A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.
Go to file
El RIDO 47efedf23c traffic limiter would fail behind a reverse proxy / load balancer.
Adding configuration option to set the trusted HTTP header to get the
visitors IP in such a case (avoiding security issue if malicious clients
just set these headers themselfs)
2015-09-18 22:31:01 +02:00
cfg traffic limiter would fail behind a reverse proxy / load balancer. 2015-09-18 22:31:01 +02:00
css if the uploaded file is an image mime type, display it 2015-09-18 21:41:50 +02:00
doc fixing nasty deletion bug from #15, included unit tests to trigger it 2015-08-27 21:41:21 +02:00
i18n Minor typo correction 2015-09-17 22:29:23 +02:00
img Added "Raw text" button. 2015-08-15 20:25:46 +02:00
js if the uploaded file is an image mime type, display it 2015-09-18 21:41:50 +02:00
lib traffic limiter would fail behind a reverse proxy / load balancer. 2015-09-18 22:31:01 +02:00
tpl if the uploaded file is an image mime type, display it 2015-09-18 21:41:50 +02:00
tst merging @vikstrous file upload feature for #20 from 2015-09-16 22:51:48 +02:00
.gitattributes working on configuration unit test generator as described in #16 2015-08-29 01:26:48 +02:00
.gitignore optimized bootstrap comment layout 2015-08-23 15:52:25 +02:00
CHANGELOG.md updating docs, bumping version to 0.20 2015-09-03 22:22:59 +02:00
CREDITS.md adding credit to Viktor Stanchev for the file upload support and 2015-09-18 22:04:57 +02:00
index.php initial work on translations, covering the PHP side of it 2015-09-05 02:24:56 +02:00
INSTALL.md had to revert to HTML5 instead of XHTML5 because of compatibility 2012-08-28 23:28:41 +02:00
README.md updating docs, bumping version to 0.20 2015-09-03 22:22:59 +02:00
robots.txt Incorrect structure 2013-11-01 01:22:16 +01:00

ZeroBin 0.20

ZeroBin is a minimalist, opensource online pastebin where the server has zero knowledge of pasted data.

Data is encrypted/decrypted in the browser using 256 bit AES.

This fork of ZeroBin refactored the source code to allow easier and cleaner extensions. It is still fully compatible to the original ZeroBin 0.19 data storage scheme. Therefore such installations can be upgraded to this fork without loosing any data.

What ZeroBin provides

  • As a server administrator you don't have to worry if your users post content that is considered illegal in your country. You have no knowledge of any pastes content. If requested or enforced, you can delete any paste from your system.

  • Pastebin like system to store text documents, code samples, etc.

  • Encryption of data sent to server, even if it does not provide HTTPS.

  • Possibility to set a password which is required to read the paste. It further protects a paste and prevents people stumbling upon your paste's link from being able to read it without the password.

What it doesn't provide

  • As a user you have to trust the server administrator, your internet provider and any country the traffic passes not to inject any malicious javascript code.

  • The "key" used to encrypt the paste is part of the URL. If you publicly post the URL of a paste that is not password-protected, everybody can read it. Use a password if you want your paste to be private.

  • A server admin might be forced to hand over access logs to the authorities. ZeroBin encrypts your text and the discussion contents, but who accessed it first might still be disclosed via such access logs.

Options

Some features are optional and can be enabled or disabled in the configuration file:

  • Password protection

  • Discussions

  • Expiration times, including a "forever" and "burn after reading" option

  • Syntax highlighting using prettify.js, including 4 prettify themes

  • Templates: By default there is a bootstrap based and a "classic ZeroBin" theme and it is easy to adapt these to your own websites layout or create your own.

Further resources

Run into any issues? Have ideas for further developments? Please report them!


Copyright (c) 2012 Sébastien SAUVAGE (sebsauvage.net)

This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software.

Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:

1. The origin of this software must not be misrepresented; you must 
   not claim that you wrote the original software. If you use this 
   software in a product, an acknowledgment in the product documentation
   would be appreciated but is not required.

2. Altered source versions must be plainly marked as such, and must 
   not be misrepresented as being the original software.

3. This notice may not be removed or altered from any source distribution.