Commit Graph

528 Commits

Author SHA1 Message Date
El RIDO
be18dcb838
upgrading DOMpurify library to 3.2.3 2024-12-22 11:17:34 +01:00
El RIDO
6587466a9b remove async & ES6 feature detection
It requires eval and webcrypto got introduced in older Chrome & Firefox versions, so seems superfluous to keep.
2024-11-26 07:01:34 +01:00
El RIDO
6b180ac7b1
Merge branch 'master' into wasm-streaming 2024-11-24 21:15:56 +01:00
El RIDO
1a434b0e8d
incrementing version 2024-11-16 08:02:20 +01:00
El RIDO
8752354d63 apply StyleCI fixes 2024-10-25 07:12:30 +02:00
El RIDO
e468f07626 avoid clever key manipulation, all we need are incremental numbers starting at 1 2024-10-25 06:58:05 +02:00
El RIDO
cf83e3825f ensure key is cast to string, fixes #1435 2024-10-23 08:23:02 +02:00
El RIDO
ec2e981984
upgrading DOMpurify library to 3.1.7 2024-10-19 11:17:53 +02:00
El RIDO
980bdc922f Update SRI 2024-10-18 23:08:02 +02:00
parthiv-m
11326f86ba Update SRI 2024-10-18 11:51:57 -04:00
parthiv-m
5acecdb879 Fix for styleci failures 2024-10-13 17:51:45 -04:00
parthiv-m
f2b60d3765 Add _is_deleted status message to Controller and prompt for button click after paste delete 2024-10-13 17:45:05 -04:00
Alexis Toulotte
d0d0d7b6e5 fix: Get rid of unused code 2024-09-03 09:40:08 +11:00
Alexis Toulotte
46c92e7404 fix(configuration): Use "model_options[opt]" section from "conf.php" 2024-09-03 09:19:01 +11:00
Alexis Toulotte
05644d39f8 fix(configuration): Allow non persistent SQL connections 2024-08-30 11:10:25 +11:00
El RIDO
ab2d2f2477 upgrading DOMpurify library to 3.1.6 2024-08-03 09:52:30 +02:00
El RIDO
2b76898546 preserve configured SRI hashes 2024-07-19 08:05:40 +02:00
El RIDO
4b6c8356f5
clarify use of cache buster, avoid using regex 2024-07-09 22:35:21 +02:00
El RIDO
e051cde317
apply StyleCI recommendation 2024-07-09 21:48:40 +02:00
El RIDO
d27e7e8ee3
make scriptTag parameter a string for flexibility and clarity 2024-07-09 21:38:41 +02:00
El RIDO
7294ea7847
Merge branch 'master' into sri-into-config 2024-07-09 21:32:42 +02:00
El RIDO
cf95e0b1d1
Merge branch 'master' into pg-tables-query 2024-07-09 21:30:17 +02:00
El RIDO
031bcef317
incrementing version 2024-07-09 20:36:26 +02:00
El RIDO
8b3b16be44
SRI hashes are now configurable, no longer hardcoded in templates
- addresses #1365
- should make upgrades easier for those using custom templates
- if the JS files got customized, the default SRI hashes can be replaced in the conf.php file, added commented section in conf.sample.php
2024-07-07 16:36:52 +02:00
El RIDO
e0bca0d4dc simpler PostgreSQL table lookup query, fixes #1361 2024-07-07 12:37:28 +02:00
El RIDO
2c711e9d3c
prevent bypassing YOURLS proxy URL filter, allowing to shorten non-self URLs 2024-06-29 20:28:18 +02:00
El RIDO
68ccaaace0 address unit test failures due to strict typing 2024-06-04 07:27:45 +02:00
El RIDO
cebc9acce6 enable strict types in PHP 2024-06-04 07:13:55 +02:00
El RIDO
05402ef304 remove version from doc blocs
- @version in file header level isn't used on code docs, it is intended
  for API versions at class or method level
- avoids needing to update all these files on version increment
- avoids needing to regenerate SRI hashes for privatebin.js through
  extra phpunit run
- simplifies VERSION_FILES list
- avoids having to filter above list during loop
- adds a few missing doc bloc headers
2024-05-28 21:03:22 +02:00
El RIDO
99a3e087ed refactor database schema upgrade to support skipping versions 2024-05-25 09:40:41 +02:00
El RIDO
b96c8ae531 revert version increment in database upgrade 2024-05-25 09:14:24 +02:00
El RIDO
22419cd68a
incrementing version 2024-05-13 19:18:30 +02:00
El RIDO
5067e9222c
incrementing version 2024-05-05 20:43:33 +02:00
El RIDO
9b99712fce
handle further PHP 8.2 deprecations
PHP 8.2 deprecates implicit conversion from float to int if it loses precision, hence the explicit conversion. I missed these in 6bcef2fa24
2024-05-05 11:17:33 +02:00
El RIDO
49bc97e295
apply StyleCI recommendation 2024-05-05 11:16:17 +02:00
El RIDO
b00528388f
Merge branch 'master' into chrono-privacy 2024-05-05 10:25:31 +02:00
El RIDO
0f9158b37b
allow disabling comment date display using discussiondatedisplay configuration option 2024-05-04 14:38:41 +02:00
El RIDO
81fdf8ebfc
re-lax samesite cookie policy
As per discussion in code review:

> Cookies are always scoped in browsers. That's not the issue. SameSite attribute just protects against CSRF attacks. But Get requests (aka links) are also "protected" with Strict, which breaks it… and for users that is highly confusing when they (apparently arbitrarily) do not get the language they have set before when clicking a link.

https://github.com/PrivateBin/PrivateBin/pull/1287#discussion_r1589299210
2024-05-04 12:12:31 +02:00
El RIDO
5425ea79f8
Merge branch 'master' into bootstrap5 2024-05-04 12:08:10 +02:00
El RIDO
041068b590
apply Scrutinizer recommendation 2024-05-01 21:07:24 +02:00
El RIDO
58a235e068
apply StyleCI recommendation 2024-05-01 21:04:29 +02:00
El RIDO
2b2b6f2e41
SQLite 3.35.0 introduced drop column support
see https://www.sqlite.org/releaselog/3_35_0.html
2024-05-01 21:01:12 +02:00
El RIDO
2cc40b2447
apply StyleCI recommendation 2024-05-01 20:36:47 +02:00
El RIDO
b2db26998d
remove the old keys, if they are still stored 2024-05-01 20:32:39 +02:00
El RIDO
a9f1926b96
implement chrono privacy for pastes, addresses #1290 2024-05-01 20:16:03 +02:00
El RIDO
142a380bb2
undo simplification, here we actually check if it is a non-empty string 2024-04-23 22:02:41 +02:00
El RIDO
f4e8e363cb
fix scrutinizer reported issue
empty only works with variables, not constants - here we want to error out if PATH either isn't defined or does not end in a directory separator, so we can concatenate onto it
2024-04-23 21:15:33 +02:00
El RIDO
658383e6d1
set lang cookie with strict SameSite property 2024-04-21 11:36:31 +02:00
El RIDO
491ed9a521
bootstrap 5 template function complete
current status:
- got expiration and format selections to work
- fixed modals (password, QR-code, etc.)
- replaced glyphicons with Bootstrap icons (needs CSP relaxation to work)
- tested the different settings and combinations
- got editor tabs to change active status

to be done:
- add "Dark Mode" to translation strings
- figure out how to change prettify theme when dark mode gets selected
- check tab alignment in HTML source
2024-04-18 21:36:43 +02:00
El RIDO
7565be8ed5
initial work on a bootstrap 5 template
current status:
- renders without PHP errors & passes unit tests
- displays pastes
- responsive navbar
- right-to-left support
- auto dark mode with toggle

to be done:
- add "Dark Mode" to translation strings
- get expiration and format selections to work
- fix modals (password, QR-code, etc.)
- replace glyphicons with Bootstrap Icons (no longer included)
- test all the different settings and combinations
- check tab alignment in HTML source
2024-04-01 18:59:28 +02:00