StarMirror/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2024-03-22 13:10:41 +08:00
Code Issues Projects Releases Wiki Activity
A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.
162 Commits 9 Branches 28 Tags 24 MiB
PHP 45.9%
JavaScript 35.7%
CSS 18.2%
Makefile 0.2%
43a439e7d0
Go to file
Sebastien SAUVAGE 43a439e7d0 Time attack protection on hmac comparison 
This fixes issue 2.7 of https://defuse.ca/audits/zerobin.htm, and thus
(with commit a24212afda90ca3e4b4ff5ce30d2012709b58a28) also issue 2.8.

(cherry picked from commit 0b4db7ece313dd268e51fc47a0293a649927558a)

Conflicts:
	index.php
2015-08-15 23:44:03 +02:00
cfg fixing regressions from cherrypicking 2015-08-15 21:39:08 +02:00
css XSS flaw correction 2015-08-15 22:01:43 +02:00
img Added "Raw text" button. 2015-08-15 20:25:46 +02:00
js Potentiel security bug corrected 2015-08-15 22:24:25 +02:00
lib Time attack protection on hmac comparison 2015-08-15 23:44:03 +02:00
tpl fixing regressions from cherrypicking 2015-08-15 21:39:08 +02:00
tst Time attack protection on hmac comparison 2015-08-15 23:44:03 +02:00
.gitignore Included .htaccess and .htapasswd for safety. 2013-11-01 01:20:59 +01:00
CHANGELOG.md XSS flaw correction 2015-08-15 22:01:43 +02:00
CREDITS.md had to revert to HTML5 instead of XHTML5 because of compatibility 2012-08-28 23:28:41 +02:00
index.php XSS flaw correction 2015-08-15 22:01:43 +02:00
INSTALL.md had to revert to HTML5 instead of XHTML5 because of compatibility 2012-08-28 23:28:41 +02:00
README.md XSS flaw correction 2015-08-15 22:01:43 +02:00
robots.txt Incorrect structure 2013-11-01 01:22:16 +01:00