adding subresource integrity hashes for all javascript includes, resolves #6
This commit is contained in:
El RIDO
parent
f957a1868f
commit
f72e260ee7
@ -436,7 +436,7 @@ class PrivateBin
|
|||||||
$page->assign('BURNAFTERREADINGSELECTED', $this->_conf->getKey('burnafterreadingselected'));
|
$page->assign('BURNAFTERREADINGSELECTED', $this->_conf->getKey('burnafterreadingselected'));
|
||||||
$page->assign('PASSWORD', $this->_conf->getKey('password'));
|
$page->assign('PASSWORD', $this->_conf->getKey('password'));
|
||||||
$page->assign('FILEUPLOAD', $this->_conf->getKey('fileupload'));
|
$page->assign('FILEUPLOAD', $this->_conf->getKey('fileupload'));
|
||||||
$page->assign('BASE64JSVERSION', $this->_conf->getKey('zerobincompatibility') ? '1.7' : '2.1.9');
|
$page->assign('ZEROBINCOMPATIBILITY', $this->_conf->getKey('zerobincompatibility'));
|
||||||
$page->assign('LANGUAGESELECTION', $languageselection);
|
$page->assign('LANGUAGESELECTION', $languageselection);
|
||||||
$page->assign('LANGUAGES', I18n::getLanguageLabels(I18n::getAvailableLanguages()));
|
$page->assign('LANGUAGES', I18n::getLanguageLabels(I18n::getAvailableLanguages()));
|
||||||
$page->assign('EXPIRE', $expire);
|
$page->assign('EXPIRE', $expire);
|
||||||
|
|||||||
@ -23,25 +23,35 @@ if ($SYNTAXHIGHLIGHTING):
|
|||||||
endif;
|
endif;
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/jquery-1.11.3.js"></script>
|
<script type="text/javascript" src="js/jquery-1.11.3.js" integrity="sha512-xAERw8wHVOkM9x9y9/FvQ7g1t+gIQj39mfkN1Rd1OLcC5k/x2e6NO8hq6qEbb3oO+CYYTjVLFiFYg5/7ddF0zA==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/sjcl-1.0.4.js"></script>
|
<script type="text/javascript" src="js/sjcl-1.0.4.js" integrity="sha512-BqVQ8GgWfMCcdsDuP6Ggm1BV7+mmoWH3PC4UqcYpEKSdEq1rthy6NUsa6gu5sydewbi/ilI3E3ohdCxlPPF9ww==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/base64-<?php echo rawurlencode($BASE64JSVERSION); ?>.js"></script>
|
<?php
|
||||||
<script type="text/javascript" src="js/rawdeflate-0.5.js"></script>
|
if ($ZEROBINCOMPATIBILITY):
|
||||||
<script type="text/javascript" src="js/rawinflate-0.3.js"></script>
|
?>
|
||||||
<script type="text/javascript" src="js/bootstrap-3.3.5.js"></script>
|
<script type="text/javascript" src="js/base64-1.7.js" integrity="sha512-JdwsSP3GyHR+jaCkns9CL9NTt4JUJqm/BsODGmYhBcj5EAPKcHYh+OiMfyHbcDLECe17TL0hjXADFkusAqiYgA==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
else:
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/base64-2.1.9.js" integrity="sha512-rbqAby7hObftbEoGQzkhUbEh5YkUn2MtekTLs4btvo2oly4CZ3DxhJzEh0u/rNzS54tcJdqi5Ug1ruugEd2U1g==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/rawdeflate-0.5.js" integrity="sha512-tTdZ7qMr7tt5VQy4iCHu6/aGB12eRwbUy+AEI5rXntfsjcRfBeeqJloMsBU9FrGk1bIYLiuND/FhU42LO1bi0g==" crossorigin="anonymous"></script>
|
||||||
|
<script type="text/javascript" src="js/rawinflate-0.3.js" integrity="sha512-g8uelGgJW9A/Z1tB6Izxab++oj5kdD7B4qC7DHwZkB6DGMXKyzx7v5mvap2HXueI2IIn08YlRYM56jwWdm2ucQ==" crossorigin="anonymous"></script>
|
||||||
|
<script type="text/javascript" src="js/bootstrap-3.3.5.js" integrity="sha512-/W33QnLmSAP1fwINS9iXgB6s/VOIG9GVdIuIYaUtbSvKPMv5S08PtT3PqnT2WjwBgB8DFeDN2nqJroqQYF7SwQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
if ($SYNTAXHIGHLIGHTING):
|
if ($SYNTAXHIGHLIGHTING):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-m8iHxoN+Fe12xxFwWNdY/TS4KoFntHp29qY0xUzBnPd0bkKMOR/dFhEdTWydpt0b/fIXyhB+znGYUvgjfJ2RzQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
if ($MARKDOWN):
|
if ($MARKDOWN):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/showdown-1.4.1.js"></script>
|
<script type="text/javascript" src="js/showdown-1.4.1.js" integrity="sha512-Kbz1FIlDnqUJu/3yW8H8USzURA3JuUqSKRwz13lM4kWt6C0n6s4tjl81PCfnWtE4gBIzyj5uGePcfUyotk/icw==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
|
||||||
<!--[if lt IE 10]>
|
<!--[if lt IE 10]>
|
||||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||||
<![endif]-->
|
<![endif]-->
|
||||||
|
|||||||
@ -23,25 +23,35 @@ if ($SYNTAXHIGHLIGHTING):
|
|||||||
endif;
|
endif;
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/jquery-1.11.3.js"></script>
|
<script type="text/javascript" src="js/jquery-1.11.3.js" integrity="sha512-xAERw8wHVOkM9x9y9/FvQ7g1t+gIQj39mfkN1Rd1OLcC5k/x2e6NO8hq6qEbb3oO+CYYTjVLFiFYg5/7ddF0zA==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/sjcl-1.0.4.js"></script>
|
<script type="text/javascript" src="js/sjcl-1.0.4.js" integrity="sha512-BqVQ8GgWfMCcdsDuP6Ggm1BV7+mmoWH3PC4UqcYpEKSdEq1rthy6NUsa6gu5sydewbi/ilI3E3ohdCxlPPF9ww==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/base64-<?php echo rawurlencode($BASE64JSVERSION); ?>.js"></script>
|
<?php
|
||||||
<script type="text/javascript" src="js/rawdeflate-0.5.js"></script>
|
if ($ZEROBINCOMPATIBILITY):
|
||||||
<script type="text/javascript" src="js/rawinflate-0.3.js"></script>
|
?>
|
||||||
<script type="text/javascript" src="js/bootstrap-3.3.5.js"></script>
|
<script type="text/javascript" src="js/base64-1.7.js" integrity="sha512-JdwsSP3GyHR+jaCkns9CL9NTt4JUJqm/BsODGmYhBcj5EAPKcHYh+OiMfyHbcDLECe17TL0hjXADFkusAqiYgA==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
else:
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/base64-2.1.9.js" integrity="sha512-rbqAby7hObftbEoGQzkhUbEh5YkUn2MtekTLs4btvo2oly4CZ3DxhJzEh0u/rNzS54tcJdqi5Ug1ruugEd2U1g==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/rawdeflate-0.5.js" integrity="sha512-tTdZ7qMr7tt5VQy4iCHu6/aGB12eRwbUy+AEI5rXntfsjcRfBeeqJloMsBU9FrGk1bIYLiuND/FhU42LO1bi0g==" crossorigin="anonymous"></script>
|
||||||
|
<script type="text/javascript" src="js/rawinflate-0.3.js" integrity="sha512-g8uelGgJW9A/Z1tB6Izxab++oj5kdD7B4qC7DHwZkB6DGMXKyzx7v5mvap2HXueI2IIn08YlRYM56jwWdm2ucQ==" crossorigin="anonymous"></script>
|
||||||
|
<script type="text/javascript" src="js/bootstrap-3.3.5.js" integrity="sha512-/W33QnLmSAP1fwINS9iXgB6s/VOIG9GVdIuIYaUtbSvKPMv5S08PtT3PqnT2WjwBgB8DFeDN2nqJroqQYF7SwQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
if ($SYNTAXHIGHLIGHTING):
|
if ($SYNTAXHIGHLIGHTING):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-m8iHxoN+Fe12xxFwWNdY/TS4KoFntHp29qY0xUzBnPd0bkKMOR/dFhEdTWydpt0b/fIXyhB+znGYUvgjfJ2RzQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
if ($MARKDOWN):
|
if ($MARKDOWN):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/showdown-1.4.1.js"></script>
|
<script type="text/javascript" src="js/showdown-1.4.1.js" integrity="sha512-Kbz1FIlDnqUJu/3yW8H8USzURA3JuUqSKRwz13lM4kWt6C0n6s4tjl81PCfnWtE4gBIzyj5uGePcfUyotk/icw==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
|
||||||
<!--[if lt IE 10]>
|
<!--[if lt IE 10]>
|
||||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||||
<![endif]-->
|
<![endif]-->
|
||||||
|
|||||||
@ -23,25 +23,35 @@ if ($SYNTAXHIGHLIGHTING):
|
|||||||
endif;
|
endif;
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/jquery-1.11.3.js"></script>
|
<script type="text/javascript" src="js/jquery-1.11.3.js" integrity="sha512-xAERw8wHVOkM9x9y9/FvQ7g1t+gIQj39mfkN1Rd1OLcC5k/x2e6NO8hq6qEbb3oO+CYYTjVLFiFYg5/7ddF0zA==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/sjcl-1.0.4.js"></script>
|
<script type="text/javascript" src="js/sjcl-1.0.4.js" integrity="sha512-BqVQ8GgWfMCcdsDuP6Ggm1BV7+mmoWH3PC4UqcYpEKSdEq1rthy6NUsa6gu5sydewbi/ilI3E3ohdCxlPPF9ww==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/base64-<?php echo rawurlencode($BASE64JSVERSION); ?>.js"></script>
|
<?php
|
||||||
<script type="text/javascript" src="js/rawdeflate-0.5.js"></script>
|
if ($ZEROBINCOMPATIBILITY):
|
||||||
<script type="text/javascript" src="js/rawinflate-0.3.js"></script>
|
?>
|
||||||
<script type="text/javascript" src="js/bootstrap-3.3.5.js"></script>
|
<script type="text/javascript" src="js/base64-1.7.js" integrity="sha512-JdwsSP3GyHR+jaCkns9CL9NTt4JUJqm/BsODGmYhBcj5EAPKcHYh+OiMfyHbcDLECe17TL0hjXADFkusAqiYgA==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
else:
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/base64-2.1.9.js" integrity="sha512-rbqAby7hObftbEoGQzkhUbEh5YkUn2MtekTLs4btvo2oly4CZ3DxhJzEh0u/rNzS54tcJdqi5Ug1ruugEd2U1g==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/rawdeflate-0.5.js" integrity="sha512-tTdZ7qMr7tt5VQy4iCHu6/aGB12eRwbUy+AEI5rXntfsjcRfBeeqJloMsBU9FrGk1bIYLiuND/FhU42LO1bi0g==" crossorigin="anonymous"></script>
|
||||||
|
<script type="text/javascript" src="js/rawinflate-0.3.js" integrity="sha512-g8uelGgJW9A/Z1tB6Izxab++oj5kdD7B4qC7DHwZkB6DGMXKyzx7v5mvap2HXueI2IIn08YlRYM56jwWdm2ucQ==" crossorigin="anonymous"></script>
|
||||||
|
<script type="text/javascript" src="js/bootstrap-3.3.5.js" integrity="sha512-/W33QnLmSAP1fwINS9iXgB6s/VOIG9GVdIuIYaUtbSvKPMv5S08PtT3PqnT2WjwBgB8DFeDN2nqJroqQYF7SwQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
if ($SYNTAXHIGHLIGHTING):
|
if ($SYNTAXHIGHLIGHTING):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-m8iHxoN+Fe12xxFwWNdY/TS4KoFntHp29qY0xUzBnPd0bkKMOR/dFhEdTWydpt0b/fIXyhB+znGYUvgjfJ2RzQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
if ($MARKDOWN):
|
if ($MARKDOWN):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/showdown-1.4.1.js"></script>
|
<script type="text/javascript" src="js/showdown-1.4.1.js" integrity="sha512-Kbz1FIlDnqUJu/3yW8H8USzURA3JuUqSKRwz13lM4kWt6C0n6s4tjl81PCfnWtE4gBIzyj5uGePcfUyotk/icw==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
|
||||||
<!--[if lt IE 10]>
|
<!--[if lt IE 10]>
|
||||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||||
<![endif]-->
|
<![endif]-->
|
||||||
|
|||||||
@ -23,25 +23,35 @@ if ($SYNTAXHIGHLIGHTING):
|
|||||||
endif;
|
endif;
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/jquery-1.11.3.js"></script>
|
<script type="text/javascript" src="js/jquery-1.11.3.js" integrity="sha512-xAERw8wHVOkM9x9y9/FvQ7g1t+gIQj39mfkN1Rd1OLcC5k/x2e6NO8hq6qEbb3oO+CYYTjVLFiFYg5/7ddF0zA==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/sjcl-1.0.4.js"></script>
|
<script type="text/javascript" src="js/sjcl-1.0.4.js" integrity="sha512-BqVQ8GgWfMCcdsDuP6Ggm1BV7+mmoWH3PC4UqcYpEKSdEq1rthy6NUsa6gu5sydewbi/ilI3E3ohdCxlPPF9ww==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/base64-<?php echo rawurlencode($BASE64JSVERSION); ?>.js"></script>
|
<?php
|
||||||
<script type="text/javascript" src="js/rawdeflate-0.5.js"></script>
|
if ($ZEROBINCOMPATIBILITY):
|
||||||
<script type="text/javascript" src="js/rawinflate-0.3.js"></script>
|
?>
|
||||||
<script type="text/javascript" src="js/bootstrap-3.3.5.js"></script>
|
<script type="text/javascript" src="js/base64-1.7.js" integrity="sha512-JdwsSP3GyHR+jaCkns9CL9NTt4JUJqm/BsODGmYhBcj5EAPKcHYh+OiMfyHbcDLECe17TL0hjXADFkusAqiYgA==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
else:
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/base64-2.1.9.js" integrity="sha512-rbqAby7hObftbEoGQzkhUbEh5YkUn2MtekTLs4btvo2oly4CZ3DxhJzEh0u/rNzS54tcJdqi5Ug1ruugEd2U1g==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/rawdeflate-0.5.js" integrity="sha512-tTdZ7qMr7tt5VQy4iCHu6/aGB12eRwbUy+AEI5rXntfsjcRfBeeqJloMsBU9FrGk1bIYLiuND/FhU42LO1bi0g==" crossorigin="anonymous"></script>
|
||||||
|
<script type="text/javascript" src="js/rawinflate-0.3.js" integrity="sha512-g8uelGgJW9A/Z1tB6Izxab++oj5kdD7B4qC7DHwZkB6DGMXKyzx7v5mvap2HXueI2IIn08YlRYM56jwWdm2ucQ==" crossorigin="anonymous"></script>
|
||||||
|
<script type="text/javascript" src="js/bootstrap-3.3.5.js" integrity="sha512-/W33QnLmSAP1fwINS9iXgB6s/VOIG9GVdIuIYaUtbSvKPMv5S08PtT3PqnT2WjwBgB8DFeDN2nqJroqQYF7SwQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
if ($SYNTAXHIGHLIGHTING):
|
if ($SYNTAXHIGHLIGHTING):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-m8iHxoN+Fe12xxFwWNdY/TS4KoFntHp29qY0xUzBnPd0bkKMOR/dFhEdTWydpt0b/fIXyhB+znGYUvgjfJ2RzQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
if ($MARKDOWN):
|
if ($MARKDOWN):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/showdown-1.4.1.js"></script>
|
<script type="text/javascript" src="js/showdown-1.4.1.js" integrity="sha512-Kbz1FIlDnqUJu/3yW8H8USzURA3JuUqSKRwz13lM4kWt6C0n6s4tjl81PCfnWtE4gBIzyj5uGePcfUyotk/icw==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
|
||||||
<!--[if lt IE 10]>
|
<!--[if lt IE 10]>
|
||||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||||
<![endif]-->
|
<![endif]-->
|
||||||
|
|||||||
@ -23,25 +23,35 @@ if ($SYNTAXHIGHLIGHTING):
|
|||||||
endif;
|
endif;
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/jquery-1.11.3.js"></script>
|
<script type="text/javascript" src="js/jquery-1.11.3.js" integrity="sha512-xAERw8wHVOkM9x9y9/FvQ7g1t+gIQj39mfkN1Rd1OLcC5k/x2e6NO8hq6qEbb3oO+CYYTjVLFiFYg5/7ddF0zA==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/sjcl-1.0.4.js"></script>
|
<script type="text/javascript" src="js/sjcl-1.0.4.js" integrity="sha512-BqVQ8GgWfMCcdsDuP6Ggm1BV7+mmoWH3PC4UqcYpEKSdEq1rthy6NUsa6gu5sydewbi/ilI3E3ohdCxlPPF9ww==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/base64-<?php echo rawurlencode($BASE64JSVERSION); ?>.js"></script>
|
<?php
|
||||||
<script type="text/javascript" src="js/rawdeflate-0.5.js"></script>
|
if ($ZEROBINCOMPATIBILITY):
|
||||||
<script type="text/javascript" src="js/rawinflate-0.3.js"></script>
|
?>
|
||||||
<script type="text/javascript" src="js/bootstrap-3.3.5.js"></script>
|
<script type="text/javascript" src="js/base64-1.7.js" integrity="sha512-JdwsSP3GyHR+jaCkns9CL9NTt4JUJqm/BsODGmYhBcj5EAPKcHYh+OiMfyHbcDLECe17TL0hjXADFkusAqiYgA==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
else:
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/base64-2.1.9.js" integrity="sha512-rbqAby7hObftbEoGQzkhUbEh5YkUn2MtekTLs4btvo2oly4CZ3DxhJzEh0u/rNzS54tcJdqi5Ug1ruugEd2U1g==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/rawdeflate-0.5.js" integrity="sha512-tTdZ7qMr7tt5VQy4iCHu6/aGB12eRwbUy+AEI5rXntfsjcRfBeeqJloMsBU9FrGk1bIYLiuND/FhU42LO1bi0g==" crossorigin="anonymous"></script>
|
||||||
|
<script type="text/javascript" src="js/rawinflate-0.3.js" integrity="sha512-g8uelGgJW9A/Z1tB6Izxab++oj5kdD7B4qC7DHwZkB6DGMXKyzx7v5mvap2HXueI2IIn08YlRYM56jwWdm2ucQ==" crossorigin="anonymous"></script>
|
||||||
|
<script type="text/javascript" src="js/bootstrap-3.3.5.js" integrity="sha512-/W33QnLmSAP1fwINS9iXgB6s/VOIG9GVdIuIYaUtbSvKPMv5S08PtT3PqnT2WjwBgB8DFeDN2nqJroqQYF7SwQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
if ($SYNTAXHIGHLIGHTING):
|
if ($SYNTAXHIGHLIGHTING):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-m8iHxoN+Fe12xxFwWNdY/TS4KoFntHp29qY0xUzBnPd0bkKMOR/dFhEdTWydpt0b/fIXyhB+znGYUvgjfJ2RzQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
if ($MARKDOWN):
|
if ($MARKDOWN):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/showdown-1.4.1.js"></script>
|
<script type="text/javascript" src="js/showdown-1.4.1.js" integrity="sha512-Kbz1FIlDnqUJu/3yW8H8USzURA3JuUqSKRwz13lM4kWt6C0n6s4tjl81PCfnWtE4gBIzyj5uGePcfUyotk/icw==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
|
||||||
<!--[if lt IE 10]>
|
<!--[if lt IE 10]>
|
||||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||||
<![endif]-->
|
<![endif]-->
|
||||||
|
|||||||
26
tpl/page.php
26
tpl/page.php
@ -19,24 +19,34 @@ if ($SYNTAXHIGHLIGHTING):
|
|||||||
endif;
|
endif;
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/jquery-1.11.3.js"></script>
|
<script type="text/javascript" src="js/jquery-1.11.3.js" integrity="sha512-xAERw8wHVOkM9x9y9/FvQ7g1t+gIQj39mfkN1Rd1OLcC5k/x2e6NO8hq6qEbb3oO+CYYTjVLFiFYg5/7ddF0zA==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/sjcl-1.0.4.js"></script>
|
<script type="text/javascript" src="js/sjcl-1.0.4.js" integrity="sha512-BqVQ8GgWfMCcdsDuP6Ggm1BV7+mmoWH3PC4UqcYpEKSdEq1rthy6NUsa6gu5sydewbi/ilI3E3ohdCxlPPF9ww==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" src="js/base64-<?php echo rawurlencode($BASE64JSVERSION); ?>.js"></script>
|
<?php
|
||||||
<script type="text/javascript" src="js/rawdeflate-0.5.js"></script>
|
if ($ZEROBINCOMPATIBILITY):
|
||||||
<script type="text/javascript" src="js/rawinflate-0.3.js"></script>
|
?>
|
||||||
|
<script type="text/javascript" src="js/base64-1.7.js" integrity="sha512-JdwsSP3GyHR+jaCkns9CL9NTt4JUJqm/BsODGmYhBcj5EAPKcHYh+OiMfyHbcDLECe17TL0hjXADFkusAqiYgA==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
else:
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/base64-2.1.9.js" integrity="sha512-rbqAby7hObftbEoGQzkhUbEh5YkUn2MtekTLs4btvo2oly4CZ3DxhJzEh0u/rNzS54tcJdqi5Ug1ruugEd2U1g==" crossorigin="anonymous"></script>
|
||||||
|
<?php
|
||||||
|
endif;
|
||||||
|
?>
|
||||||
|
<script type="text/javascript" src="js/rawdeflate-0.5.js" integrity="sha512-tTdZ7qMr7tt5VQy4iCHu6/aGB12eRwbUy+AEI5rXntfsjcRfBeeqJloMsBU9FrGk1bIYLiuND/FhU42LO1bi0g==" crossorigin="anonymous"></script>
|
||||||
|
<script type="text/javascript" src="js/rawinflate-0.3.js" integrity="sha512-g8uelGgJW9A/Z1tB6Izxab++oj5kdD7B4qC7DHwZkB6DGMXKyzx7v5mvap2HXueI2IIn08YlRYM56jwWdm2ucQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
if ($SYNTAXHIGHLIGHTING):
|
if ($SYNTAXHIGHLIGHTING):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-m8iHxoN+Fe12xxFwWNdY/TS4KoFntHp29qY0xUzBnPd0bkKMOR/dFhEdTWydpt0b/fIXyhB+znGYUvgjfJ2RzQ==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
if ($MARKDOWN):
|
if ($MARKDOWN):
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/showdown-1.4.1.js"></script>
|
<script type="text/javascript" src="js/showdown-1.4.1.js" integrity="sha512-Kbz1FIlDnqUJu/3yW8H8USzURA3JuUqSKRwz13lM4kWt6C0n6s4tjl81PCfnWtE4gBIzyj5uGePcfUyotk/icw==" crossorigin="anonymous"></script>
|
||||||
<?php
|
<?php
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>"></script>
|
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-E9z1cIXJHhc940FLA4o//dRxoy5HwSeRZVgLClmREWl+o576zz3gOkMwxrUFVXKUMa2l2qc6huNwMpw+RGmk2Q==" crossorigin="anonymous"></script>
|
||||||
<!--[if lt IE 10]>
|
<!--[if lt IE 10]>
|
||||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||||
<![endif]-->
|
<![endif]-->
|
||||||
|
|||||||
@ -19,6 +19,7 @@ if (!is_file(CONF)) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
require PATH . 'vendor/autoload.php';
|
require PATH . 'vendor/autoload.php';
|
||||||
|
Helper::updateSubresourceIntegrity();
|
||||||
|
|
||||||
class Helper
|
class Helper
|
||||||
{
|
{
|
||||||
@ -66,6 +67,13 @@ class Helper
|
|||||||
),
|
),
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* JS files and their SRI hashes
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
private static $hashes = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* get example paste ID
|
* get example paste ID
|
||||||
*
|
*
|
||||||
@ -273,4 +281,50 @@ class Helper
|
|||||||
return var_export($var, $return);
|
return var_export($var, $return);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* update all templates with the latest SRI hashes for all JS files
|
||||||
|
*
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
public static function updateSubresourceIntegrity()
|
||||||
|
{
|
||||||
|
$dir = dir(PATH . 'js');
|
||||||
|
while (false !== ($file = $dir->read())) {
|
||||||
|
if (substr($file, -3) === '.js') {
|
||||||
|
self::$hashes[$file] = base64_encode(
|
||||||
|
hash('sha512', file_get_contents(
|
||||||
|
PATH . 'js' . DIRECTORY_SEPARATOR . $file
|
||||||
|
), true)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$dir = dir(PATH . 'tpl');
|
||||||
|
while (false !== ($file = $dir->read())) {
|
||||||
|
if (substr($file, -4) === '.php') {
|
||||||
|
$content = file_get_contents(
|
||||||
|
PATH . 'tpl' . DIRECTORY_SEPARATOR . $file
|
||||||
|
);
|
||||||
|
$content = preg_replace_callback(
|
||||||
|
'#<script type="text/javascript" src="js/([a-z0-9.-]+.js)([^"]*)"( integrity="[^"]+" crossorigin="[^"]+")?></script>#',
|
||||||
|
function ($matches) {
|
||||||
|
if (array_key_exists($matches[1], Helper::$hashes)) {
|
||||||
|
return '<script type="text/javascript" src="js/' .
|
||||||
|
$matches[1] . $matches[2] .
|
||||||
|
'" integrity="sha512-' . Helper::$hashes[$matches[1]] .
|
||||||
|
'" crossorigin="anonymous"></script>';
|
||||||
|
} else {
|
||||||
|
return $matches[0];
|
||||||
|
}
|
||||||
|
},
|
||||||
|
$content
|
||||||
|
);
|
||||||
|
file_put_contents(
|
||||||
|
PATH . 'tpl' . DIRECTORY_SEPARATOR . $file,
|
||||||
|
$content
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -47,7 +47,7 @@ class ViewTest extends PHPUnit_Framework_TestCase
|
|||||||
$page->assign('BURNAFTERREADINGSELECTED', false);
|
$page->assign('BURNAFTERREADINGSELECTED', false);
|
||||||
$page->assign('PASSWORD', true);
|
$page->assign('PASSWORD', true);
|
||||||
$page->assign('FILEUPLOAD', false);
|
$page->assign('FILEUPLOAD', false);
|
||||||
$page->assign('BASE64JSVERSION', '2.1.9');
|
$page->assign('ZEROBINCOMPATIBILITY', false);
|
||||||
$page->assign('NOTICE', 'example');
|
$page->assign('NOTICE', 'example');
|
||||||
$page->assign('LANGUAGESELECTION', '');
|
$page->assign('LANGUAGESELECTION', '');
|
||||||
$page->assign('LANGUAGES', I18n::getLanguageLabels(i18n::getAvailableLanguages()));
|
$page->assign('LANGUAGES', I18n::getLanguageLabels(i18n::getAvailableLanguages()));
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user