El RIDO
1c4d1aa6b6
working on configuration unit test generator as described in #16
2015-08-29 01:26:48 +02:00
El RIDO
ae82e84ef8
correcting php doc comments
2015-08-27 23:58:56 +02:00
El RIDO
d57d6cf44b
created initial unit tests for main zerobin class
2015-08-27 23:30:35 +02:00
El RIDO
f775da3931
fixing nasty deletion bug from #15 , included unit tests to trigger it
...
and reworked persistence classes to through exceptions rather to fail
silently
2015-08-27 21:41:21 +02:00
El RIDO
cb28056223
made highlighting more configurable, added all four themes, there is now a configurable flavour text (notice)
2015-08-17 23:18:33 +02:00
El RIDO
24d18c5313
cleaned up phpdoc comments, added README on how to install and use it
2015-08-16 15:55:31 +02:00
El RIDO
49c6e3c1b6
updated base64.js to version 2.1.9, using minified version found at
...
9192c510f5/base64.min.js
kudos Dan Kogai
small improvements to input checking
implementing default values for most configuration options
switching to versioned JS files to avoid version hack used in template
2015-08-16 12:27:06 +02:00
El RIDO
769768d25e
updated jquery to 1.11.3
2015-08-16 11:20:06 +02:00
El RIDO
8881b3047a
changing version string
2015-08-16 00:04:14 +02:00
Sebastien SAUVAGE
43a439e7d0
Time attack protection on hmac comparison
...
This fixes issue 2.7 of https://defuse.ca/audits/zerobin.htm , and thus
(with commit a24212afda90ca3e4b4ff5ce30d2012709b58a28) also issue 2.8.
(cherry picked from commit 0b4db7ece313dd268e51fc47a0293a649927558a)
Conflicts:
index.php
2015-08-15 23:44:03 +02:00
Sebastien SAUVAGE
e7feca0e53
Stronger server salt
...
ZeroBin now generates a much stronger salt. This fixes issue #68
(mentioned in section 2.1 of https://defuse.ca/audits/zerobin.htm )
(cherry picked from commit a24212afda90ca3e4b4ff5ce30d2012709b58a28)
Conflicts:
lib/serversalt.php
lib/vizhash16x16.php
2015-08-15 22:18:57 +02:00
jeldrik
4f72f04eda
Prevent inconstitent /data/trafic_limiter.php due to file read while writing
...
(cherry picked from commit 71a7f6adaea9a86a84fa8ebbcb9e5c506a785527)
Conflicts:
index.php
2015-08-15 22:10:05 +02:00
Sébastien SAUVAGE
5b54ca34ad
Update index.php
...
Removed ugly error message when paste identifier is invalid (eg. http://mydomain.com/zerobin?foo )
(cherry picked from commit 43fa904979a29e4c205b9f4f08e1c487555bbe1c)
Conflicts:
index.php
2015-08-15 22:07:07 +02:00
Sebastien SAUVAGE
bc8b23d35e
XSS flaw correction
...
With a client IE < 10 there was a XSS security flaw. Other browsers were
not affected.
Also corrected spacing display with IE<10.
(cherry picked from commit 28813cd82ae47e556b610da3c7302a6709e27431)
Conflicts:
CHANGELOG.md
index.php
js/zerobin.js
lib/vizhash16x16.php
2015-08-15 22:01:43 +02:00
El RIDO
e646729b2d
fixing regressions from cherrypicking
2015-08-15 21:39:08 +02:00
Sebastien SAUVAGE
5f87ea6843
ZeroBin 0.18
...
(cherry picked from commit 7a8cbee2f99cd74a50bce7e8df8130e2c477d903)
Conflicts:
CHANGELOG.md
index.php
js/zerobin.js
lib/vizhash16x16.php
2015-08-15 21:06:19 +02:00
Sebastien SAUVAGE
cff4d99f05
"Burn after reading" as a checkbox
...
"Burn after reading" option has been moved out of Expiration combo to a
separate checkbox.
Reason is: You can prevent a read-once paste to be available ad vitam
eternam on the net.
(cherry picked from commit 190b278402c086ebc4d1a78aae27d1e2666e3e7a)
Conflicts:
css/zerobin.css
index.php
js/zerobin.js
tpl/page.html
2015-08-15 19:01:03 +02:00
El RIDO
ad70051323
reviewed unit tests, fixing line endings, added more tests
2015-08-15 18:32:31 +02:00
Sebastien SAUVAGE
7db76d8d71
Updated json checking.
...
- adapted to SJCL changed
- added entropy checking (from
f2ee2e8ba2
)
(cherry picked from commit 57e6274c64e2c99c754b63586af6b34c374fbc2b)
Conflicts:
index.php
2015-08-15 18:16:55 +02:00
El RIDO
134d22c958
small unit testing improvements, removing never accessed code
2015-08-15 16:37:44 +02:00
Simon Rupf
badf459390
split common persistance logic into abstract class
2013-11-01 01:15:58 +01:00
Sebastien SAUVAGE
5b253cf77c
ZeroBin 0.17
...
* added deletion link.
* small refactoring.
* improved regex checks.
* larger server alt on installation.
2013-11-01 01:15:14 +01:00
Sébastien SAUVAGE
c26c4a8bec
arbitrary JSON file disclosure correction
...
The following securit issue has been fixed:
https://github.com/sebsauvage/ZeroBin/issues/30
2013-10-31 22:53:22 +01:00
Simon Rupf
d247bff897
syntax highlighting can now be turned off, template can be changed in
...
configuration
2013-10-31 22:24:40 +01:00
Simon Rupf
630e16c4a0
Added more configuration options, based on patch by Uli Köhler
2013-10-30 23:54:42 +01:00
Simon Rupf
51008d3e68
added test for entropy of cypher text - closes #3
2012-09-08 19:54:24 +02:00
Simon Rupf
2d4f155064
had to revert to HTML5 instead of XHTML5 because of compatibility
...
problem with code prettifier, fixed some display bugs
2012-08-28 23:28:41 +02:00
Simon Rupf
907538875b
removed leftovers from submodule uglifyjs, added credits file,
...
cleaned up CSS, changed template to output clean XHTML 5,
added unit tests for 60% of the code, found a few bugs by doing
that and fixed them
2012-08-26 00:49:11 +02:00
Simon Rupf
421e6cba97
implemented zerobin_db model, added more options for paste expiration, made comments and max data size configurable
2012-05-19 23:59:41 +02:00
Simon Rupf
edf95ff56d
added autoloading, configurable paste size limit, changed JS to calculate localized comment times instead of UTC
2012-04-30 22:58:08 +02:00
Simon Rupf
23487ce779
Fixed bug with missing directory separator and added .htaccess files to lib & cfg directories. If those are not present, the application will create them for you.
2012-04-30 13:58:29 +02:00
Simon Rupf
ba90d0cae2
Refactoring of code base - modularized code, introduced configuration, started working on a PDO based DB connector
2012-04-29 19:15:06 +02:00
Thierry Poinot
6083c7a23c
refactoring files and directory structure
2012-04-22 13:34:17 +02:00
Thierry Poinot
d92d8658a5
refactoring zerobin js, adding JSDoc
2012-04-22 12:45:45 +02:00
Sebastien SAUVAGE
52630374e5
Initial commit of version 0.15 alpha.
2012-04-21 21:59:45 +02:00