Commit Graph

477 Commits

Author SHA1 Message Date
El RIDO
a9f1926b96
implement chrono privacy for pastes, addresses #1290 2024-05-01 20:16:03 +02:00
El RIDO
3bc09ed561
Merge pull request #1275 from PrivateBin/legacy-php-cleanup
input sanitation & removing some obsolete version checks
2024-03-26 06:33:57 +01:00
Zwyx
6130547ca6
Add response header X-Uncompressed-Content-Length for JSON API
Because the response from the API is PHP output, the usual `Content-Length` header is absent.

This [custom header technique](https://stackoverflow.com/questions/15097712/how-can-i-use-deflated-gzipped-content-with-an-xhr-onprogress-function/32799706#32799706) allows the client to know the total length of the data being received, in order to display a progress indicator.

Here's a code example with `XMLHttpRequest`:


```
xhr.addEventListener("progress", (e) => {
	if (e.lengthComputable) {
		onDownloadProgress({
			loaded: e.loaded,
			total: e.total,
		});
	} else {
		const uncompressedContentLength = xhr.getResponseHeader(
			"X-Uncompressed-Content-Length",
		);

		if (uncompressedContentLength) {
			onDownloadProgress({
				loaded: e.loaded,
				total: Number(uncompressedContentLength),
			});
		}
	}
});
```

Notes:
- `Fetch` can be used as well (only reason I use `XMLHttpRequest` is because `fetch` doesn't allow to track the progress of uploaded data (when creating a paste); whereas `XMLHttpRequest` does).
- `e.loaded` can be different between browsers; Firefox reports the length of the compressed data, Chrome reports the length of uncompressed data (see https://github.com/whatwg/xhr/issues/388). A workaround for this is to manually set our progress indicator to 100% when the request finishes.
2024-03-24 19:40:50 +08:00
El RIDO
65a626f940 inputs sanitation & remove some obsolete version checks
using filter_vars instead of filter_input, because our unit tests depend on manipulating global arrays, which are not used by filter_input - we would have to mock the function in the unit testing, it therefore is cleaner to use the same code paths in testing as in production

some inputs in I18n and TrafficLimiter remain unfiltered, since we already validate them by other means (IP lib and/or preg_match)

our minimum PHP version is 7.3, so we can drop the two < 5.6 fallback checks
2024-03-23 11:27:25 +01:00
Aaron Sherber
7c9cc7754f
Allow for shortenviayourls in query params 2024-03-16 16:55:49 -04:00
El RIDO
e1e0e8399c
phpdoc improvements 2024-03-10 18:01:46 +01:00
El RIDO
5f00587d71
phpdoc improvements, fixes #1036 2024-03-10 17:07:10 +01:00
Aaron Sherber
fd7d9f4715
Fix styleci issues 2024-03-09 16:55:44 -05:00
Aaron Sherber
8abf6ae9cb
Always add cache control headers 2024-03-09 16:49:42 -05:00
El RIDO
aad975a721
incrementing version 2024-02-11 15:31:11 +01:00
El RIDO
a3ee624d3a
incrementing version 2024-02-11 14:17:27 +01:00
El RIDO
257fc5d2b6
enable Romanian translation and credit it 2024-01-27 19:15:40 +01:00
El RIDO
2985305dbb
Merge pull request #1220 from PrivateBin/en-default-test
prevent regression around presence or absence of en.json
2023-12-23 13:06:05 +01:00
El RIDO
d49be80ffb
prevent regression around presence or absence of en.json
it gets excluded in the release archive, it's absence should not make
any difference
2023-12-18 21:49:21 +01:00
El RIDO
d88945663e detect and report on damaged pastes
May occur during statistics or purge, when existing pastes get parsed, addresses #1214
2023-12-16 07:38:09 +01:00
El RIDO
d0420fb418
1.6.2 release 2023-12-15 07:20:20 +01:00
El RIDO
684924e9e5
apply StyleCI patch 2023-12-09 12:00:57 +01:00
El RIDO
a7f720d825
ensure English is always added to available languages, fixes #1208
bug got introduced in 3668f1e3f4 and
started affecting release after 896a49c8cf
2023-12-09 11:58:29 +01:00
El RIDO
3bd570bd6a
incrementing version 2023-12-04 21:07:17 +01:00
El RIDO
5c97443d1d
add basic RTL support, drop default language key 2023-09-19 07:29:00 +02:00
El RIDO
f56907bd38
increment version 2023-09-11 19:36:45 +02:00
Sergio Giraldo
c665385ff6
feat: make the email button optional. Issue #1031
::by sergio giraldo
@ 20230909T2226CEST, gpg signed
2023-09-09 22:26:11 +02:00
El RIDO
fe37b7f0e5 enable & credit Japanese & Arabic translations 2023-08-01 14:00:45 +02:00
El RIDO
ecf100551d document change, raise minimum PHP version to 7.3, remove branch refresh 2023-07-23 10:04:57 +02:00
El RIDO
01afe7d481
incrementing version 2023-07-09 08:44:22 +02:00
El RIDO
8988899c8c
apply StyleCI patch, fixes #1084 2023-06-18 12:54:22 +02:00
Felipe Nakandakari
6d4d3af377
Fix code style issues 2023-02-27 13:26:45 +11:00
Felipe Nakandakari
e3abc042a8
Use credentials array only if values passed via conf.php 2023-02-27 12:58:18 +11:00
El RIDO
3a4e5ed0c9
unnecessary string concatenation 2023-01-15 14:45:10 +01:00
El RIDO
bf7d2f05b6
expose types JSON-LD incl. configured expiration dates, resolves #1045 2023-01-15 08:04:44 +01:00
El RIDO
e84a8694e4
incrementing version 2022-12-24 05:52:07 +01:00
El RIDO
a93c8ceccb
fold extracted function back into the one remaining place calling it 2022-12-13 06:21:37 +01:00
El RIDO
53ab57627e
re-add shuffling paste list 2022-12-12 21:28:38 +01:00
El RIDO
e54277f014
re-add 10 * batch size limit in filesystem purge and support v1 dates for sorting mixed versioned comments 2022-12-12 20:48:36 +01:00
El RIDO
38574f0196
return invalid data error on API instead of exception 2022-12-12 20:46:47 +01:00
El RIDO
b5602dd1ae
incrementing version 2022-12-11 05:02:15 +01:00
El RIDO
910675c74b
apply StyleCI fix 2022-11-18 05:38:37 +01:00
El RIDO
4056057a3c
updated some links to https 2022-11-18 05:36:33 +01:00
El RIDO
07bc3285aa
moved glob iterator pattern to const, documentation 2022-11-18 05:36:06 +01:00
El RIDO
b8593b1bf2
use a glob iterator to stream through as many matches as needed 2022-11-10 20:36:15 +01:00
El RIDO
b3699cae8f
Merge branch 'master' into bin 2022-11-10 19:28:29 +01:00
El RIDO
b53df70227
Merge pull request #1008 from PrivateBin/jdenticons-test
Jdenticons size and speed test results
2022-11-10 07:28:13 +01:00
El RIDO
e5487cee48
Merge branch 'master' into bin 2022-11-07 07:34:34 +01:00
El RIDO
89df4a54ec
enable and credit Thai translation 2022-11-07 07:12:40 +01:00
El RIDO
94aab6d64b
apply StyleCI patch 2022-11-06 09:12:42 +01:00
El RIDO
a799351db3
re-use logic from _getExpiredPastes()
Scrutinizer pointed out that the dieerr() function isn't available in this
class. Code does work when invoked by migrate script, but this way it would
also work in other contexts.
2022-11-06 09:09:50 +01:00
El RIDO
3028c22c20
be more efficient 2022-11-06 07:40:39 +01:00
El RIDO
07ad9ad0f4
typo, found by Scrutinizer 2022-11-05 09:37:24 +01:00
El RIDO
833cf93209
address Scrutinizer warning
> The variable $bucket does not seem to be defined for all execution paths leading up to this point.
2022-11-05 09:35:19 +01:00
El RIDO
8389c2a2d6
minor optimization, let the PDO driver do that for us 2022-11-05 08:46:42 +01:00