Chapril/paste.chapril.org-privatebin
Chapril/paste.chapril.org-privatebin
24
0
Fork 0
Code Issues Releases Wiki Activity
1,653 Commits 16 Branches 34 Tags 18 MiB
74551f58d7
Commit Graph

15 Commits

Author SHA1 Message Date
El RIDO
bab95cce1b
addressing false positive jsverify rngState 8bf7605ea139db4c28 2020-02-04 18:58:24 +01:00
El RIDO
cc0920fc09
add HTML entity encoding to PHP translation logic, remove exception to allow <br/> tags in DOMpurify by eliminating the single case that made use of it 2020-02-01 08:46:59 +01:00
El RIDO
9a4018bffe
jsverify rngState 8270695ec83abf412d was a false positive, due to incorrect test logic 2020-02-01 07:40:14 +01:00
El RIDO
8a6415ef5f
fixing jsverify rngStates 0220439df7ec68a15b, 015c81b7afd06e4293 & 041e3d57692b08fc4a 2020-01-31 22:42:42 +01:00
El RIDO
29efc14aa7
Revert "implement simplified translation logic, forcing the use of safe application via jQuery element" 
This reverts commit 62365880b4. The unit tests showed that the text2string function completely undid the XSS fix, so it was always unsafe to use it. Also the logic simplifications were smaller then expected.
 2020-01-25 09:07:29 +01:00
El RIDO
62365880b4
implement simplified translation logic, forcing the use of safe application via jQuery element 2020-01-25 09:07:06 +01:00
El RIDO
685c354d0e
several changes: 
- added tests for all 4 cases: output to string or into element vs first param contains link or not
- cleaned up logic - skip HTML entity encoding only if we can ensure insertion to text node / when output to string, we always encode
- DOMpurify sanitizes gopher, ws & wss links, which we previosly had tested for
 2020-01-18 10:44:35 +01:00
El RIDO
fa9d3037ba
fixing logic & indentation 2020-01-18 07:44:32 +01:00
El RIDO
fd4492f229
ensuring that both critical branches get tested 2020-01-18 07:09:56 +01:00
El RIDO
4bf7f863dc
more general solution addressing #554, kudos @rugk for the suggestions 2020-01-04 13:14:53 +01:00
El RIDO
70007285bf
remove console suppression, fixing I18n mock 2018-12-25 16:42:18 +01:00
rugk
3b90020559
Add explanation 
Ref https://github.com/PrivateBin/PrivateBin/pull/297#issuecomment-379586428
 2018-04-09 14:13:18 +02:00
Alexander Do
944c8c2912 Add test for missing browser language 2018-04-07 03:22:26 +00:00
El RIDO
72acc95326
improving code quality issues suggested by JSHint 2018-01-06 09:26:10 +01:00
El RIDO
3fed63ce28
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00