El RIDO
d027cb188d
allow switching to a memorized paste by clicking it
2020-07-01 21:02:45 +02:00
El RIDO
4e3348795c
Merge branch 'master' into paste-manager
2020-06-30 20:17:06 +02:00
El RIDO
0673c1cde1
fix display of empty files #663
2020-06-30 20:10:56 +02:00
El RIDO
2d9666c5ef
refactor button refresh
2020-06-29 21:22:27 +02:00
El RIDO
521f134638
edge cases: re-enable remember button when creating a new paste, refresh list and disble button upon memorizing the current paste
2020-06-29 21:13:26 +02:00
El RIDO
ea93c474ea
ensure code can be tested, handle async indexedDB, don't let user add same URL more then once
2020-06-29 21:00:59 +02:00
El RIDO
8b170397a9
adding a remember button
2020-06-28 21:47:32 +02:00
El RIDO
ac32826009
initial work to add IndexedDB support, including npm module to mock its API in unit tests
2020-06-28 14:52:40 +02:00
El RIDO
c4830044f7
adding some simple non-stored logic to test the interface
2020-06-28 13:05:47 +02:00
El RIDO
daae0d0dca
initial memory boilerplate, move sidebar toggle into it's init, test it behaves as it should
2020-06-28 11:25:09 +02:00
El RIDO
8537f396b3
add a crude responsive collapsible sidebar
2020-06-27 13:36:53 +02:00
Haocen Xu
f1d4792d3e
Update SRI
2020-06-02 09:06:12 -04:00
unknown
9b138fd5fd
Update SRI
2020-06-01 02:35:06 +08:00
Haocen Xu
420f0d6634
Update SRI
2020-05-30 06:22:35 -04:00
rugk
38a1726e22
Regenerate SRI
2020-04-23 12:07:38 +02:00
El RIDO
7e77b94158
revert the revert caused by the merge of master
2020-03-23 18:58:26 +01:00
El RIDO
9914c37683
incrementing version
2020-03-22 06:44:04 +01:00
El RIDO
1439bb291f
allow pasting password on paste with attachment - big kudos @rugk for finding it! - fixes #565 , fixes #595
2020-03-21 16:53:55 +01:00
rugk
7cb830e22f
It includes a change in the RegEx for URLs because that was broken when a
...
& character later followed at any time after a link (even after a newline).
(with a negative lookahead)
Test with https://regex101.com/r/i7bZ73/1
Now the RegEx does not check for _all_ chars after a link, but just for the
one following the link.
(So the lookahead is not * anymore. I guess thsi behaviour was
the expectation when it has been implemented.)
2020-03-06 22:37:12 +01:00
El RIDO
c334d2d00d
Merge branch 'master' into preview-encoding
2020-03-06 22:23:40 +01:00
El RIDO
c11dc8e17e
reverting Helper.urls2links() method to old style, applied to element instead of string, allows inserting plain text as text node
2020-03-06 22:18:38 +01:00
El RIDO
8a6dcf910a
Revert "in Helper.urls2links(), encode HTML entities, find and insert links, partially decoding only the href property of it"
...
This reverts commit 5340f417e0
.
2020-03-06 20:57:15 +01:00
El RIDO
f391773c65
generalize date string handling, replacing hardcoded lookups, fixes #586
2020-03-01 08:54:48 +01:00
El RIDO
5340f417e0
in Helper.urls2links(), encode HTML entities, find and insert links, partially decoding only the href property of it
2020-02-29 09:37:54 +01:00
El RIDO
d2e9e47b67
refactor switch into nested if/else, to improve readability - no functional change
2020-02-29 08:45:56 +01:00
El RIDO
adece1d784
incrementing version
2020-02-16 11:15:51 +01:00
El RIDO
aa377038a0
fixing DOMpurify 2.0.8 SRI after removing map line in file (which causes unnecessary requests to missing files in the browser)
2020-02-05 19:05:37 +01:00
El RIDO
00438ec1ab
upgrade DOMpurify to 2.0.8
2020-02-04 18:43:35 +01:00
El RIDO
3fdd42487a
fix FAQ links, tweaking the subtext display, add link to modern browser FAQ, fixes #577
2020-02-02 07:35:33 +01:00
El RIDO
2cbb8bf3ca
in translation, allow links to be inserted unencoded into href attribute, simplfy sanitation by allowing only <a> tags in DOMpurify for plain text and comments and avoid DOMpurify removing magnet links, fixes #579
2020-02-02 07:08:38 +01:00
El RIDO
3996f82404
relax encoding of slashes just for plaintext display, so links can be detected
2020-02-01 16:30:41 +01:00
El RIDO
1b206e8495
ensuring consistent use of php side encoding, testing all encoding cases, correctly report the language in the <html> tag
2020-02-01 09:15:14 +01:00
El RIDO
cc0920fc09
add HTML entity encoding to PHP translation logic, remove exception to allow <br/> tags in DOMpurify by eliminating the single case that made use of it
2020-02-01 08:46:59 +01:00
El RIDO
91003d6597
Merge remote-tracking branch 'origin/master' into displayEncoding
2020-02-01 07:52:48 +01:00
El RIDO
8a6415ef5f
fixing jsverify rngStates 0220439df7ec68a15b, 015c81b7afd06e4293 & 041e3d57692b08fc4a
2020-01-31 22:42:42 +01:00
Erion
3f8cf1792d
Switch to single quotes.
2020-01-26 18:08:59 +01:00
Erion
f6899785a9
Fix ARIA for Editor/preview tabs.
2020-01-25 18:47:18 +01:00
El RIDO
2d11d7b29e
re-applying sprintf simplification and rephrased jsdoc block
2020-01-25 09:16:14 +01:00
El RIDO
29efc14aa7
Revert "implement simplified translation logic, forcing the use of safe application via jQuery element"
...
This reverts commit 62365880b4
. The unit tests showed that the text2string function completely undid the XSS fix, so it was always unsafe to use it. Also the logic simplifications were smaller then expected.
2020-01-25 09:07:29 +01:00
El RIDO
62365880b4
implement simplified translation logic, forcing the use of safe application via jQuery element
2020-01-25 09:07:06 +01:00
El RIDO
aa3f1206b2
rewriting translations to pass jQuery element where easily possible
2020-01-25 08:13:36 +01:00
El RIDO
42130e0468
prevent potentially non-encoded string from getting returned
2020-01-18 10:53:58 +01:00
El RIDO
685c354d0e
several changes:
...
- added tests for all 4 cases: output to string or into element vs first param contains link or not
- cleaned up logic - skip HTML entity encoding only if we can ensure insertion to text node / when output to string, we always encode
- DOMpurify sanitizes gopher, ws & wss links, which we previosly had tested for
2020-01-18 10:44:35 +01:00
El RIDO
fa9d3037ba
fixing logic & indentation
2020-01-18 07:44:32 +01:00
El RIDO
7b87dc3ca9
cleanup revert
2020-01-18 07:36:43 +01:00
El RIDO
0d08edbe55
Revert "getting rid of htmlEntities (except for tests)" a0740ff79f
2020-01-18 07:30:01 +01:00
El RIDO
cec5cb41d7
Partial revert "Do not double-encode HTML in i18n", only revert the removal of required encoding logic - still has to be moved
...
This reverts commit 01414e43ca
.
2020-01-18 07:20:05 +01:00
El RIDO
76eff6a87a
Revert "[TEST] Try to disallow vulnerable cases" to remove accidentally committed file and statement that breaks the tests
...
This reverts commit ebc2d649c4
.
2020-01-18 07:12:03 +01:00
rugk
eb549d70d1
Invert conatainsLink logic
2020-01-15 17:52:51 +01:00
rugk
ebc2d649c4
[TEST] Try to disallow vulnerable cases
2020-01-13 19:56:15 +01:00