mirror of
https://github.com/PrivateBin/PrivateBin.git
synced 2024-03-22 13:10:41 +08:00
extracting only the 16 hex characters of the query string as paste ID, addressing #396
This commit is contained in:
parent
cc53d95ed1
commit
79a858f176
|
@ -745,7 +745,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
|
||||||
{
|
{
|
||||||
if (id === null) {
|
if (id === null) {
|
||||||
// Attention: This also returns the delete token inside of the ID, if it is specified
|
// Attention: This also returns the delete token inside of the ID, if it is specified
|
||||||
id = window.location.search.substring(1);
|
id = (window.location.search.match(/[a-z0-9]{16}/) || [''])[0];
|
||||||
|
|
||||||
if (id === '') {
|
if (id === '') {
|
||||||
throw 'no paste id given';
|
throw 'no paste id given';
|
||||||
|
|
|
@ -16,7 +16,7 @@ describe('Prompt', function () {
|
||||||
'string',
|
'string',
|
||||||
function (password) {
|
function (password) {
|
||||||
password = password.replace(/\r+/g, '');
|
password = password.replace(/\r+/g, '');
|
||||||
var clean = jsdom('', {url: 'ftp://example.com/?0'});
|
var clean = jsdom('', {url: 'ftp://example.com/?0000000000000000'});
|
||||||
$('body').html(
|
$('body').html(
|
||||||
'<div id="passwordmodal" class="modal fade" role="dialog">' +
|
'<div id="passwordmodal" class="modal fade" role="dialog">' +
|
||||||
'<div class="modal-dialog"><div class="modal-content">' +
|
'<div class="modal-dialog"><div class="modal-content">' +
|
||||||
|
|
|
@ -100,7 +100,9 @@ class Request
|
||||||
array_key_exists('QUERY_STRING', $_SERVER) &&
|
array_key_exists('QUERY_STRING', $_SERVER) &&
|
||||||
!empty($_SERVER['QUERY_STRING'])
|
!empty($_SERVER['QUERY_STRING'])
|
||||||
) {
|
) {
|
||||||
$this->_params['pasteid'] = $_SERVER['QUERY_STRING'];
|
$this->_params['pasteid'] = preg_match(
|
||||||
|
'/[a-f0-9]{16}/', $_SERVER['QUERY_STRING'], $match
|
||||||
|
) ? $match[0] : 'invalid id';
|
||||||
}
|
}
|
||||||
|
|
||||||
// prepare operation, depending on current parameters
|
// prepare operation, depending on current parameters
|
||||||
|
|
|
@ -76,7 +76,7 @@ if ($MARKDOWN):
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
|
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-gFuGN7PD3lRe5ZTe/S2NfugOrjqNWYgEwBmb3Grk2EVckz1UbqVPs8+PQp6SmQ0preKNpXC50omnwGh4MPkoRg==" crossorigin="anonymous"></script>
|
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-qY0AJdr7OzoJBiuVUO9w1HZv8WXoYpbCocgvHW+gMMic9CDU/pwohPkdqbaTh4SkHpRQ8cNpRO7ezTyBs0KMbA==" crossorigin="anonymous"></script>
|
||||||
<!--[if lt IE 10]>
|
<!--[if lt IE 10]>
|
||||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||||
<![endif]-->
|
<![endif]-->
|
||||||
|
|
|
@ -54,7 +54,7 @@ if ($MARKDOWN):
|
||||||
endif;
|
endif;
|
||||||
?>
|
?>
|
||||||
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
|
<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.7.js" integrity="sha512-VnKJHLosO8z2ojNvWk9BEKYqnhZyWK9rM90FgZUUEp/PRnUqR5OLLKE0a3BkVmn7YgB7LXRrjHgFHQYKd6DAIA==" crossorigin="anonymous"></script>
|
||||||
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-gFuGN7PD3lRe5ZTe/S2NfugOrjqNWYgEwBmb3Grk2EVckz1UbqVPs8+PQp6SmQ0preKNpXC50omnwGh4MPkoRg==" crossorigin="anonymous"></script>
|
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-qY0AJdr7OzoJBiuVUO9w1HZv8WXoYpbCocgvHW+gMMic9CDU/pwohPkdqbaTh4SkHpRQ8cNpRO7ezTyBs0KMbA==" crossorigin="anonymous"></script>
|
||||||
<!--[if lt IE 10]>
|
<!--[if lt IE 10]>
|
||||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||||
<![endif]-->
|
<![endif]-->
|
||||||
|
|
Loading…
Reference in New Issue
Block a user