6b0468ebff
Add support for a CONFIG_PATH variable
2019-12-19 23:06:32 +00:00
2d4edfe401
incrementing version number in preparation of release
2019-09-22 19:42:04 +02:00
d5aeba60ca
increase default size limit to 10 MiB, documenting change
2019-09-20 07:04:26 +02:00
ab75b183fb
Fix click on new paste on clone paste editing view not removing custom
...
attachment
Fix cloning paste with attachment
Update CSP in sample and default configuration
Ensure clone paste also clone format
Fix clone button hiding logic when paste is burn after read
Remove attachment name when new paste clicked on
Enable file operation only when editing
2019-08-25 02:16:58 -04:00
07018e5876
incrementing version number in preparation of release
2019-07-08 18:35:34 +02:00
11375a4f59
moved referrer policy from CSP & meta to proper HTTP header to avoid browser console error message about unknown CSP header and to ensure it always applies before HTML is parsed, fixes #196
2019-06-27 20:31:10 +02:00
c2e060d464
made compression configurable, fixes #38
2019-06-23 19:45:40 +02:00
42c2003220
made notice configurable, fixing a few CSS glitches
2019-06-17 21:40:37 +02:00
362045c664
re-add data-URLs to CSP for img-src, as these are used for the comment icons
2019-06-16 07:06:58 +02:00
f915af1a5a
adjust CSP header to allow blob URLs
2019-06-15 09:36:09 +02:00
398fabd664
Chrome requires unsafe-eval for it to parse and evaluate WASM modules
2019-05-20 18:29:37 +02:00
b5ebc4a3d7
incrementing version
2018-08-11 19:29:58 +02:00
720897b902
correct CSP to allow password prompt
2018-07-21 06:45:09 +00:00
cfe60db8fd
increment version number
2018-07-01 13:11:32 +02:00
9a0318517b
correct PHPdoc, fixes #264
2018-05-27 15:18:25 +02:00
d6f203dc4c
Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state
2018-05-27 15:05:31 +02:00
caf87cc6f1
Merge branch 'master' into burnafterreading-fix, regression in expired paste error
2018-04-30 20:01:38 +02:00
2c82279292
Merge branch 'attachment-handling' of https://github.com/thororm/PrivateBin into thororm-attachment-handling
...
apart from resolving conflicts:
- added missing docs
- inlined functions that were used in only one location
- updated unit test to support all previews
- fixed a regression that displayed the preview even when there was no preview and too early
2018-04-29 11:57:03 +02:00
9c132cd839
Disallow form-action in CSP to limit outgoing connections
...
See https://github.com/PrivateBin/PrivateBin/issues/272
2018-01-06 18:06:06 +01:00
414ab0eb71
Add config and basic page template support
...
* load JS file asyncronously (just HTML5 async attribut)
* add basic support for page template, where it generates the code inside
of a simple div at the top
* added option to turn off QR code support
2017-12-25 14:59:15 +01:00
502e96c129
StyleCI recommendations
2017-10-08 19:23:33 +02:00
a5d5f6066a
refactoring as recommended by Scrutinizer
2017-10-08 19:16:09 +02:00
9f26894b2e
PHP < 5.6 compatibility and StyleCI recommendations
2017-10-08 17:10:51 +02:00
4f06feef81
implemented JSON file conversion on purge and storage in PHP files for data leak protection
2017-10-08 16:59:31 +02:00
4ded4b7f8c
adding correct HTTP error to response, as per @rugk's recommentation
2017-10-08 16:43:46 +02:00
dbfb1e83ba
removing dead code
2017-10-08 16:43:10 +02:00
62f0b95377
making StyleCI happy
2017-10-08 16:42:43 +02:00
6e8eafe129
implemented INI cenversion functionality
2017-10-08 16:42:11 +02:00
6fa2bfe30e
updated documentation, incremented version
2017-10-08 16:40:51 +02:00
f037967820
changes the file extension to php and adds a small one-liner to stop PHP from presenting the file to any website visitor
...
Signed-off-by: El RIDO <elrido@gmx.net>
2017-10-08 16:25:48 +02:00
23f5dfbff8
Merge remote-tracking branch 'remotes/thororm/master' into attachment-handling
...
# Conflicts:
# tpl/bootstrap.php
# tpl/page.php
2017-05-13 19:48:25 +02:00
f54036976a
added instantburnafterreading option to address #174
2017-04-11 17:23:26 +02:00
4cb0ce5114
Removed self from cspheader
...
Refactored some variable names
2017-02-13 20:37:57 +01:00
faf596aeb7
Added preview for
...
- Video (HTML5)
- Audio (HTML5)
- PDF (Browser capabilities)
attachment.
Added drag & drop functionality
Added attachment preview to preview before submitting
2017-02-12 15:35:37 +01:00
e9b10f9e2d
Add CSP sandbox
...
Fixes https://github.com/PrivateBin/PrivateBin/issues/168
Alos needed to run some Composer stuff, no idea why my diff was different.
2017-02-01 18:34:13 +01:00
a5d91298ff
add an option to change the site name, solves #154
2017-01-01 16:33:11 +01:00
1426d4e371
tagging 1.1 release and updating documentation
2016-12-26 12:13:50 +01:00
da10a761c4
Fix more typos
2016-12-12 18:50:00 +01:00
658d5ae84d
Fix style-ci errors
2016-12-12 18:43:23 +01:00
1f46823942
applying patch based on StyleCI ruleset
2016-10-29 10:24:08 +02:00
1a159c973f
Prevent referrer to be send
...
Uses both CSP and Referrer-Policy
Fixes #96
2016-09-03 18:12:24 +02:00
b7184b92a3
Fix csp config unit tests
2016-08-27 14:47:21 +02:00
b11866a63b
Allow manifest loading via CSP (2)
2016-08-27 00:02:50 +02:00
e925833090
bumping version number to 1.0
2016-08-25 09:53:31 +02:00
72aac25f68
added configuration for PHP Coding Standards Fixer, including its fixes, resolving #47
2016-08-15 16:45:47 +02:00
3988b860b0
implemented Identicon library as new default for comment icons, made Vizhash an optional alternative, refactored Vizhash and removed string lenghtening
2016-08-10 17:41:46 +02:00
addb666a23
introducing CSP header to mitigate XSS attacks, closes #10
2016-08-09 14:46:32 +02:00
b45bef8388
Renamed classes for full PSR-2 compliance, some cleanup
2016-08-09 11:54:42 +02:00
Lucas Savva
El RIDO
Haocen Xu
rugk
thororm