d6f203dc4c
Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state
6 years ago
caf87cc6f1
Merge branch 'master' into burnafterreading-fix, regression in expired paste error
6 years ago
2c82279292
Merge branch 'attachment-handling' of https://github.com/thororm/PrivateBin into thororm-attachment-handling
...
apart from resolving conflicts:
- added missing docs
- inlined functions that were used in only one location
- updated unit test to support all previews
- fixed a regression that displayed the preview even when there was no preview and too early
6 years ago
9c132cd839
Disallow form-action in CSP to limit outgoing connections
...
See https://github.com/PrivateBin/PrivateBin/issues/272
6 years ago
414ab0eb71
Add config and basic page template support
...
* load JS file asyncronously (just HTML5 async attribut)
* add basic support for page template, where it generates the code inside
of a simple div at the top
* added option to turn off QR code support
6 years ago
4ded4b7f8c
adding correct HTTP error to response, as per @rugk's recommentation
7 years ago
6625a9dc59
hiding INI contents from StyleCI
7 years ago
7197705d5c
updating unit test in preparation for planned file name change, currently failing
7 years ago
23f5dfbff8
Merge remote-tracking branch 'remotes/thororm/master' into attachment-handling
...
# Conflicts:
# tpl/bootstrap.php
# tpl/page.php
7 years ago
f54036976a
added instantburnafterreading option to address #174
7 years ago
096f07f86e
Merge branch 'master' into attachment-handling
...
# Conflicts:
# js/privatebin.js
# tpl/bootstrap.php
# tpl/page.php
7 years ago
be0919893d
updating shipped .htaccess files for Apache 2.4 as per https://httpd.apache.org/docs/2.4/upgrading.html#access - Thanks @EchoDev, fixes #194
7 years ago
b9737d368d
Update conf.ini.sample
7 years ago
faf596aeb7
Added preview for
...
- Video (HTML5)
- Audio (HTML5)
- PDF (Browser capabilities)
attachment.
Added drag & drop functionality
Added attachment preview to preview before submitting
7 years ago
e9b10f9e2d
Add CSP sandbox
...
Fixes https://github.com/PrivateBin/PrivateBin/issues/168
Alos needed to run some Composer stuff, no idea why my diff was different.
7 years ago
67f6c4eb61
turned bootstrap template variants into logic
7 years ago
f5aefa5513
Update for correct spelling
7 years ago
36f70cad48
Fixed a spelling error in conf.ini
...
Changed "Mibibytes" to "Megabytes"
7 years ago
a5d91298ff
add an option to change the site name, solves #154
7 years ago
2cd4717bd2
Use default csp value by default
...
Otherwise the CSP may break updates if we later change the behaviour of PrivateBin somehow.
We should have done this before the v1.0 release, but well...
8 years ago
1a159c973f
Prevent referrer to be send
...
Uses both CSP and Referrer-Policy
Fixes #96
8 years ago
9ff74e8841
Allow manifest loading via CSP
8 years ago
3d541f867b
Update config file header
...
We really don't need to license the config file....
8 years ago
3988b860b0
implemented Identicon library as new default for comment icons, made Vizhash an optional alternative, refactored Vizhash and removed string lenghtening
8 years ago
addb666a23
introducing CSP header to mitigate XSS attacks, closes #10
8 years ago
b45bef8388
Renamed classes for full PSR-2 compliance, some cleanup
8 years ago
38ab755733
Replace HTTP links with HTTPS
...
Using this regexp: https://regex101.com/r/rZ2dE2/1
8 years ago
b53efda635
improving code coverage and unit testing
8 years ago
ff0c55c0d6
introduce option to disable vizhash for paranoid admins, resolves #20 point 2.4
8 years ago
20cf678a75
adding default configuration for purging, resolves #3 (again)
8 years ago
79509ad48a
renaming the fork to PrivateBin
8 years ago
a7ef0b54e6
ZeroBin -> PrivateBin
...
Changing name
8 years ago
0e217a42c5
introduce new zerobincompatibility option, replacing the base64 one, if it is enabled, delete tokens use sha256; added per paste salt with server salt fallback; this resolves the points 2.2 & 2.9 in #103
8 years ago
a4ebdbc606
re-introducing (optional) URL shortener support, resolves #58
8 years ago
24a4328c55
incrementing version, updating changelog, added missing phpdoc comments
9 years ago
d42975580a
expire_options and formatter_options should not be filled up with
...
default values, resolves #52
9 years ago
176dff3b70
renaming config file to make updates easier, resolving #50
9 years ago
e3f4aa982c
adding configuration option to set a default language and/or force it,
...
resolves #39
9 years ago
ca07398b66
adding option to hide clone button on expiring pastes, resolves #34
9 years ago
9f68658106
incrementing version number, updating changelog
9 years ago
608605cd54
incrementing version number, updating docs
9 years ago
a41d0ca4dd
various fixes:
...
- changing default formatter option to plain text to make upgrading from
0.19 Alpha smoother
- fixing translation message change in bootstrap templates
- adjusting how image uploads are displayed in bootstrap templates
9 years ago
a111357fae
add optional (since it uses a session cookie) language selection
9 years ago
47efedf23c
traffic limiter would fail behind a reverse proxy / load balancer.
...
Adding configuration option to set the trusted HTTP header to get the
visitors IP in such a case (avoiding security issue if malicious clients
just set these headers themselfs)
9 years ago
106141efa4
merging @vikstrous file upload feature for #20 from
...
8a6d268278
9 years ago
0e53d1ee86
added markdown support and a dropdown for the format selection. The
...
options other then markdown are plain text and source code (syntax
highlighting). Resolves #25
9 years ago
b060d57524
- implemented php side of plural translation
...
- using it to generate labels dynamically for the expire options
(deprecating the [expire_labels] configuration).
- added translation of the human readable data sizes to support the
french octet
- fixed IEC label for kibibytes
9 years ago
2d79ba8243
updating docs, bumping version to 0.20
9 years ago
d3c4600806
slight configuration changes, template modifications to make discussions
...
and password configurable, removed generated configuration test as it
grows quite big and a new one can be generated easily if needed
9 years ago
95f1db925b
Merge branch 'master' of https://github.com/elrido/ZeroBin
...
Conflicts:
cfg/conf.ini
js/zerobin.js
9 years ago
El RIDO