As per discussion in code review:
> Cookies are always scoped in browsers. That's not the issue. SameSite attribute just protects against CSRF attacks. But Get requests (aka links) are also "protected" with Strict, which breaks it… and for users that is highly confusing when they (apparently arbitrarily) do not get the language they have set before when clicking a link.
https://github.com/PrivateBin/PrivateBin/pull/1287#discussion_r1589299210
current status:
- made prettify theme work with dark mode
to be done:
- fix password modal display
- add "Dark Mode" to translation strings
- check tab alignment in HTML source
current status:
- got expiration and format selections to work
- fixed modals (password, QR-code, etc.)
- replaced glyphicons with Bootstrap icons (needs CSP relaxation to work)
- tested the different settings and combinations
- got editor tabs to change active status
to be done:
- add "Dark Mode" to translation strings
- figure out how to change prettify theme when dark mode gets selected
- check tab alignment in HTML source
current status:
- renders without PHP errors & passes unit tests
- displays pastes
- responsive navbar
- right-to-left support
- auto dark mode with toggle
to be done:
- add "Dark Mode" to translation strings
- get expiration and format selections to work
- fix modals (password, QR-code, etc.)
- replace glyphicons with Bootstrap Icons (no longer included)
- test all the different settings and combinations
- check tab alignment in HTML source
also:
- fixes#1039 - email buttons overlapping in some languages
- fixes#1191 - language change URL mangling
- adds focus to password input in modal
- prevents needless reload on visiting default URL
mocha tests started failing as of node 20.10.0, likely due to this change:
https://github.com/nodejs/node/pull/49936
Error was:
node:internal/deps/undici/undici:11730
Error.captureStackTrace(err, this);
^
TypeError: Failed to parse URL from js/zlib-1.2.13.wasm
at Object.fetch (node:internal/deps/undici/undici:11730:11)
at async initialize (/home/runner/work/PrivateBin/PrivateBin/js/zlib-1.2.13.js:31:26) {
[cause]: TypeError: Invalid URL: js/zlib-1.2.13.wasm
at new URLImpl (/home/runner/work/PrivateBin/PrivateBin/js/node_modules/jsdom-url/node_modules/whatwg-url/lib/URL-impl.js:21:13)
at new URLImplCore (/home/runner/work/PrivateBin/PrivateBin/js/node_modules/jsdom-url/lib/URLImpl.js:18:9)
at new URLCore (/home/runner/work/PrivateBin/PrivateBin/js/node_modules/jsdom-url/lib/URL.js:28:9)
at Object.construct (/home/runner/work/PrivateBin/PrivateBin/js/node_modules/class-proxy/index.js:18:23)
at new Request (node:internal/deps/undici/undici:5270:25)
at fetch (node:internal/deps/undici/undici:9508:25)
at Object.fetch (node:internal/deps/undici/undici:11728:18)
at fetch (node:internal/process/pre_execution:314:27)
at initialize (/home/runner/work/PrivateBin/PrivateBin/js/zlib-1.2.13.js:31:32)
at Object.<anonymous> (/home/runner/work/PrivateBin/PrivateBin/js/zlib-1.2.13.js:145:17)
at Object.<anonymous> (/home/runner/work/PrivateBin/PrivateBin/js/zlib-1.2.13.js:146:4)
[...]
Notice that the error occurs on line 31, meaning that fetch is not
undefined anymore. Node works on supporting fetch, which would make our
workaround using fs.readFileSync obsolete, but it (or rather the undici
library) currently doesn't support relative URLs.
