parthiv-m
851dadf600
Update CHANGELOG.md
2024-10-17 21:56:42 -04:00
El RIDO
e865bec9c3
document changes
2024-09-03 05:53:01 +02:00
El RIDO
ab2d2f2477
upgrading DOMpurify library to 3.1.6
2024-08-03 09:52:30 +02:00
El RIDO
7294ea7847
Merge branch 'master' into sri-into-config
2024-07-09 21:32:42 +02:00
El RIDO
cf95e0b1d1
Merge branch 'master' into pg-tables-query
2024-07-09 21:30:17 +02:00
El RIDO
d2f311d246
chore: prepare for next release
2024-07-09 21:27:49 +02:00
El RIDO
031bcef317
incrementing version
2024-07-09 20:36:26 +02:00
El RIDO
0c4e810e67
Merge branch 'shorten-non-self-url'
2024-07-09 20:33:54 +02:00
El RIDO
8712ed6a5d
Merge pull request #1357 from PrivateBin/b5-textarea-height
...
bootstrap5 textarea height relative to viewport height
2024-07-09 20:28:17 +02:00
El RIDO
8b3b16be44
SRI hashes are now configurable, no longer hardcoded in templates
...
- addresses #1365
- should make upgrades easier for those using custom templates
- if the JS files got customized, the default SRI hashes can be replaced in the conf.php file, added commented section in conf.sample.php
2024-07-07 16:36:52 +02:00
El RIDO
e0bca0d4dc
simpler PostgreSQL table lookup query, fixes #1361
2024-07-07 12:37:28 +02:00
El RIDO
2c711e9d3c
prevent bypassing YOURLS proxy URL filter, allowing to shorten non-self URLs
2024-06-29 20:28:18 +02:00
El RIDO
eb42915991
bootstrap5 textarea height relative to viewport height, fixes #1349
2024-06-13 20:22:40 +02:00
El RIDO
ab05ed9532
bootstrap5 dark mode toggle unset on dark browser preference, fixes #1340
2024-06-13 20:00:26 +02:00
El RIDO
662d0e1430
document change
2024-06-04 07:32:13 +02:00
El RIDO
6aa292e33d
document changes
2024-05-30 07:31:13 +02:00
El RIDO
d961a892f2
chore: prepare for next release
2024-05-13 19:33:43 +02:00
El RIDO
22419cd68a
incrementing version
2024-05-13 19:18:30 +02:00
El RIDO
619fbb6653
Merge remote-tracking branch 'origin/dompurify'
2024-05-13 06:57:41 +02:00
El RIDO
435f0d8ea1
Merge remote-tracking branch 'origin/bootstrap5-navbar'
2024-05-13 06:55:50 +02:00
El RIDO
ee3b5ec08a
chore: upgrade DOMPurify from v3.1.2 to 3.1.3
2024-05-12 10:18:49 +02:00
El RIDO
976650bdde
bootstrap 5 nav bar & footer improvements, closes #1317
2024-05-09 18:18:57 +02:00
El RIDO
2c8b5ed0e4
expiration time selection for bootstrap template, fixes #1309
2024-05-09 15:55:42 +02:00
El RIDO
28f3e544b8
chore: prepare for next release
2024-05-05 22:53:19 +02:00
El RIDO
5067e9222c
incrementing version
2024-05-05 20:43:33 +02:00
El RIDO
843aa00473
Merge branch 'chrono-privacy'
2024-05-05 19:34:22 +02:00
El RIDO
6028a1d801
chore: upgrade jQuery from v3.7.0 to 3.7.1
2024-05-05 11:50:12 +02:00
El RIDO
b00528388f
Merge branch 'master' into chrono-privacy
2024-05-05 10:25:31 +02:00
El RIDO
0983d1b514
doc
2024-05-04 16:19:56 +02:00
El RIDO
06fb606aa7
Merge branch 'master' into bootstrap
2024-05-04 16:15:07 +02:00
rugk
3f1bcb5c5a
doc: add Chnagelog entry
2024-05-04 15:39:25 +02:00
El RIDO
0f9158b37b
allow disabling comment date display using discussiondatedisplay
configuration option
2024-05-04 14:38:41 +02:00
El RIDO
81fdf8ebfc
re-lax samesite cookie policy
...
As per discussion in code review:
> Cookies are always scoped in browsers. That's not the issue. SameSite attribute just protects against CSRF attacks. But Get requests (aka links) are also "protected" with Strict, which breaks it… and for users that is highly confusing when they (apparently arbitrarily) do not get the language they have set before when clicking a link.
https://github.com/PrivateBin/PrivateBin/pull/1287#discussion_r1589299210
2024-05-04 12:12:31 +02:00
El RIDO
a9f1926b96
implement chrono privacy for pastes, addresses #1290
2024-05-01 20:16:03 +02:00
El RIDO
9bcb114a23
document changes
2024-04-21 11:46:46 +02:00
El RIDO
65a626f940
inputs sanitation & remove some obsolete version checks
...
using filter_vars instead of filter_input, because our unit tests depend on manipulating global arrays, which are not used by filter_input - we would have to mock the function in the unit testing, it therefore is cleaner to use the same code paths in testing as in production
some inputs in I18n and TrafficLimiter remain unfiltered, since we already validate them by other means (IP lib and/or preg_match)
our minimum PHP version is 7.3, so we can drop the two < 5.6 fallback checks
2024-03-23 11:27:25 +01:00
El RIDO
f0794e3c0b
document & attribute changes from #1267
2024-03-18 07:48:20 +01:00
El RIDO
89a5d07b94
shortened paste URL does not appear in email
...
fixes #606
2024-03-10 17:26:30 +01:00
El RIDO
53d2d3334d
document & attribute changes
2024-03-10 16:12:40 +01:00
El RIDO
63b2526ee7
"Send" button now labeled "Create", fixes #946
2024-02-12 21:50:11 +01:00
El RIDO
eb59f3a4f3
post-release cleanup
2024-02-11 15:36:59 +01:00
El RIDO
aad975a721
incrementing version
2024-02-11 15:31:11 +01:00
El RIDO
5c29619fee
post-release cleanup
...
- prep changelog for future changes
- composer changes from re-running composer on the repo, testing deps
- change to phpunit coverage make target, required with newer releases
2024-02-11 15:10:01 +01:00
El RIDO
a3ee624d3a
incrementing version
2024-02-11 14:17:27 +01:00
El RIDO
57b1890815
Merge branch 'master' into ask-before-burn
2024-02-07 19:45:54 +01:00
El RIDO
7bb913acdf
Merge pull request #1236 from PrivateBin/bump-libs
...
bump libraries to DOMpurify 3.0.8 & zlib 1.3.1, increase compression level
2024-02-07 19:30:25 +01:00
El RIDO
950c0b56b4
revert changing compression level
...
as per discussion with @rugk, see:
https://github.com/PrivateBin/PrivateBin/pull/1236#discussion_r1473639960
2024-02-06 19:21:14 +01:00
El RIDO
239f6da73c
Merge branch 'master' into crowdin-translation
2024-01-27 19:19:08 +01:00
El RIDO
257fc5d2b6
enable Romanian translation and credit it
2024-01-27 19:15:40 +01:00
El RIDO
56f5b2386c
document changes
2024-01-27 18:51:12 +01:00