A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.
Go to file
2015-09-02 14:07:31 +02:00
cfg slight configuration changes, template modifications to make discussions 2015-08-31 00:01:35 +02:00
css Merge branch 'master' of https://github.com/elrido/ZeroBin 2015-08-30 14:33:09 +02:00
doc fixing nasty deletion bug from #15, included unit tests to trigger it 2015-08-27 21:41:21 +02:00
img Added "Raw text" button. 2015-08-15 20:25:46 +02:00
js refactored JSON API, its now possible to retrieve pastes as JSON, which 2015-09-01 22:33:07 +02:00
lib change for API consistency 2015-09-01 23:51:31 +02:00
tpl The default expiration time of the paste is now also displayed before we select an expiration time. 2015-09-01 14:19:03 +02:00
tst refactored JSON API, its now possible to retrieve pastes as JSON, which 2015-09-01 22:33:07 +02:00
.gitattributes working on configuration unit test generator as described in #16 2015-08-29 01:26:48 +02:00
.gitignore optimized bootstrap comment layout 2015-08-23 15:52:25 +02:00
CHANGELOG.md XSS flaw correction 2015-08-15 22:01:43 +02:00
CREDITS.md had to revert to HTML5 instead of XHTML5 because of compatibility 2012-08-28 23:28:41 +02:00
index.php XSS flaw correction 2015-08-15 22:01:43 +02:00
INSTALL.md had to revert to HTML5 instead of XHTML5 because of compatibility 2012-08-28 23:28:41 +02:00
README.md Updated README.me to explain password feature 2015-09-02 14:07:31 +02:00
robots.txt Incorrect structure 2013-11-01 01:22:16 +01:00

ZeroBin 0.19 Alpha

ZeroBin is a minimalist, opensource online pastebin where the server has zero knowledge of pasted data.

Data is encrypted/decrypted in the browser using 256 bit AES.

This fork of ZeroBin refactored the source code to allow easier and cleaner extensions. It is still fully compatible to the original ZeroBin 0.19 data storage scheme. Therefore such installations can be upgraded to this fork without loosing any data.

What ZeroBin provides

  • As a server administrator you don't have to worry if your users post content that is considered illegal in your country. You have no knowledge of any pastes content. If requested or enforced, you can delete any paste from your system.

  • Pastebin like system to store text documents, code samples, etc.

  • Encryption of data sent to server, even if it does not provide HTTPS.

  • Possibility to set a password which is asked when the paste is opened. It further protects a paste and prevent people stumbling upon your paste's link from being able to read it without this password.

What it doesn't provide

  • As a user you have to trust the server administrator, your internet provider and any country the traffic passes not to inject any malicious code.

  • The "key" used to encrypt the paste is part of the URL. If you publicly post a non-passworded paste URL, everybody can read it. Use a password if you want your paste to be "private".

  • A server admin might be forced to hand over access logs to the authorities. ZeroBin encrypts your text and the discussion contents, but who accessed it first might still be disclosed via such access logs.

Options

Some features are optional and can be enabled or disabled in the configuration file:

  • Discussions

  • Expiration times, including a "forever" and "burn after reading" option

  • Syntax highlighting using prettify.js, including 4 prettify themes

  • Templates: By default there is a "classic" and a bootstrap based theme, but it is easy to adapt these to your own websites layout.

Further resources

Run into any issues? Have ideas for further developments? Please report them!


Copyright (c) 2012 Sébastien SAUVAGE (sebsauvage.net)

This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software.

Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:

1. The origin of this software must not be misrepresented; you must 
   not claim that you wrote the original software. If you use this 
   software in a product, an acknowledgment in the product documentation
   would be appreciated but is not required.

2. Altered source versions must be plainly marked as such, and must 
   not be misrepresented as being the original software.

3. This notice may not be removed or altered from any source distribution.