diff --git a/js/privatebin.js b/js/privatebin.js index 51f24e8a..f4805867 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -1547,7 +1547,7 @@ jQuery.PrivateBin = (function($) { // string, so we re-add them if necessary symmetricKey = CryptTool.base58decode(newKey).padStart(32, '\u0000'); } catch(e) { - symmetricKey = newKey; + throw 'encryption key of unsupported format given or incomplete, mangled URL'; } } @@ -5727,12 +5727,8 @@ jQuery.PrivateBin = (function($) { Model.getPasteKey(); } catch (err) { console.error(err); - - // missing decryption key (or paste ID) in URL? - if (window.location.hash.length === 0) { - Alert.showError('Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)'); - return; - } + Alert.showError('Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)'); + return; } // check if we should request loading confirmation diff --git a/js/test/Model.js b/js/test/Model.js index 77adbead..417c5e5b 100644 --- a/js/test/Model.js +++ b/js/test/Model.js @@ -104,8 +104,8 @@ describe('Model', function () { 'throws exception on empty query string', common.jscUrl(true, false), function (url) { - let clean = jsdom('', {url: common.urlToString(url)}), - result = false; + const clean = jsdom('', {url: common.urlToString(url)}); + let result = false; try { $.PrivateBin.Model.getPasteId(); } @@ -126,15 +126,21 @@ describe('Model', function () { }); jsc.property( - 'returns the fragment of a v1 URL', + 'throws exception on v1 URLs', common.jscUrl(), function (url) { url.fragment = '0OIl'; // any non-base58 string - const clean = jsdom('', {url: common.urlToString(url)}), - result = $.PrivateBin.Model.getPasteKey(); + const clean = jsdom('', {url: common.urlToString(url)}); + let result = false; + try { + $.PrivateBin.Model.getPasteId(); + } + catch(err) { + result = true; + } $.PrivateBin.Model.reset(); clean(); - return url.fragment === result; + return result; } ); jsc.property( diff --git a/lib/Configuration.php b/lib/Configuration.php index d46f8947..95190446 100644 --- a/lib/Configuration.php +++ b/lib/Configuration.php @@ -116,7 +116,7 @@ class Configuration 'js/kjua-0.9.0.js' => 'sha512-CVn7af+vTMBd9RjoS4QM5fpLFEOtBCoB0zPtaqIDC7sF4F8qgUSRFQQpIyEDGsr6yrjbuOLzdf20tkHHmpaqwQ==', 'js/legacy.js' => 'sha512-UxW/TOZKon83n6dk/09GsYKIyeO5LeBHokxyIq+r7KFS5KMBeIB/EM7NrkVYIezwZBaovnyNtY2d9tKFicRlXg==', 'js/prettify.js' => 'sha512-puO0Ogy++IoA2Pb9IjSxV1n4+kQkKXYAEUtVzfZpQepyDPyXk8hokiYDS7ybMogYlyyEIwMLpZqVhCkARQWLMg==', - 'js/privatebin.js' => 'sha512-Zn0Y6qS8Wo8R1TivyULWSJsb+Yyb1YJkaobfurZcTUHxTUiH+bmcT8naAGTrxmDNNd9E3rWUM/968/Zt9aJfow==', + 'js/privatebin.js' => 'sha512-FSrG36x5zv0ERkagznlfQSE4Dpnvf0Sm6F1a21Qn874ALt9OxqUObUTe7D8tmTBCo0jh5i2B4dh8wIa4HSWB8Q==', 'js/purify-3.2.6.js' => 'sha512-zqwL4OoBLFx89QPewkz4Lz5CSA2ktU+f31fuECkF0iK3Id5qd3Zpq5dMby8KwHjIEpsUgOqwF58cnmcaNem0EA==', 'js/showdown-2.1.0.js' => 'sha512-WYXZgkTR0u/Y9SVIA4nTTOih0kXMEd8RRV6MLFdL6YU8ymhR528NLlYQt1nlJQbYz4EW+ZsS0fx1awhiQJme1Q==', 'js/zlib-1.3.1-1.js' => 'sha512-5bU9IIP4PgBrOKLZvGWJD4kgfQrkTz8Z3Iqeu058mbQzW3mCumOU6M3UVbVZU9rrVoVwaW4cZK8U8h5xjF88eQ==', diff --git a/lib/Model/Paste.php b/lib/Model/Paste.php index bf64ce10..66684d8b 100644 --- a/lib/Model/Paste.php +++ b/lib/Model/Paste.php @@ -80,20 +80,6 @@ class Paste extends AbstractModel $this->delete(); } - // set formatter for the view in version 1 pastes. - if (array_key_exists('data', $data) && !array_key_exists('formatter', $data['meta'])) { - // support < 0.21 syntax highlighting - if (array_key_exists('syntaxcoloring', $data['meta']) && $data['meta']['syntaxcoloring'] === true) { - $data['meta']['formatter'] = 'syntaxhighlighting'; - } else { - $data['meta']['formatter'] = $this->_conf->getKey('defaultformatter'); - } - } - - // support old paste format with server wide salt - if (!array_key_exists('salt', $data['meta'])) { - $data['meta']['salt'] = ServerSalt::get(); - } $data['comments'] = array_values($this->getComments()); $data['comment_count'] = count($data['comments']); $data['comment_offset'] = 0; diff --git a/tst/ControllerTest.php b/tst/ControllerTest.php index a3ebb652..e2ca4ffa 100644 --- a/tst/ControllerTest.php +++ b/tst/ControllerTest.php @@ -919,27 +919,4 @@ class ControllerTest extends TestCase ); $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste successfully deleted'); } - - /** - * @runInSeparateProcess - */ - public function testDeleteMissingPerPasteSalt() - { - $paste = Helper::getPaste(); - unset($paste['meta']['salt']); - $this->_data->create(Helper::getPasteId(), $paste); - $this->assertTrue($this->_data->exists(Helper::getPasteId()), 'paste exists before deleting data'); - $_GET['pasteid'] = Helper::getPasteId(); - $_GET['deletetoken'] = hash_hmac('sha256', Helper::getPasteId(), ServerSalt::get()); - ob_start(); - new Controller; - $content = ob_get_contents(); - ob_end_clean(); - $this->assertMatchesRegularExpression( - '#]*id="status"[^>]*>.*Paste was properly deleted\.#s', - $content, - 'outputs deleted status correctly' - ); - $this->assertFalse($this->_data->exists(Helper::getPasteId()), 'paste successfully deleted'); - } }