Merge branch 'master' into js-unit-testing

6 years ago · 266b71bfd0
parent a3e0418b33 0687448d0a
commit 266b71bfd0
10 changed files with 73 additions and 38 deletions
--- a/.eslintrc
+++ b/.eslintrc
@ -19,6 +19,7 @@ globals:
  it: false
  jsc: false
  jsdom: true
+  kjua: true

 # http://eslint.org/docs/rules/
 rules:
--- a/.jshintrc
+++ b/.jshintrc
@ -16,26 +16,31 @@
    "nonew": true,
    "quotmark": "single",
    "singleGroups": true,
-    "strict": "global",
+    "strict": true,
    "undef": true,
    "unused": true,
    "jquery": true,
+    "browser": true,
    "predef": {
-        "after": true,
-        "before": true,
-        "cleanup": true,
-        "console": true,
-        "describe": false,
-        "document": true,
-        "fs": false,
-        "global": true,
-        "exports": true,
-        "it": false,
-        "jsc": false,
-        "jsdom": true,
-        "require": false,
-        "setTimeout": false,
-        "window": true
+      "after": true,
+      "before": true,
+      "cleanup": true,
+      "console": true,
+      "describe": false,
+      "document": true,
+      "fs": false,
+      "global": true,
+      "exports": true,
+      "it": false,
+      "jsc": false,
+      "jsdom": true,
+      "require": false,
+      "setTimeout": false,
+      "window": true
+    },
+    "globals": {
+      "sjcl": true,
+      "DOMPurify": true,
+      "kjua": true
    }
 }
-
--- a/21
+++ b/21
@ -3,15 +3,24 @@ FROM php:apache
 RUN apt-get update && apt-get install -y \
        libfreetype6-dev \
        libjpeg62-turbo-dev \
-        libpng12-dev \
+        libpng-dev \
        wget \
        zip \
-        unzip; \
+        unzip && \
    # We install and enable php-gd
-    docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/; \
-    docker-php-ext-install -j$(nproc) gd; \
-
+    docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ &&\
+    docker-php-ext-install -j$(nproc) gd && \
    # We enable Apache's mod_rewrite
    a2enmod rewrite

-COPY . .
+
+# Copy app content
+COPY . /var/www/html
+
+# Copy start script
+RUN mv /var/www/html/docker/entrypoint.sh / && \
+    rm -r /var/www/html/docker
+
+VOLUME /var/www/html/data
+
+CMD /entrypoint.sh
--- a/cfg/conf.sample.php
+++ b/cfg/conf.sample.php
@ -73,7 +73,7 @@ languageselection = false
 ; scripts or run your site behind certain DDoS-protection services.
 ; Check the documentation at https://content-security-policy.com/
 ; Note: If you use a bootstrap theme, you can remove the allow-popups from the sandbox restrictions.
-; cspheader = "default-src 'none'; manifest-src 'self'; connect-src *; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self' data:; referrer no-referrer; sandbox allow-same-origin allow-scripts allow-forms allow-popups"
+; cspheader = "default-src 'none'; manifest-src 'self'; connect-src *; form-action 'none'; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self' data:; referrer no-referrer; sandbox allow-same-origin allow-scripts allow-forms allow-popups"

 ; stay compatible with PrivateBin Alpha 0.19, less secure
 ; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,15 @@
+version: '3'
+
+services:
+  privatebin:
+    build: .
+    ports:
+      - "3000:80"
+    volumes:
+      - data:/var/www/html/data
+      # Optionally mount a custom config file
+      #- /srv/docker/privatebin/conf.php:/var/www/html/cfg/conf.php
+    
+volumes:
+  data:
+
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@ -0,0 +1,4 @@
+#! /bin/sh
+
+chown -R www-data /var/www/html/data
+apache2-foreground
--- a/js/privatebin.js
+++ b/js/privatebin.js
@ -28,6 +28,7 @@ sjcl.random.startCollectors();

 // main application start, called when DOM is fully loaded
 jQuery(document).ready(function() {
+    'use strict';
    // run main controller
    $.PrivateBin.Controller.init();
 });
@ -331,7 +332,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
            var usesPlurals = $.isArray(args[0]);
            if (usesPlurals) {
                // use the first plural form as messageId, otherwise the singular
-                messageId = (args[0].length > 1 ? args[0][1] : args[0][0]);
+                messageId = args[0].length > 1 ? args[0][1] : args[0][0];
            } else {
                messageId = args[0];
            }
@ -415,16 +416,16 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
                case 'fr':
                case 'oc':
                case 'zh':
-                    return (n > 1 ? 1 : 0);
+                    return n > 1 ? 1 : 0;
                case 'pl':
-                    return (n === 1 ? 0 : (n % 10 >= 2 && n %10 <=4 && (n % 100 < 10 || n % 100 >= 20) ? 1 : 2));
+                    return n === 1 ? 0 : (n % 10 >= 2 && n %10 <=4 && (n % 100 < 10 || n % 100 >= 20) ? 1 : 2);
                case 'ru':
-                    return (n % 10 === 1 && n % 100 !== 11 ? 0 : (n % 10 >= 2 && n % 10 <= 4 && (n % 100 < 10 || n % 100 >= 20) ? 1 : 2));
+                    return n % 10 === 1 && n % 100 !== 11 ? 0 : (n % 10 >= 2 && n % 10 <= 4 && (n % 100 < 10 || n % 100 >= 20) ? 1 : 2);
                case 'sl':
-                    return (n % 100 === 1 ? 1 : (n % 100 === 2 ? 2 : (n % 100 === 3 || n % 100 === 4 ? 3 : 0)));
+                    return n % 100 === 1 ? 1 : (n % 100 === 2 ? 2 : (n % 100 === 3 || n % 100 === 4 ? 3 : 0));
                // de, en, es, it, no, pt
                default:
-                    return (n !== 1 ? 1 : 0);
+                    return n !== 1 ? 1 : 0;
            }
        };

@ -660,7 +661,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
         */
        me.hasCipherData = function()
        {
-            return (me.getCipherData().length > 0);
+            return me.getCipherData().length > 0;
        };

        /**
@ -831,7 +832,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
            var viewportTop = $(window).scrollTop();
            var viewportBottom = viewportTop + $(window).height();

-            return (elementTop > viewportTop && elementTop < viewportBottom);
+            return elementTop > viewportTop && elementTop < viewportBottom;
        };

        /**
@ -1194,8 +1195,8 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
         */
        function sendToShortener()
        {
-            window.location.href = $shortenButton.data('shortener')
-                                   + encodeURIComponent($pasteUrl.attr('href'));
+            window.location.href = $shortenButton.data('shortener') +
+                                   encodeURIComponent($pasteUrl.attr('href'));
        }

        /**
@ -2008,7 +2009,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
        me.hasAttachment = function()
        {
            var link = $attachmentLink.prop('href');
-            return (typeof link !== 'undefined' && link !== '');
+            return typeof link !== 'undefined' && link !== '';
        };

        /**
--- a/lib/Configuration.php
+++ b/lib/Configuration.php
@ -54,7 +54,7 @@ class Configuration
            'urlshortener'             => '',
            'qrcode'                   => true,
            'icon'                     => 'identicon',
-            'cspheader'                => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data:; referrer no-referrer; sandbox allow-same-origin allow-scripts allow-forms allow-popups',
+            'cspheader'                => 'default-src \'none\'; manifest-src \'self\'; connect-src *; form-action \'none\'; script-src \'self\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data:; referrer no-referrer; sandbox allow-same-origin allow-scripts allow-forms allow-popups',
            'zerobincompatibility'     => false,
        ),
        'expire' => array(
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@ -75,7 +75,7 @@ if ($MARKDOWN):
 <?php
 endif;
 ?>
-		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-3nd5Pywd3ZfKTLBeQWVwCmBrolUFcMOjXHBTka1sdD04tRLbKKcBW90y6EmisPXLp/EjNLjmN0uRIN9mlDqecw==" crossorigin="anonymous"></script>
+		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-1taLHBI+tdu4RhEpnqw4JfGHePYdAmO9zwrIFh5Ym1R4XJWt4ls/3br9u/6kS5dN8s5RqZSRUz/nmsaauwUzAA==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->
--- a/tpl/page.php
+++ b/tpl/page.php
@ -54,7 +54,7 @@ if ($QRCODE):
 <?php
 endif;
 ?>
-		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-3nd5Pywd3ZfKTLBeQWVwCmBrolUFcMOjXHBTka1sdD04tRLbKKcBW90y6EmisPXLp/EjNLjmN0uRIN9mlDqecw==" crossorigin="anonymous"></script>
+		<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-1taLHBI+tdu4RhEpnqw4JfGHePYdAmO9zwrIFh5Ym1R4XJWt4ls/3br9u/6kS5dN8s5RqZSRUz/nmsaauwUzAA==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->