></script>
 		<!--[if IE]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
 		<![endif]-->