Commit Graph

1037 Commits

Author SHA1 Message Date
El RIDO
8cfcf1c9f5
Adding HTTP headers to address certain XSS attacks, resolves #91 2016-09-18 11:29:37 +02:00
rugk
ec7af3a738
Improve formatting 2016-09-14 23:55:55 +02:00
rugk
8cb1a0a14d
Improve issue template 2016-09-03 18:23:03 +02:00
rugk
23febfc5ca
Remove unintentially submitted test file 2016-09-03 18:14:14 +02:00
rugk
1a159c973f
Prevent referrer to be send
Uses both CSP and Referrer-Policy
Fixes #96
2016-09-03 18:12:24 +02:00
rugk
b7184b92a3 Fix csp config unit tests 2016-08-27 14:47:21 +02:00
El RIDO
7da4723112 Merge pull request #97 from matunixe/master
Fix some french translation issues (typo + minor problems).
2016-08-27 13:53:50 +02:00
Mathias
8cb9e9d871 Fix some french translation issues (typo + minor problems). 2016-08-27 12:33:44 +02:00
rugk
b11866a63b Allow manifest loading via CSP (2) 2016-08-27 00:02:50 +02:00
rugk
9ff74e8841 Allow manifest loading via CSP 2016-08-27 00:01:19 +02:00
El RIDO
a13266a784 ensure the server salt path is initialized, instead of relying on the default 2016-08-25 15:02:38 +02:00
El RIDO
e925833090 bumping version number to 1.0 2016-08-25 09:53:31 +02:00
rugk
2ee9325f49 Make clear that HTTPS provides basic security...
whereas the other things are advantaged security features.
2016-08-24 23:28:54 +02:00
rugk
2cde59821a Add FAQ note to issue template 2016-08-24 17:35:29 +02:00
rugk
932c0b573d More useful links for Libsodium installation
Also mentioning one needs to install the PHP extension too.
2016-08-24 16:43:44 +02:00
rugk
61f0eaa757 Fix typo 2016-08-23 20:56:45 +02:00
rugk
1bc2caf459 Correct order of PRNG
As stated in 76e90f747b/ERRATA.md
2016-08-23 20:56:14 +02:00
rugk
19e5467b79 Revert "Add PHPv7 to list of "requires /dev/urandom in open_basedir""
This reverts commit b229fb6041.
2016-08-23 20:44:16 +02:00
rugk
b229fb6041 Add PHPv7 to list of "requires /dev/urandom in open_basedir" 2016-08-23 17:24:51 +02:00
El RIDO
91eabd8489 readded /dev/urandom, the primary source for safe randomness in PHP 7, random_compat and mcrypt 2016-08-23 08:54:26 +02:00
rugk
226a64d8a4 Clarify randomness & add PDO link
* Remove "some disk space" - Everyone knows that files need some place to be stored. Additionally nowadays disk space is not problem in general.
* Add link to PDO.
* Clarify randomness. I am however not sure whether `com_dotnet` needs access to `/dev/urandom` (with open_basedir set).
2016-08-22 19:28:20 +02:00
El RIDO
3d7b35aed4 PSR-2/4 fixes 2016-08-22 16:20:14 +02:00
El RIDO
62dd25b91a added note for phpdoc with PHP 7 2016-08-22 10:58:01 +02:00
El RIDO
313b5d34d2 updating docs 2016-08-22 10:34:37 +02:00
El RIDO
1907586b39 changing link to project page 2016-08-22 09:50:28 +02:00
El RIDO
6aba39488f adding check for PATH ending in DIRECTORY_SEPARATOR, fixes #86 2016-08-22 09:46:26 +02:00
El RIDO
47d6bd7a02 Clarifying requirement for safe randomness in installation document 2016-08-22 09:44:49 +02:00
El RIDO
38a185ef22 shrinking icon to avoid renderering glitches 2016-08-21 20:42:58 +02:00
El RIDO
6c49bd09b8 Merge pull request #88 from PrivateBin/iconupdate
Readd icon instead of logo for header
2016-08-21 20:03:26 +02:00
rugk
5621f32752 Readd icon instead of logo for header
Continues #87
2016-08-21 16:51:54 +02:00
rugk
c6e71d2972 Add link to info page to logo
This overwrites the useless link to the logo.
2016-08-21 15:24:02 +02:00
El RIDO
ba2ce38077 added alt text 2016-08-21 07:34:45 +02:00
El RIDO
057047094d Merge pull request #87 from PrivateBin/newicon
Replace icon with logo with text
2016-08-20 19:10:19 +02:00
rugk
f7a75a9d33 Merge branch 'master' into newicon 2016-08-20 19:09:39 +02:00
rugk
d7896fbd95 Fix header link in subdir installations
Now this does link to PrivateBin and not to the top-root (file) of the webserver
2016-08-20 18:53:07 +02:00
rugk
a7c3b6079d Update logo 2016-08-20 18:25:56 +02:00
rugk
8f19045b58 Replace icon with logo with text 2016-08-20 18:01:52 +02:00
rugk
f82533f479 Use icon with text for Readme 2016-08-20 17:57:02 +02:00
El RIDO
47646e056b fixing urlshortening regression caused by CSP introduction, resolves #10 2016-08-18 15:09:58 +02:00
El RIDO
cd02c6e916 Merge pull request #83 from PrivateBin/novendorignore
Clever gitignore for vendor dir
2016-08-17 21:00:27 +02:00
rugk
e4f615d8be Exclude doch folder 2016-08-17 20:43:59 +02:00
rugk
c6af0ebfce Fix typo of Composer name 2016-08-17 20:00:29 +02:00
rugk
e7d5b34f4f Also exclude PHP phar builder 2016-08-17 19:56:35 +02:00
rugk
47b5d315f6 Delete excluded files & adjsut exlcusion
Also add Composer license to LICENSE.md as it is excluded right now
2016-08-17 19:44:03 +02:00
rugk
49beb2ff64 Allow PHP files in vendor dir to be committed 2016-08-17 19:37:40 +02:00
El RIDO
a9759f1872 updated changelog 2016-08-16 11:38:52 +02:00
El RIDO
f72e260ee7 adding subresource integrity hashes for all javascript includes, resolves #6 2016-08-16 11:11:03 +02:00
El RIDO
f957a1868f push state to history when displaying raw text to allow use of back button, fixes #7 2016-08-16 09:51:36 +02:00
El RIDO
e49e1e2079 added missing library files and license 2016-08-16 08:58:55 +02:00
El RIDO
d12ddd2efc Merge pull request #65 from PrivateBin/prng
Use better random number generator
2016-08-16 08:38:43 +02:00