fixing HTTP only error detection in Chrome and Android by ensuring all logic is contained in legacy.js

2024-10-01 01:26:10 -04:00 · 2019-09-17 21:41:25 +02:00 · 2019-09-17 21:41:25 +02:00 · 5810f17c31
commit 5810f17c31
parent 1a42158dd1
3 changed files with 38 additions and 4 deletions
--- a/js/legacy.js
+++ b/js/legacy.js
@ -188,6 +188,35 @@ jQuery.Legacy = (function($) {
            return false;
        }

+        /**
+         * shows an error message
+         *
+         * @private
+         * @name   Check.showError
+         * @param  {string} message
+         * @function
+         */
+        function showError(message)
+        {
+            var $error = $('#errormessage'),
+                $glyphIcon = $error.find(':first'),
+                $element;
+            if ($glyphIcon.length) {
+                // if there is an icon, we need to provide an inner element
+                // to translate the message into, instead of the parent
+                $element = $('<span>');
+                $error.html(' ').prepend($glyphIcon).append($element);
+            } else {
+                $element = $error;
+            }
+            if (message.indexOf('<a') === -1) {
+                $element.text(message);
+            } else {
+                $element.html(message);
+            }
+            $error.removeClass('hidden');
+        }
+
        /**
         * returns if the check has concluded
         *
@ -223,7 +252,7 @@ jQuery.Legacy = (function($) {
            // prevent bots from viewing a paste and potentially deleting data
            // when burn-after-reading is set
            if (isBadBot()) {
-                $.PrivateBin.Alert.showError('I love you too, bot…');
+                showError('I love you too, bot…');
                init = true;
                return;
            }
@ -231,7 +260,12 @@ jQuery.Legacy = (function($) {
            if (isOldBrowser()) {
                // some browsers (Chrome based ones) would have webcrypto support if using HTTPS
                if (!isSecureContext()) {
-                    $.PrivateBin.Alert.showError(['Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href="%s">switching to HTTPS</a>.', 'https' + window.location.href.slice(4)]);
+                    showError(
+                        'Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href="%s">switching to HTTPS</a>.'.replace(
+                            '%s',
+                            'https' + window.location.href.slice(4)
+                        )
+                    );
                }
                $('#oldnotice').removeClass('hidden');
                init = true;
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@ -71,7 +71,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.11.js" integrity="sha512-p7UyJuyBkhMcMgE4mDsgK0Lz70OvetLefua1oXs1OujWv9gOxh4xy8InFux7bZ4/DAZsTmO4rgVwZW9BHKaTaw==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-QuU8Mo/sOQw9040/x1o+jCm7BAZEwI9+PSrlDf1DDF0nOe8x3cgzJwAFn9ngQLxSP3wn8imYJbWM4bPWeB8FgQ==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-tujqWT2EpSr9Iw6z9ET4P7x4lO6hMT+ccqVvWsq9lZjgbWa52AcML4MMiK6/VNFGna9i1IlyvloY9vBf3HH9XQ==" crossorigin="anonymous"></script>
 		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-qJ7Lfyl7375UWjsItSmAUFwhvynGHUy9U1ldU2OCpFOr5YWhAluEIN0/8ztO7p+5DcljE3wYst1b0ZBiVBEnag==" crossorigin="anonymous"></script>
 		<!--[if IE]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
--- a/tpl/page.php
+++ b/tpl/page.php
@ -49,7 +49,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.11.js" integrity="sha512-p7UyJuyBkhMcMgE4mDsgK0Lz70OvetLefua1oXs1OujWv9gOxh4xy8InFux7bZ4/DAZsTmO4rgVwZW9BHKaTaw==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-QuU8Mo/sOQw9040/x1o+jCm7BAZEwI9+PSrlDf1DDF0nOe8x3cgzJwAFn9ngQLxSP3wn8imYJbWM4bPWeB8FgQ==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-tujqWT2EpSr9Iw6z9ET4P7x4lO6hMT+ccqVvWsq9lZjgbWa52AcML4MMiK6/VNFGna9i1IlyvloY9vBf3HH9XQ==" crossorigin="anonymous"></script>
 		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-qJ7Lfyl7375UWjsItSmAUFwhvynGHUy9U1ldU2OCpFOr5YWhAluEIN0/8ztO7p+5DcljE3wYst1b0ZBiVBEnag==" crossorigin="anonymous"></script>
 		<!--[if IE]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>