720897b902
correct CSP to allow password prompt
2018-07-21 06:45:09 +00:00
60d4ccb02c
Add comment about blocked images
...
Fixes https://github.com/PrivateBin/PrivateBin/issues/275
2018-07-01 14:59:24 +02:00
d6f203dc4c
Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state
2018-05-27 15:05:31 +02:00
caf87cc6f1
Merge branch 'master' into burnafterreading-fix, regression in expired paste error
2018-04-30 20:01:38 +02:00
2c82279292
Merge branch 'attachment-handling' of https://github.com/thororm/PrivateBin into thororm-attachment-handling
...
apart from resolving conflicts:
- added missing docs
- inlined functions that were used in only one location
- updated unit test to support all previews
- fixed a regression that displayed the preview even when there was no preview and too early
2018-04-29 11:57:03 +02:00
9c132cd839
Disallow form-action in CSP to limit outgoing connections
...
See https://github.com/PrivateBin/PrivateBin/issues/272
2018-01-06 18:06:06 +01:00
414ab0eb71
Add config and basic page template support
...
* load JS file asyncronously (just HTML5 async attribut)
* add basic support for page template, where it generates the code inside
of a simple div at the top
* added option to turn off QR code support
2017-12-25 14:59:15 +01:00
4ded4b7f8c
adding correct HTTP error to response, as per @rugk's recommentation
2017-10-08 16:43:46 +02:00
6625a9dc59
hiding INI contents from StyleCI
2017-10-08 16:26:21 +02:00
7197705d5c
updating unit test in preparation for planned file name change, currently failing
2017-10-08 16:25:11 +02:00
23f5dfbff8
Merge remote-tracking branch 'remotes/thororm/master' into attachment-handling
...
# Conflicts:
# tpl/bootstrap.php
# tpl/page.php
2017-05-13 19:48:25 +02:00
f54036976a
added instantburnafterreading option to address #174
2017-04-11 17:23:26 +02:00
096f07f86e
Merge branch 'master' into attachment-handling
...
# Conflicts:
# js/privatebin.js
# tpl/bootstrap.php
# tpl/page.php
2017-04-02 13:30:52 +02:00
be0919893d
updating shipped .htaccess files for Apache 2.4 as per https://httpd.apache.org/docs/2.4/upgrading.html#access - Thanks @EchoDev, fixes #194
2017-03-11 08:56:14 +01:00
b9737d368d
Update conf.ini.sample
2017-02-13 22:57:09 +01:00
faf596aeb7
Added preview for
...
- Video (HTML5)
- Audio (HTML5)
- PDF (Browser capabilities)
attachment.
Added drag & drop functionality
Added attachment preview to preview before submitting
2017-02-12 15:35:37 +01:00
e9b10f9e2d
Add CSP sandbox
...
Fixes https://github.com/PrivateBin/PrivateBin/issues/168
Alos needed to run some Composer stuff, no idea why my diff was different.
2017-02-01 18:34:13 +01:00
67f6c4eb61
turned bootstrap template variants into logic
2017-01-08 10:02:07 +01:00
f5aefa5513
Update for correct spelling
2017-01-07 20:35:23 +01:00
36f70cad48
Fixed a spelling error in conf.ini
...
Changed "Mibibytes" to "Megabytes"
2017-01-01 17:47:07 -06:00
a5d91298ff
add an option to change the site name, solves #154
2017-01-01 16:33:11 +01:00
2cd4717bd2
Use default csp value by default
...
Otherwise the CSP may break updates if we later change the behaviour of PrivateBin somehow.
We should have done this before the v1.0 release, but well...
2016-09-18 12:21:42 +02:00
1a159c973f
Prevent referrer to be send
...
Uses both CSP and Referrer-Policy
Fixes #96
2016-09-03 18:12:24 +02:00
9ff74e8841
Allow manifest loading via CSP
2016-08-27 00:01:19 +02:00
3d541f867b
Update config file header
...
We really don't need to license the config file....
2016-08-12 18:23:15 +02:00
3988b860b0
implemented Identicon library as new default for comment icons, made Vizhash an optional alternative, refactored Vizhash and removed string lenghtening
2016-08-10 17:41:46 +02:00
addb666a23
introducing CSP header to mitigate XSS attacks, closes #10
2016-08-09 14:46:32 +02:00
b45bef8388
Renamed classes for full PSR-2 compliance, some cleanup
2016-08-09 11:54:42 +02:00
38ab755733
Replace HTTP links with HTTPS
...
Using this regexp: https://regex101.com/r/rZ2dE2/1
2016-07-19 13:56:52 +02:00
b53efda635
improving code coverage and unit testing
2016-07-18 14:47:32 +02:00
ff0c55c0d6
introduce option to disable vizhash for paranoid admins, resolves #20 point 2.4
2016-07-18 10:14:38 +02:00
20cf678a75
adding default configuration for purging, resolves #3 (again)
2016-07-18 09:13:23 +02:00
79509ad48a
renaming the fork to PrivateBin
2016-07-11 11:58:15 +02:00
a7ef0b54e6
ZeroBin -> PrivateBin
...
Changing name
2016-07-10 11:02:31 +02:00
0e217a42c5
introduce new zerobincompatibility option, replacing the base64 one, if it is enabled, delete tokens use sha256; added per paste salt with server salt fallback; this resolves the points 2.2 & 2.9 in #103
2016-07-06 11:37:13 +02:00
a4ebdbc606
re-introducing (optional) URL shortener support, resolves #58
2016-01-31 09:56:06 +01:00
24a4328c55
incrementing version, updating changelog, added missing phpdoc comments
2015-11-09 21:39:42 +01:00
d42975580a
expire_options and formatter_options should not be filled up with
...
default values, resolves #52
2015-10-24 08:44:17 +02:00
176dff3b70
renaming config file to make updates easier, resolving #50
2015-10-22 21:13:15 +02:00
e3f4aa982c
adding configuration option to set a default language and/or force it,
...
resolves #39
2015-10-18 20:38:07 +02:00
ca07398b66
adding option to hide clone button on expiring pastes, resolves #34
2015-10-18 17:56:45 +02:00
9f68658106
incrementing version number, updating changelog
2015-09-21 22:43:00 +02:00
608605cd54
incrementing version number, updating docs
2015-09-19 17:23:10 +02:00
a41d0ca4dd
various fixes:
...
- changing default formatter option to plain text to make upgrading from
0.19 Alpha smoother
- fixing translation message change in bootstrap templates
- adjusting how image uploads are displayed in bootstrap templates
2015-09-19 14:22:29 +02:00
a111357fae
add optional (since it uses a session cookie) language selection
2015-09-19 11:21:13 +02:00
47efedf23c
traffic limiter would fail behind a reverse proxy / load balancer.
...
Adding configuration option to set the trusted HTTP header to get the
visitors IP in such a case (avoiding security issue if malicious clients
just set these headers themselfs)
2015-09-18 22:31:01 +02:00
106141efa4
merging @vikstrous file upload feature for #20 from
...
8a6d268278
2015-09-16 22:51:48 +02:00
0e53d1ee86
added markdown support and a dropdown for the format selection. The
...
options other then markdown are plain text and source code (syntax
highlighting). Resolves #25
2015-09-12 17:33:16 +02:00
b060d57524
- implemented php side of plural translation
...
- using it to generate labels dynamically for the expire options
(deprecating the [expire_labels] configuration).
- added translation of the human readable data sizes to support the
french octet
- fixed IEC label for kibibytes
2015-09-06 19:21:17 +02:00
2d79ba8243
updating docs, bumping version to 0.20
2015-09-03 22:22:59 +02:00
d3c4600806
slight configuration changes, template modifications to make discussions
...
and password configurable, removed generated configuration test as it
grows quite big and a new one can be generated easily if needed
2015-08-31 00:01:35 +02:00
95f1db925b
Merge branch 'master' of https://github.com/elrido/ZeroBin
...
Conflicts:
cfg/conf.ini
js/zerobin.js
2015-08-30 14:33:09 +02:00
2d0668af03
concluding work on configuration test generator for #16 . Replaced a few
...
die()s in the code with Exception, making it possible to test properly.
Fixed some outdated unit tests.
2015-08-29 20:29:14 +02:00
3306bcff99
switch to bootstrap theme by default
2015-08-23 18:08:45 +02:00
da7ffc5d07
Changed css
2015-08-22 22:46:35 +02:00
f2912a07b0
Changed config to use SQLite
2015-08-22 16:43:02 +02:00
cb28056223
made highlighting more configurable, added all four themes, there is now a configurable flavour text (notice)
2015-08-17 23:18:33 +02:00
49c6e3c1b6
updated base64.js to version 2.1.9, using minified version found at
...
9192c510f5/base64.min.js
2015-08-16 12:27:06 +02:00
e646729b2d
fixing regressions from cherrypicking
2015-08-15 21:39:08 +02:00
5f87ea6843
ZeroBin 0.18
...
(cherry picked from commit 7a8cbee2f99cd74a50bce7e8df8130e2c477d903)
Conflicts:
CHANGELOG.md
index.php
js/zerobin.js
lib/vizhash16x16.php
2015-08-15 21:06:19 +02:00
5b253cf77c
ZeroBin 0.17
...
* added deletion link.
* small refactoring.
* improved regex checks.
* larger server alt on installation.
2013-11-01 01:15:14 +01:00
d247bff897
syntax highlighting can now be turned off, template can be changed in
...
configuration
2013-10-31 22:24:40 +01:00
630e16c4a0
Added more configuration options, based on patch by Uli Köhler
2013-10-30 23:54:42 +01:00
907538875b
removed leftovers from submodule uglifyjs, added credits file,
...
cleaned up CSS, changed template to output clean XHTML 5,
added unit tests for 60% of the code, found a few bugs by doing
that and fixed them
2012-08-26 00:49:11 +02:00
421e6cba97
implemented zerobin_db model, added more options for paste expiration, made comments and max data size configurable
2012-05-19 23:59:41 +02:00
edf95ff56d
added autoloading, configurable paste size limit, changed JS to calculate localized comment times instead of UTC
2012-04-30 22:58:08 +02:00
23487ce779
Fixed bug with missing directory separator and added .htaccess files to lib & cfg directories. If those are not present, the application will create them for you.
2012-04-30 13:58:29 +02:00
ba90d0cae2
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector
2012-04-29 19:15:06 +02:00
El RIDO