updating DOMpurify library to 1.0.5

6 years ago · bd1e40ac36
parent 30d9cb45cc
commit bd1e40ac36
6 changed files with 6 additions and 5 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -11,7 +11,7 @@
    * CHANGED: Shipped .htaccess files were updated for Apache 2.4 (#192)
    * CHANGED: Cleanup of bootstrap template variants and moved icons to `img` directory
    * CHANGED: Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state
-    * CHANGED: Upgrading libraries to: SJCL 1.0.7, jQuery 3.3.1, Base64 2.4.5 & Showdown 1.8.6
+    * CHANGED: Upgrading libraries to: SJCL 1.0.7, jQuery 3.3.1, Base64 2.4.5, Showdown 1.8.6 & DOMpurify 1.0.5
    * CHANGED: Refactored JavaScript code, making it modular with private and public functions, making it much easier to maintain (#178)
    * FIXED: To counteract regressions introduced by the refactoring, we finally introduced property based unit testing for the JavaScript code, this caught several regressions, but also some very old bugs not found so far (#32)
  * **1.1.1 (2017-10-06)**
--- a/js/common.js
+++ b/js/common.js
@ -17,7 +17,7 @@ require('./prettify');
 global.prettyPrint = window.PR.prettyPrint;
 global.prettyPrintOne = window.PR.prettyPrintOne;
 global.showdown = require('./showdown-1.8.6');
-global.DOMPurify = require('./purify-1.0.3');
+global.DOMPurify = require('./purify-1.0.5');
 require('./bootstrap-3.3.7');
 require('./privatebin');

--- a/js/purify-1.0.3.js
+++ b/js/purify-1.0.3.js
--- a/js/purify-1.0.5.js
+++ b/js/purify-1.0.5.js
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@ -71,7 +71,7 @@ endif;
 if ($MARKDOWN):
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/showdown-1.8.6.js" integrity="sha512-IWAOP5QX4d1WA8ZSKXJtMWdAW8fOifwB0LyZFKaq2WcvsWF/Xmg8aQwxMOUpCjSaYY/V+NASlReVD6uCSDDvHg==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.3.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-uhzhZJSgc+XJoaxCOjiuRzQaf5klPlSSVKGw69+zT72hhfLbVwB4jbwI+f7NRucuRz6u0aFGMeZ+0PnGh73iBQ==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.5.js" integrity="sha512-y68WmhxZiNWBzbhCnMOhRIQDLQPN2zPTCbLHsjggRAjvLVzt4wihsvaMAdtz+VpoFP/SYXFJQUB6h6BH3gvDpA==" crossorigin="anonymous"></script>
 <?php
 endif;
 ?>
--- a/tpl/page.php
+++ b/tpl/page.php
@ -45,7 +45,7 @@ endif;
 if ($MARKDOWN):
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/showdown-1.8.6.js" integrity="sha512-IWAOP5QX4d1WA8ZSKXJtMWdAW8fOifwB0LyZFKaq2WcvsWF/Xmg8aQwxMOUpCjSaYY/V+NASlReVD6uCSDDvHg==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.3.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-uhzhZJSgc+XJoaxCOjiuRzQaf5klPlSSVKGw69+zT72hhfLbVwB4jbwI+f7NRucuRz6u0aFGMeZ+0PnGh73iBQ==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.5.js" integrity="sha512-y68WmhxZiNWBzbhCnMOhRIQDLQPN2zPTCbLHsjggRAjvLVzt4wihsvaMAdtz+VpoFP/SYXFJQUB6h6BH3gvDpA==" crossorigin="anonymous"></script>
 <?php
 endif;
 if ($QRCODE):