made notice configurable, fixing a few CSS glitches

2019-06-17 21:40:37 +02:00 · 2019-06-17 21:40:37 +02:00 · 42c2003220
parent a67c9ab129
commit 42c2003220
9 changed files with 34 additions and 13 deletions
--- a/cfg/conf.sample.php
+++ b/cfg/conf.sample.php
@ -77,6 +77,9 @@ languageselection = false
 ; sha256 in HMAC for the deletion token
 zerobincompatibility = false

+; enable or disable the warning message when the site is served over HTTP instead of HTTPS, defaults to true
+httpwarning = true
+
 [expire]
 ; expire value that is selected per default
 ; make sure the value exists in [expire_options]
--- a/css/bootstrap/privatebin.css
+++ b/css/bootstrap/privatebin.css
@ -81,12 +81,11 @@ body.loading {
 }

 .dragAndDropFile{
-        color:#777;
-        font-size:1em;
-        display:inline;
+	color:#777;
+	font-size:1em;
+	display:inline;
 }

-
 #deletelink {
 	float: right;
 	margin-left: 5px;
--- a/css/privatebin.css
+++ b/css/privatebin.css
@ -290,9 +290,9 @@ input {

 #ienotice a { color: #000; }

-#oldienotice { display: none; }
+#oldnotice, #httpnotice { display: none; }

-.errorMessage {
+#errormessage, .errorMessage {
 	background-color: #f77 !important;
 	color:#ff0;
 }
--- a/js/privatebin.js
+++ b/js/privatebin.js
@ -1651,7 +1651,6 @@ jQuery.PrivateBin = (function($, RawDeflate) {
         */
        me.hideMessages = function()
        {
-            // also possible: $('.statusmessage').addClass('hidden');
            $statusMessage.addClass('hidden');
            $errorMessage.addClass('hidden');
        };
@ -4672,7 +4671,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
            }

            if (isInsecureConnection()) {
-                Alert.showError('This website is using an insecure HTTP connection! Please use it only for testing.');
+                $('#httpnotice').toggle(true);
            }

            return true;
--- a/lib/Configuration.php
+++ b/lib/Configuration.php
@ -55,6 +55,7 @@ class Configuration
            'icon'                     => 'identicon',
            'cspheader'                => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\' \'unsafe-eval\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data: blob:; media-src blob:; object-src blob:; Referrer-Policy: \'no-referrer\'; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals',
            'zerobincompatibility'     => false,
+            'httpwarning'              => true,
        ),
        'expire' => array(
            'default' => '1week',
--- a/lib/Controller.php
+++ b/lib/Controller.php
@ -386,6 +386,7 @@ class Controller
        $page->assign('EXPIREDEFAULT', $this->_conf->getKey('default', 'expire'));
        $page->assign('URLSHORTENER', $this->_conf->getKey('urlshortener'));
        $page->assign('QRCODE', $this->_conf->getKey('qrcode'));
+        $page->assign('HTTPWARNING', $this->_conf->getKey('httpwarning'));
        $page->draw($this->_conf->getKey('template'));
    }

--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@ -72,7 +72,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.10.js" integrity="sha512-CqskSFXERL38A1PJP9BlO04me7kmwgDIhN1+k24RoFiisEwXA0BMdm0lzJC7g5jCRZ4k5OYdOJGEqW9CwDl4CA==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-M0NIZDkl5ZzzzG1ISZjgrgKr2jMDZ7EeTfVAgj7YkkbU83pAddjfkjlak9dp5KsMZYFDw62052a+bT+PPJhMCA==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-nuGweMxu6IG9HcczL7tf6dhR2vGKVaYuv7yC7ap+WsUnI6TMrdyQiT1dZG/k9JvnvW+ptJ+bFkuHpgec1gZ/DA==" crossorigin="anonymous"></script>
 		<!--[if IE]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
 		<![endif]-->
@ -440,11 +440,11 @@ if ($FILEUPLOAD):
 <?php
 endif;
 ?>
-				<div id="status" role="alert" class="statusmessage alert alert-info<?php echo empty($STATUS) ? ' hidden' : '' ?>">
+				<div id="status" role="alert" class="alert alert-info<?php echo empty($STATUS) ? ' hidden' : '' ?>">
 					<span class="glyphicon glyphicon-info-sign" aria-hidden="true"></span>
 					<?php echo htmlspecialchars($STATUS), PHP_EOL; ?>
 				</div>
-				<div id="errormessage" role="alert" class="statusmessage<?php echo empty($ERROR) ? ' hidden' : '' ?> alert alert-danger">
+				<div id="errormessage" role="alert" class="<?php echo empty($ERROR) ? 'hidden' : '' ?> alert alert-danger">
 					<span class="glyphicon glyphicon-alert" aria-hidden="true"></span>
 					<?php echo htmlspecialchars($ERROR), PHP_EOL; ?>
 				</div>
@ -465,6 +465,16 @@ endif;
 					<a href="https://www.opera.com/">Opera</a>,
 					<a href="https://www.google.com/chrome">Chrome</a>…
 				</div>
+<?php
+if ($HTTPWARNING):
+?>
+				<div id="httpnotice" role="alert" class="hidden alert alert-danger">
+					<span class="glyphicon glyphicon-alert" aria-hidden="true"></span>
+					<?php echo I18n::_('This website is using an insecure HTTP connection! Please use it only for testing.'), PHP_EOL; ?>
+				</div>
+<?php
+endif;
+?>
 				<div id="pastesuccess" role="alert" class="hidden alert alert-success">
 					<span class="glyphicon glyphicon-ok" aria-hidden="true"></span>
 					<div id="deletelink"></div>
@ -502,7 +512,7 @@ endif;
 				</div>
 			</section>
 			<section class="container">
-				<div id="noscript" role="alert" class="nonworking alert alert-info noscript-hide">
+				<div id="noscript" role="alert" class="alert alert-info noscript-hide">
 					<span class="glyphicon glyphicon-exclamation-sign" aria-hidden="true"></span>
 					<?php echo I18n::_('Loading…'); ?><br />
 					<span class="small"><?php echo I18n::_('In case this message never disappears please have a look at <a href="https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away">this FAQ for information to troubleshoot</a>.'); ?></span>
--- a/tpl/page.php
+++ b/tpl/page.php
@ -50,7 +50,7 @@ if ($MARKDOWN):
 endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.10.js" integrity="sha512-CqskSFXERL38A1PJP9BlO04me7kmwgDIhN1+k24RoFiisEwXA0BMdm0lzJC7g5jCRZ4k5OYdOJGEqW9CwDl4CA==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-M0NIZDkl5ZzzzG1ISZjgrgKr2jMDZ7EeTfVAgj7YkkbU83pAddjfkjlak9dp5KsMZYFDw62052a+bT+PPJhMCA==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-nuGweMxu6IG9HcczL7tf6dhR2vGKVaYuv7yC7ap+WsUnI6TMrdyQiT1dZG/k9JvnvW+ptJ+bFkuHpgec1gZ/DA==" crossorigin="anonymous"></script>
 		<!--[if IE]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;}</style>
 		<![endif]-->
@ -84,6 +84,13 @@ endif;
 				<a href="https://www.opera.com/">Opera</a>,
 				<a href="https://www.google.com/chrome">Chrome</a>…
 			</div>
+<?php
+if ($HTTPWARNING):
+?>
+			<div id="httpnotice" class="errorMessage"><?php echo I18n::_('This website is using an insecure HTTP connection! Please use it only for testing.'); ?></div>
+<?php
+endif;
+?>
 		</header>
 		<section>
 			<article>
--- a/tst/ViewTest.php
+++ b/tst/ViewTest.php
@ -55,6 +55,7 @@ class ViewTest extends PHPUnit_Framework_TestCase
        $page->assign('EXPIREDEFAULT', self::$expire_default);
        $page->assign('URLSHORTENER', '');
        $page->assign('QRCODE', true);
+        $page->assign('HTTPWARNING', true);

        $dir = dir(PATH . 'tpl');
        while (false !== ($file = $dir->read())) {