- asking again if password is wrong
- display error if user cancels dialog
- use password to encrypt comments, too (password is "stored" in the
password field)
- store password in sessionStorage when posting a comment so, that it
doesn't have to typed in again, but clear sessionStorage as soon as
password is retrieved
Bug reproduction: 1) paste texte containing html/javascript. 2) send 3)
clic "Raw text" 4) refresh: The html/javascript is interpreted instead
of just displayed.
Under some versions of Chrome, it happens without refreshing.
This bug was corrected.
(cherry picked from commit 4f8750bbddcb137213529875e45e3ace3be9a769)
With a client IE < 10 there was a XSS security flaw. Other browsers were
not affected.
Also corrected spacing display with IE<10.
(cherry picked from commit 28813cd82ae47e556b610da3c7302a6709e27431)
Conflicts:
CHANGELOG.md
index.php
js/zerobin.js
lib/vizhash16x16.php
This patch will improve key randomness by requiring the user to move the
mouse if there is not enough entropy.
(cherry picked from commit c6e98045aa833dff824f892eb3392744c03a59f7)
"Burn after reading" option has been moved out of Expiration combo to a
separate checkbox.
Reason is: You can prevent a read-once paste to be available ad vitam
eternam on the net.
(cherry picked from commit 190b278402c086ebc4d1a78aae27d1e2666e3e7a)
Conflicts:
css/zerobin.css
index.php
js/zerobin.js
tpl/page.html
When creating a paste, we auto-select the resulting URL so that the user
only has to press CTRL+C to copy the link.
So you basically click "SEND" then press CTRL+C.
(cherry picked from commit 3feb4641c7892eeeaff2fe61c6e153919687b9c6)
Conflicts:
css/zerobin.css
