Chapril/paste.chapril.org-privatebin
Chapril/paste.chapril.org-privatebin
24
0
Fork 0
Code Issues Releases Wiki Activity
166 Commits 16 Branches 34 Tags 18 MiB
7bc8c14df6
Commit Graph

18 Commits

Author SHA1 Message Date
El RIDO
769768d25e updated jquery to 1.11.3 2015-08-16 11:20:06 +02:00
El RIDO
8881b3047a changing version string 2015-08-16 00:04:14 +02:00
Sebastien SAUVAGE
43a439e7d0 Time attack protection on hmac comparison 
This fixes issue 2.7 of https://defuse.ca/audits/zerobin.htm, and thus
(with commit a24212afda90ca3e4b4ff5ce30d2012709b58a28) also issue 2.8.

(cherry picked from commit 0b4db7ece313dd268e51fc47a0293a649927558a)

Conflicts:
	index.php
 2015-08-15 23:44:03 +02:00
Sébastien SAUVAGE
5b54ca34ad Update index.php 
Removed ugly error message when paste identifier is invalid (eg. http://mydomain.com/zerobin?foo)
(cherry picked from commit 43fa904979a29e4c205b9f4f08e1c487555bbe1c)

Conflicts:
	index.php
 2015-08-15 22:07:07 +02:00
Sebastien SAUVAGE
bc8b23d35e XSS flaw correction 
With a client IE < 10 there was a XSS security flaw. Other browsers were
not affected.
Also corrected spacing display with IE<10.

(cherry picked from commit 28813cd82ae47e556b610da3c7302a6709e27431)

Conflicts:
	CHANGELOG.md
	index.php
	js/zerobin.js
	lib/vizhash16x16.php
 2015-08-15 22:01:43 +02:00
El RIDO
e646729b2d fixing regressions from cherrypicking 2015-08-15 21:39:08 +02:00
Sebastien SAUVAGE
5f87ea6843 ZeroBin 0.18 
(cherry picked from commit 7a8cbee2f99cd74a50bce7e8df8130e2c477d903)

Conflicts:
	CHANGELOG.md
	index.php
	js/zerobin.js
	lib/vizhash16x16.php
 2015-08-15 21:06:19 +02:00
Sebastien SAUVAGE
cff4d99f05 "Burn after reading" as a checkbox 
"Burn after reading" option has been moved out of Expiration combo to a
separate checkbox.
Reason is: You can prevent a read-once paste to be available ad vitam
eternam on the net.

(cherry picked from commit 190b278402c086ebc4d1a78aae27d1e2666e3e7a)

Conflicts:
	css/zerobin.css
	index.php
	js/zerobin.js
	tpl/page.html
 2015-08-15 19:01:03 +02:00
Sebastien SAUVAGE
5b253cf77c ZeroBin 0.17 
* added deletion link.
* small refactoring.
* improved regex checks.
* larger server alt on installation.
 2013-11-01 01:15:14 +01:00
Sébastien SAUVAGE
c26c4a8bec arbitrary JSON file disclosure correction 
The following securit issue has been fixed:
https://github.com/sebsauvage/ZeroBin/issues/30
 2013-10-31 22:53:22 +01:00
Simon Rupf
d247bff897 syntax highlighting can now be turned off, template can be changed in 
configuration
 2013-10-31 22:24:40 +01:00
Simon Rupf
630e16c4a0 Added more configuration options, based on patch by Uli Köhler 2013-10-30 23:54:42 +01:00
Simon Rupf
2d4f155064 had to revert to HTML5 instead of XHTML5 because of compatibility 
problem with code prettifier, fixed some display bugs
 2012-08-28 23:28:41 +02:00
Simon Rupf
907538875b removed leftovers from submodule uglifyjs, added credits file, 
cleaned up CSS, changed template to output clean XHTML 5,
added unit tests for 60% of the code, found a few bugs by doing
that and fixed them
 2012-08-26 00:49:11 +02:00
Simon Rupf
421e6cba97 implemented zerobin_db model, added more options for paste expiration, made comments and max data size configurable 2012-05-19 23:59:41 +02:00
Simon Rupf
edf95ff56d added autoloading, configurable paste size limit, changed JS to calculate localized comment times instead of UTC 2012-04-30 22:58:08 +02:00
Simon Rupf
23487ce779 Fixed bug with missing directory separator and added .htaccess files to lib & cfg directories. If those are not present, the application will create them for you. 2012-04-30 13:58:29 +02:00
Simon Rupf
ba90d0cae2 Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector 2012-04-29 19:15:06 +02:00