Updated FAQ (markdown)

El RIDO 2016-09-18 10:45:35 +02:00
parent 68029d797b
commit 42aa053665

22
FAQ.md

@ -104,7 +104,7 @@ Here is the workflow you should use for verifying commits or tags:
You can use `gpg --list-public-keys --fingerprint` to view the fingerprints of all public keys. You can use `gpg --list-public-keys --fingerprint` to view the fingerprints of all public keys.
3. Import the keys [and adjust the trust level](https://www.gnupg.org/gph/en/manual/x334.html). We recommend that you sign the keys with your own or set the trust level to the highest one (not recommend). 3. Import the keys [and adjust the trust level](https://www.gnupg.org/gph/en/manual/x334.html). We recommend that you sign the keys with your own or set the trust level to the highest one (not recommend).
**Note:** If you only update PrivateBin manually and do not automate the setup you can skip this step. **Note:** If you only update PrivateBin manually and do not automate the setup you can skip this step.
3. Now you can use [`git verify-commit HEAD`](https://git-scm.com/docs/git-verify-commit] to verify the latest commit or you can use [`git verify-tag <tag here>`](https://git-scm.com/docs/git-verify-tag) to verify a specific tag. 3. Now you can use [`git verify-commit HEAD`](https://git-scm.com/docs/git-verify-commit) to verify the latest commit or you can use [`git verify-tag <tag here>`](https://git-scm.com/docs/git-verify-tag) to verify a specific tag.
You should get a message similar to this one: You should get a message similar to this one:
``` ```
@ -150,10 +150,20 @@ echo '<pre>PHP version used: ', PHP_VERSION, PHP_EOL,
If all these checks fail, you need to either: upgrade to PHP 7, [install libsodium](https://paragonie.com/book/pecl-libsodium/read/00-intro.md#installing-libsodium), add `/dev/urandom` to your `open_basedir` setting, install mcrypt (which also needs access to `dev/urandom`, so `open_basedir` must also be set) or install com_dotnet. If all these checks fail, you need to either: upgrade to PHP 7, [install libsodium](https://paragonie.com/book/pecl-libsodium/read/00-intro.md#installing-libsodium), add `/dev/urandom` to your `open_basedir` setting, install mcrypt (which also needs access to `dev/urandom`, so `open_basedir` must also be set) or install com_dotnet.
### PrivateBin does not seem to react in any way. I can not create or read pastes or even click on the hamburger menu. What is going on? ### PrivateBin does not work on my Android phone and I have enabled data saver mode
You seem to have problems with the JS files. They are not correctly executed. As a user, either switch to a PrivateBin instance on a server offering HTTPS or disable data saver mode in Settings > Data Saver.
This may have different reasons, but as we use [SRI](https://scotthelme.co.uk/subresource-integrity/) the most likely reason is that your JS files were modified. If you did this by yourself you can have follow [these instructions](https://github.com/PrivateBin/PrivateBin/wiki/Development#subresource-integrity-for-javascript-resources) to regenerate the file hashes, so that the match the JS files.
If you do not changed the JS files intentionally, there might be someone/something interfering with these files. Most likely this is a CDN, such as Cloudflare, or some VPN/data saver modes in your clients. As a server admin, consider setting up HTTPS or add a "Cache-Control: no-transform" header for your PrivateBins JS resources in your webservers configuration.
Some known examples of technologies you should disable when using PrivateBin are Cloudflares rocket loader and auto-minification and Chrome's "data saver" mode on Android.
More details on Google Chromes Data Saver mode on Android can be found at [Google](https://developer.chrome.com/multidevice/data-compression).
### PrivateBin does not work and I am using Cloudflare DDoS protection
Cloudflare works as a reverse proxy in front of your webserver. Apart from protecting your site against DDoS it acts as a man-in-the-middle even for HTTPS sites and by default tries to "optimize" your site for faster loading. Part of that optimization (currently) breaks our [SRI](https://scotthelme.co.uk/subresource-integrity/) used to ensure that your JS files don't get modified (actually it works as intended: Cloudflare _does_ modify them). Disabling the "rocket loader" feature in Cloudflare has been reported to solve this issue.
### PrivateBin does not work and I have changed something related to the JS files
When changing the JS files (or adding new ones) you need to [regenerate the SRI hashes](https://github.com/PrivateBin/PrivateBin/wiki/Development#subresource-integrity-for-javascript-resources) in your template, so that the match the updated files.
If you didn't change the JS files intentionally, there might be someone/something interfering with these files. Most likely this is a (reverse) proxy, such as Cloudflare, certain VPNs, data saver modes in your client, etc. Try to use it from a different internet connection and a different device to figure out what is manipulating the files and if you can disable/circumvent it.