Revert "removing exceptions - in these cases server admins can opt to disable the warning message in the configuration"

This reverts commit d0365faf76.
2025-05-02 06:26:16 -04:00 · 2019-06-23 09:54:48 +02:00 · 2019-06-23 09:54:48 +02:00 · dc193f7555
commit dc193f7555
parent d9f27fb004
3 changed files with 21 additions and 2 deletions
--- a/js/privatebin.js
+++ b/js/privatebin.js
@ -4538,10 +4538,29 @@ jQuery.PrivateBin = (function($, RawDeflate) {
            }

            const url = new URL(window.location);
+
            // HTTP is obviously insecure
            if (url.protocol !== 'http:') {
                return false;
            }
+
+            // filter out actually secure connections over HTTP
+            if (
+                url.hostname.endsWith('.onion') ||
+                url.hostname.endsWith('.i2p')
+            ) {
+                return false;
+            }
+
+            // whitelist localhost for development
+            if (
+                url.hostname === 'localhost' ||
+                url.hostname === '127.0.0.1'
+            ) {
+                return false;
+            }
+
+            // totally INSECURE http protocol!
            return true;
        }