Commit Graph

286 Commits

Author SHA1 Message Date
El RIDO
b40e6305ca
Merge branch 'master' into empty-paste 2018-02-27 05:20:04 +01:00
rugk
0687448d0a
Fix some issues from ESLint 2018-02-21 22:51:31 +01:00
El RIDO
ffae6111b0
handling further JSHint warnings and TODOs 2018-01-06 13:32:07 +01:00
El RIDO
98d07e0789
improving code quality issues reported by Codacy 2018-01-06 10:57:54 +01:00
El RIDO
d92755f030
undoing code style regression 2018-01-06 09:58:19 +01:00
El RIDO
72acc95326
improving code quality issues suggested by JSHint 2018-01-06 09:26:10 +01:00
El RIDO
2db412873b
implementing ESlint suggestions 2018-01-06 07:17:33 +01:00
El RIDO
5e070db6a1
reverting escaping just for Markdown formatting, as discussed in #269 2018-01-03 21:18:33 +01:00
El RIDO
a95701bba8
completing DiscussionViewer testing 2018-01-02 15:38:37 +01:00
El RIDO
fcb4249e01
actually IDs are hexadecimal, not base64, so not a problem 2018-01-02 11:51:11 +01:00
El RIDO
95bf37be8f
implementing DiscussionViewer test, found an issue with slashes in the paste or comment IDs (as per Base64 encoding) 2018-01-02 11:44:54 +01:00
El RIDO
28f1f41c17
removing duplicate code and unused option 2018-01-02 11:42:03 +01:00
El RIDO
85401a1513
Merge branch 'master' into js-unit-testing 2018-01-02 09:37:46 +01:00
El RIDO
98a8591a27
naming JS libraries consistently 2018-01-02 08:01:39 +01:00
El RIDO
094a0c80db
Merge branch 'master' into qrcode 2018-01-02 07:56:16 +01:00
El RIDO
bb54d46c7e
updating DOMPurify library, simplifying its use, ensuring HTML entities get escaped before formatting paste - regression introduced in #258, reported in #269 2018-01-01 10:25:07 +01:00
rugk
414ab0eb71
Add config and basic page template support
* load JS file asyncronously (just HTML5 async attribut)
* add basic support for page template, where it generates the code inside
  of a simple div at the top
* added option to turn off QR code support
2017-12-25 14:59:15 +01:00
El RIDO
d80c2f83fa
making DiscussionViewer testable, removing some inconsistency 2017-12-18 14:47:17 +01:00
El RIDO
928215dc5e
splitting out PasteViewer, DiscussionViewer, AttachmentViewer tests 2017-12-18 14:25:08 +01:00
El RIDO
893d29a046
splitting out Alert, Editor, PasteStatus, Prompt, UiHelper tests 2017-12-15 07:20:51 +01:00
El RIDO
be358a6804
splitting out Model tests 2017-12-14 07:31:09 +01:00
El RIDO
5b9ac67504
splitting out CryptTool tests 2017-12-14 07:23:38 +01:00
El RIDO
3fed63ce28
ensuring internal variables of common module are not changed by providing getter functions, splitting out I18n tests 2017-12-14 07:19:05 +01:00
El RIDO
dfd906900b
started to split humongous test.js into separate files 2017-12-13 07:40:48 +01:00
El RIDO
5582c05414
decrypting a particular message encrypted with v1.1.1 fails (#260) 2017-12-10 07:04:54 +01:00
El RIDO
ee8ffdc51b
en- & decrypting the particular message works without issues 2017-12-10 07:02:32 +01:00
El RIDO
39860dfdc4
making AttachmentViewer testable and implementing tests 2017-12-03 14:29:07 +01:00
El RIDO
dac86eb363
making AttachmentViewer testable 2017-11-28 06:38:10 +01:00
rugk
7bf5af761b
Add QR code generation when paste is created 2017-11-26 15:59:12 +01:00
El RIDO
d9c6b634b9
remove dangling comma 2017-11-22 22:44:38 +01:00
El RIDO
a0740ff79f
getting rid of htmlEntities (except for tests) and setElementText (dropping IE9 support), changing urls2links interface, all to avoid double encoding sanitized HTML 2017-11-22 22:27:38 +01:00
El RIDO
d0cccce7a8
removing patterns that don't get sanitized, but also don't get interpreted when inserted into the HTML 2017-11-22 20:49:23 +01:00
rugk
56f4ee5c20
Revert "Try to move sanitisation & links into setElementText"
This reverts commit 8d2e19f791.
2017-11-22 16:48:54 +01:00
rugk
8d2e19f791
Try to move sanitisation & links into setElementText 2017-11-22 16:48:00 +01:00
rugk
3d2dbabaec
add some more tests from OWASP 2017-11-22 15:41:49 +01:00
El RIDO
9fa2ea3373
ensuring text is sanitized in all cases, before being injected into the DOM 2017-11-22 08:05:06 +01:00
El RIDO
2d00202b42
correcting the XSS test, commenting two failing patterns, to be reviewed by @rugk 2017-11-22 07:03:29 +01:00
El RIDO
233bd65b00
Merge branch 'master' into sanitizeMarkdown, changing test to use new library 2017-11-22 06:30:38 +01:00
El RIDO
f2628a0bf3
added a test for #183, fails at this point, #258 should fix this 2017-11-22 06:15:09 +01:00
rugk
bbec693cab
Allow DOMPurify as a global 2017-11-21 22:26:02 +01:00
rugk
b6d7d56774
Sanitize HTML code
using DOMPurify v1.0.2
Fixes https://github.com/PrivateBin/PrivateBin/issues/183
2017-11-21 21:22:51 +01:00
El RIDO
35ea65b797
handling JSVerify RNG state 89fdc94018a35b672e 2017-11-21 10:56:58 +01:00
El RIDO
c6ddee317d
adding tests for PasteViewer class 2017-11-21 10:53:33 +01:00
El RIDO
10ee37b35c
handling JSVerify RNG state 08a74d310cfb58269e 2017-11-20 09:43:35 +01:00
El RIDO
af073c9ca1
adding tests for Editor class 2017-11-20 09:37:43 +01:00
El RIDO
5a2bb1993d
handling JSVerify RNG state 82fb7d20c918a6e543 2017-11-20 08:58:53 +01:00
El RIDO
360a0921e2
adding tests for Prompt class, typos 2017-11-20 08:49:25 +01:00
El RIDO
984941f901
adding test for hiding messages 2017-11-16 09:04:27 +01:00
El RIDO
9d1a9a0da7
fixing paste success message handling in page template 2017-11-16 08:57:08 +01:00
El RIDO
b1e1878861
fully testing remaining time display function 2017-11-16 08:50:38 +01:00