Haocen Xu
bb9a5772bc
Add resource: to script-src cspheader to allowed rendering of pdf in
...
Firefox
2020-05-30 05:37:35 -04:00
El RIDO
9914c37683
incrementing version
2020-03-22 06:44:04 +01:00
El RIDO
adece1d784
incrementing version
2020-02-16 11:15:51 +01:00
El RIDO
ed590ee557
incrementing version
2020-01-08 19:31:06 +01:00
El RIDO
0efe6f7a8e
simplify logic, fullfills the unit test
2019-12-25 08:11:25 +01:00
Lucas Savva
7d9ec9509b
Handle previously renamed CONFIG_PATH gracefully
2019-12-24 19:12:08 +00:00
Lucas Savva
d5d13fa831
Add logic to rename insecure CONFIG_PATH
2019-12-24 18:51:47 +00:00
Lucas Savva
b5c86e290f
squashme: fix code style issue
2019-12-20 10:42:59 +00:00
Lucas Savva
6b0468ebff
Add support for a CONFIG_PATH variable
2019-12-19 23:06:32 +00:00
El RIDO
2d4edfe401
incrementing version number in preparation of release
2019-09-22 19:42:04 +02:00
El RIDO
d5aeba60ca
increase default size limit to 10 MiB, documenting change
2019-09-20 07:04:26 +02:00
Haocen Xu
ab75b183fb
Fix click on new paste on clone paste editing view not removing custom
...
attachment
Fix cloning paste with attachment
Update CSP in sample and default configuration
Ensure clone paste also clone format
Fix clone button hiding logic when paste is burn after read
Remove attachment name when new paste clicked on
Enable file operation only when editing
2019-08-25 02:16:58 -04:00
El RIDO
07018e5876
incrementing version number in preparation of release
2019-07-08 18:35:34 +02:00
El RIDO
11375a4f59
moved referrer policy from CSP & meta to proper HTTP header to avoid browser console error message about unknown CSP header and to ensure it always applies before HTML is parsed, fixes #196
2019-06-27 20:31:10 +02:00
El RIDO
c2e060d464
made compression configurable, fixes #38
2019-06-23 19:45:40 +02:00
El RIDO
42c2003220
made notice configurable, fixing a few CSS glitches
2019-06-17 21:40:37 +02:00
El RIDO
362045c664
re-add data-URLs to CSP for img-src, as these are used for the comment icons
2019-06-16 07:06:58 +02:00
El RIDO
f915af1a5a
adjust CSP header to allow blob URLs
2019-06-15 09:36:09 +02:00
El RIDO
398fabd664
Chrome requires unsafe-eval for it to parse and evaluate WASM modules
2019-05-20 18:29:37 +02:00
El RIDO
b5ebc4a3d7
incrementing version
2018-08-11 19:29:58 +02:00
El RIDO
720897b902
correct CSP to allow password prompt
2018-07-21 06:45:09 +00:00
El RIDO
cfe60db8fd
increment version number
2018-07-01 13:11:32 +02:00
El RIDO
9a0318517b
correct PHPdoc, fixes #264
2018-05-27 15:18:25 +02:00
El RIDO
d6f203dc4c
Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state
2018-05-27 15:05:31 +02:00
El RIDO
caf87cc6f1
Merge branch 'master' into burnafterreading-fix, regression in expired paste error
2018-04-30 20:01:38 +02:00
El RIDO
2c82279292
Merge branch 'attachment-handling' of https://github.com/thororm/PrivateBin into thororm-attachment-handling
...
apart from resolving conflicts:
- added missing docs
- inlined functions that were used in only one location
- updated unit test to support all previews
- fixed a regression that displayed the preview even when there was no preview and too early
2018-04-29 11:57:03 +02:00
rugk
9c132cd839
Disallow form-action in CSP to limit outgoing connections
...
See https://github.com/PrivateBin/PrivateBin/issues/272
2018-01-06 18:06:06 +01:00
rugk
414ab0eb71
Add config and basic page template support
...
* load JS file asyncronously (just HTML5 async attribut)
* add basic support for page template, where it generates the code inside
of a simple div at the top
* added option to turn off QR code support
2017-12-25 14:59:15 +01:00
El RIDO
502e96c129
StyleCI recommendations
2017-10-08 19:23:33 +02:00
El RIDO
a5d5f6066a
refactoring as recommended by Scrutinizer
2017-10-08 19:16:09 +02:00
El RIDO
9f26894b2e
PHP < 5.6 compatibility and StyleCI recommendations
2017-10-08 17:10:51 +02:00
El RIDO
4f06feef81
implemented JSON file conversion on purge and storage in PHP files for data leak protection
2017-10-08 16:59:31 +02:00
El RIDO
4ded4b7f8c
adding correct HTTP error to response, as per @rugk's recommentation
2017-10-08 16:43:46 +02:00
El RIDO
dbfb1e83ba
removing dead code
2017-10-08 16:43:10 +02:00
El RIDO
62f0b95377
making StyleCI happy
2017-10-08 16:42:43 +02:00
El RIDO
6e8eafe129
implemented INI cenversion functionality
2017-10-08 16:42:11 +02:00
El RIDO
6fa2bfe30e
updated documentation, incremented version
2017-10-08 16:40:51 +02:00
rugk
f037967820
changes the file extension to php and adds a small one-liner to stop PHP from presenting the file to any website visitor
...
Signed-off-by: El RIDO <elrido@gmx.net>
2017-10-08 16:25:48 +02:00
thororm
23f5dfbff8
Merge remote-tracking branch 'remotes/thororm/master' into attachment-handling
...
# Conflicts:
# tpl/bootstrap.php
# tpl/page.php
2017-05-13 19:48:25 +02:00
El RIDO
f54036976a
added instantburnafterreading option to address #174
2017-04-11 17:23:26 +02:00
thororm
4cb0ce5114
Removed self from cspheader
...
Refactored some variable names
2017-02-13 20:37:57 +01:00
thororm
faf596aeb7
Added preview for
...
- Video (HTML5)
- Audio (HTML5)
- PDF (Browser capabilities)
attachment.
Added drag & drop functionality
Added attachment preview to preview before submitting
2017-02-12 15:35:37 +01:00
rugk
e9b10f9e2d
Add CSP sandbox
...
Fixes https://github.com/PrivateBin/PrivateBin/issues/168
Alos needed to run some Composer stuff, no idea why my diff was different.
2017-02-01 18:34:13 +01:00
El RIDO
a5d91298ff
add an option to change the site name, solves #154
2017-01-01 16:33:11 +01:00
El RIDO
1426d4e371
tagging 1.1 release and updating documentation
2016-12-26 12:13:50 +01:00
rugk
da10a761c4
Fix more typos
2016-12-12 18:50:00 +01:00
rugk
658d5ae84d
Fix style-ci errors
2016-12-12 18:43:23 +01:00
El RIDO
1f46823942
applying patch based on StyleCI ruleset
2016-10-29 10:24:08 +02:00
rugk
1a159c973f
Prevent referrer to be send
...
Uses both CSP and Referrer-Policy
Fixes #96
2016-09-03 18:12:24 +02:00
rugk
b7184b92a3
Fix csp config unit tests
2016-08-27 14:47:21 +02:00