rugk
9c132cd839
Disallow form-action in CSP to limit outgoing connections
...
See https://github.com/PrivateBin/PrivateBin/issues/272
7 years ago
rugk
414ab0eb71
Add config and basic page template support
...
* load JS file asyncronously (just HTML5 async attribut)
* add basic support for page template, where it generates the code inside
of a simple div at the top
* added option to turn off QR code support
7 years ago
El RIDO
4ded4b7f8c
adding correct HTTP error to response, as per @rugk's recommentation
7 years ago
El RIDO
6625a9dc59
hiding INI contents from StyleCI
7 years ago
El RIDO
7197705d5c
updating unit test in preparation for planned file name change, currently failing
7 years ago
El RIDO
f54036976a
added instantburnafterreading option to address #174
7 years ago
El RIDO
be0919893d
updating shipped .htaccess files for Apache 2.4 as per https://httpd.apache.org/docs/2.4/upgrading.html#access - Thanks @EchoDev, fixes #194
7 years ago
rugk
e9b10f9e2d
Add CSP sandbox
...
Fixes https://github.com/PrivateBin/PrivateBin/issues/168
Alos needed to run some Composer stuff, no idea why my diff was different.
7 years ago
El RIDO
67f6c4eb61
turned bootstrap template variants into logic
8 years ago
rugk
f5aefa5513
Update for correct spelling
8 years ago
Jordyn Carattini
36f70cad48
Fixed a spelling error in conf.ini
...
Changed "Mibibytes" to "Megabytes"
8 years ago
El RIDO
a5d91298ff
add an option to change the site name, solves #154
8 years ago
rugk
2cd4717bd2
Use default csp value by default
...
Otherwise the CSP may break updates if we later change the behaviour of PrivateBin somehow.
We should have done this before the v1.0 release, but well...
8 years ago
rugk
1a159c973f
Prevent referrer to be send
...
Uses both CSP and Referrer-Policy
Fixes #96
8 years ago
rugk
9ff74e8841
Allow manifest loading via CSP
8 years ago
rugk
3d541f867b
Update config file header
...
We really don't need to license the config file....
8 years ago
El RIDO
3988b860b0
implemented Identicon library as new default for comment icons, made Vizhash an optional alternative, refactored Vizhash and removed string lenghtening
8 years ago
El RIDO
addb666a23
introducing CSP header to mitigate XSS attacks, closes #10
8 years ago
El RIDO
b45bef8388
Renamed classes for full PSR-2 compliance, some cleanup
8 years ago
rugk
38ab755733
Replace HTTP links with HTTPS
...
Using this regexp: https://regex101.com/r/rZ2dE2/1
8 years ago
El RIDO
b53efda635
improving code coverage and unit testing
8 years ago
El RIDO
ff0c55c0d6
introduce option to disable vizhash for paranoid admins, resolves #20 point 2.4
8 years ago
El RIDO
20cf678a75
adding default configuration for purging, resolves #3 (again)
8 years ago
El RIDO
79509ad48a
renaming the fork to PrivateBin
8 years ago
Gilles
a7ef0b54e6
ZeroBin -> PrivateBin
...
Changing name
8 years ago
El RIDO
0e217a42c5
introduce new zerobincompatibility option, replacing the base64 one, if it is enabled, delete tokens use sha256; added per paste salt with server salt fallback; this resolves the points 2.2 & 2.9 in #103
8 years ago
El RIDO
a4ebdbc606
re-introducing (optional) URL shortener support, resolves #58
8 years ago
El RIDO
24a4328c55
incrementing version, updating changelog, added missing phpdoc comments
9 years ago
El RIDO
d42975580a
expire_options and formatter_options should not be filled up with
...
default values, resolves #52
9 years ago
El RIDO
176dff3b70
renaming config file to make updates easier, resolving #50
9 years ago
El RIDO
e3f4aa982c
adding configuration option to set a default language and/or force it,
...
resolves #39
9 years ago
El RIDO
ca07398b66
adding option to hide clone button on expiring pastes, resolves #34
9 years ago
El RIDO
9f68658106
incrementing version number, updating changelog
9 years ago
El RIDO
608605cd54
incrementing version number, updating docs
9 years ago
El RIDO
a41d0ca4dd
various fixes:
...
- changing default formatter option to plain text to make upgrading from
0.19 Alpha smoother
- fixing translation message change in bootstrap templates
- adjusting how image uploads are displayed in bootstrap templates
9 years ago
El RIDO
a111357fae
add optional (since it uses a session cookie) language selection
9 years ago
El RIDO
47efedf23c
traffic limiter would fail behind a reverse proxy / load balancer.
...
Adding configuration option to set the trusted HTTP header to get the
visitors IP in such a case (avoiding security issue if malicious clients
just set these headers themselfs)
9 years ago
El RIDO
106141efa4
merging @vikstrous file upload feature for #20 from
...
8a6d268278
9 years ago
El RIDO
0e53d1ee86
added markdown support and a dropdown for the format selection. The
...
options other then markdown are plain text and source code (syntax
highlighting). Resolves #25
9 years ago
El RIDO
b060d57524
- implemented php side of plural translation
...
- using it to generate labels dynamically for the expire options
(deprecating the [expire_labels] configuration).
- added translation of the human readable data sizes to support the
french octet
- fixed IEC label for kibibytes
9 years ago
El RIDO
2d79ba8243
updating docs, bumping version to 0.20
9 years ago
El RIDO
d3c4600806
slight configuration changes, template modifications to make discussions
...
and password configurable, removed generated configuration test as it
grows quite big and a new one can be generated easily if needed
9 years ago
Hexalyse
95f1db925b
Merge branch 'master' of https://github.com/elrido/ZeroBin
...
Conflicts:
cfg/conf.ini
js/zerobin.js
9 years ago
El RIDO
2d0668af03
concluding work on configuration test generator for #16 . Replaced a few
...
die()s in the code with Exception, making it possible to test properly.
Fixed some outdated unit tests.
9 years ago
El RIDO
3306bcff99
switch to bootstrap theme by default
9 years ago
Hexalyse
da7ffc5d07
Changed css
9 years ago
Hexalyse
f2912a07b0
Changed config to use SQLite
9 years ago
El RIDO
cb28056223
made highlighting more configurable, added all four themes, there is now a configurable flavour text (notice)
9 years ago
El RIDO
49c6e3c1b6
updated base64.js to version 2.1.9, using minified version found at
...
9192c510f5/base64.min.js
kudos Dan Kogai
small improvements to input checking
implementing default values for most configuration options
switching to versioned JS files to avoid version hack used in template
9 years ago
El RIDO
e646729b2d
fixing regressions from cherrypicking
9 years ago