Merge branch 'aldem-modal-decryption-password'
This commit is contained in:
commit
0493cf4463
15 changed files with 163 additions and 40 deletions
|
@ -2,6 +2,7 @@
|
|||
|
||||
* **next (not yet released)**
|
||||
* ADDED: Translations for Italian
|
||||
* CHANGED: Using modal dialog to request password input instead of native JS input window (#69)
|
||||
* CHANGED: Suppressed referrer HTTP header sending when following links in a paste or comment (#96) and added additional HTTP headers for XSS mitigation (#91)
|
||||
* CHANGED: Updated random_compat and jQuery libraries
|
||||
* **1.0 (2016-08-25)**
|
||||
|
|
|
@ -20,6 +20,7 @@ Sébastien Sauvage - original idea and main developer
|
|||
* rugk - new logo/icons
|
||||
* Sobak - PSR-4 and PSR-2 refactoring
|
||||
* Nathaniel Olsen - jQuery upgrade
|
||||
* Alexander Demenshin - modal password dialog
|
||||
|
||||
## Translations
|
||||
* Hexalyse - French
|
||||
|
|
|
@ -140,5 +140,9 @@
|
|||
"Editor": "Bearbeiten",
|
||||
"Preview": "Vorschau",
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
|
||||
"Der PATH muss bei PrivateBin mit einem \"%s\" enden. Bitte passe Deinen PATH in Deiner index.php an."
|
||||
"Der PATH muss bei PrivateBin mit einem \"%s\" enden. Bitte passe Deinen PATH in Deiner index.php an.",
|
||||
"Decrypt":
|
||||
"Entschlüsseln",
|
||||
"Enter password":
|
||||
"Passwort eingeben"
|
||||
}
|
||||
|
|
|
@ -149,5 +149,9 @@
|
|||
"Editor": "Éditer",
|
||||
"Preview": "Prévisualiser",
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php."
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
|
||||
"Decrypt":
|
||||
"Decrypt",
|
||||
"Enter password":
|
||||
"Entrez le mot de passe"
|
||||
}
|
||||
|
|
|
@ -79,7 +79,7 @@
|
|||
"This document will expire in %d months.":
|
||||
["Questo documento scadrà tra un mese.", "Questo documento scadrà in %d mesi."],
|
||||
"Please enter the password for this paste:":
|
||||
"Inserisci la passowrd per questo messaggio:",
|
||||
"Inserisci la password per questo messaggio:",
|
||||
"Could not decrypt data (Wrong key?)":
|
||||
"Non riesco a decifrari i dati (Chiave errata?)",
|
||||
"Could not delete the paste, it was not stored in burn after reading mode.":
|
||||
|
@ -140,5 +140,9 @@
|
|||
"Editor": "Editor",
|
||||
"Preview": "Preview",
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
|
||||
"PrivateBin necessita che PATH termini con \"%s\". Aggiorna la variabile PATH nel tuo index.php."
|
||||
"PrivateBin necessita che PATH termini con \"%s\". Aggiorna la variabile PATH nel tuo index.php.",
|
||||
"Decrypt":
|
||||
"Decrypt",
|
||||
"Enter password":
|
||||
"Inserisci la password"
|
||||
}
|
||||
|
|
|
@ -140,5 +140,9 @@
|
|||
"Editor": "Edytować",
|
||||
"Preview": "Zapowiedź",
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php."
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
|
||||
"Decrypt":
|
||||
"Decrypt",
|
||||
"Enter password":
|
||||
"Wpisz hasło"
|
||||
}
|
||||
|
|
|
@ -149,5 +149,9 @@
|
|||
"Editor": "Uredi",
|
||||
"Preview": "Predogled",
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php."
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
|
||||
"Decrypt":
|
||||
"Decrypt",
|
||||
"Enter password":
|
||||
"Prosim vnesi geslo"
|
||||
}
|
||||
|
|
|
@ -140,5 +140,9 @@
|
|||
"Editor": "編輯",
|
||||
"Preview": "預習",
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php."
|
||||
"PrivateBin requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
|
||||
"Decrypt":
|
||||
"Decrypt",
|
||||
"Enter password":
|
||||
"Enter password"
|
||||
}
|
||||
|
|
|
@ -611,23 +611,26 @@ $(function() {
|
|||
},
|
||||
|
||||
/**
|
||||
* ask the user for the password and return it
|
||||
*
|
||||
* @throws error when dialog canceled
|
||||
* @return string password
|
||||
* ask the user for the password and set it
|
||||
*/
|
||||
requestPassword: function()
|
||||
{
|
||||
var password = prompt(i18n._('Please enter the password for this paste:'), '');
|
||||
if (password === null)
|
||||
{
|
||||
throw 'password prompt canceled';
|
||||
if (this.passwordModal.length == 0) {
|
||||
var password = prompt(i18n._('Please enter the password for this paste:'), '');
|
||||
if (password === null)
|
||||
{
|
||||
throw 'password prompt canceled';
|
||||
}
|
||||
if (password.length === 0)
|
||||
{
|
||||
this.requestPassword();
|
||||
} else {
|
||||
this.passwordInput.val(password);
|
||||
this.displayMessages();
|
||||
}
|
||||
} else {
|
||||
this.passwordModal.modal();
|
||||
}
|
||||
if (password.length === 0)
|
||||
{
|
||||
return this.requestPassword();
|
||||
}
|
||||
return password;
|
||||
},
|
||||
|
||||
/**
|
||||
|
@ -688,14 +691,15 @@ $(function() {
|
|||
/**
|
||||
* Show decrypted text in the display area, including discussion (if open)
|
||||
*
|
||||
* @param string key : decryption key
|
||||
* @param object paste : paste object including comments to display (items = array with keys ('data','meta')
|
||||
* @param object paste (optional) object including comments to display (items = array with keys ('data','meta')
|
||||
*/
|
||||
displayMessages: function(key, paste)
|
||||
displayMessages: function(paste)
|
||||
{
|
||||
// Try to decrypt the paste.
|
||||
paste = paste || $.parseJSON(this.cipherData.text());
|
||||
var key = this.pageKey();
|
||||
var password = this.passwordInput.val();
|
||||
if (!this.prettyPrint.hasClass('prettyprinted')) {
|
||||
// Try to decrypt the paste.
|
||||
try
|
||||
{
|
||||
if (paste.attachment)
|
||||
|
@ -705,7 +709,8 @@ $(function() {
|
|||
{
|
||||
if (password.length === 0)
|
||||
{
|
||||
password = this.requestPassword();
|
||||
this.requestPassword();
|
||||
return;
|
||||
}
|
||||
attachment = filter.decipher(key, password, paste.attachment);
|
||||
}
|
||||
|
@ -740,8 +745,8 @@ $(function() {
|
|||
var cleartext = filter.decipher(key, password, paste.data);
|
||||
if (cleartext.length === 0 && password.length === 0 && !paste.attachment)
|
||||
{
|
||||
password = this.requestPassword();
|
||||
cleartext = filter.decipher(key, password, paste.data);
|
||||
this.requestPassword();
|
||||
return;
|
||||
}
|
||||
if (cleartext.length === 0 && !paste.attachment)
|
||||
{
|
||||
|
@ -942,7 +947,7 @@ $(function() {
|
|||
{
|
||||
if (data.status === 0)
|
||||
{
|
||||
privatebin.displayMessages(privatebin.pageKey(), data);
|
||||
privatebin.displayMessages(data);
|
||||
}
|
||||
else if (data.status === 1)
|
||||
{
|
||||
|
@ -1161,7 +1166,7 @@ $(function() {
|
|||
/**
|
||||
* Put the screen in "Existing paste" mode.
|
||||
*
|
||||
* @param boolean preview (optional) : tell if the preview tabs should be displayed, defaults to false.
|
||||
* @param boolean preview (optional) tell if the preview tabs should be displayed, defaults to false.
|
||||
*/
|
||||
stateExistingPaste: function(preview)
|
||||
{
|
||||
|
@ -1420,6 +1425,34 @@ $(function() {
|
|||
this.fileWrap.removeClass('hidden');
|
||||
},
|
||||
|
||||
/**
|
||||
* Focus on the modal password dialog.
|
||||
*/
|
||||
focusPasswordModal: function()
|
||||
{
|
||||
this.passwordDecrypt.focus();
|
||||
},
|
||||
|
||||
/**
|
||||
* Decrypt using the password from the modal dialog.
|
||||
*/
|
||||
decryptPasswordModal: function()
|
||||
{
|
||||
this.passwordInput.val(this.passwordDecrypt.val());
|
||||
this.displayMessages();
|
||||
},
|
||||
|
||||
/**
|
||||
* Submit a password in the modal dialog.
|
||||
*
|
||||
* @param Event event
|
||||
*/
|
||||
submitPasswordModal: function(event)
|
||||
{
|
||||
event.preventDefault();
|
||||
this.passwordModal.modal('hide');
|
||||
},
|
||||
|
||||
/**
|
||||
* Display an error message
|
||||
* (We use the same function for paste and reply to comments)
|
||||
|
@ -1507,6 +1540,11 @@ $(function() {
|
|||
|
||||
// page template drop down
|
||||
$('#language select option').click($.proxy(this.setLanguage, this));
|
||||
|
||||
// handle modal password request on decryption
|
||||
this.passwordModal.on('shown.bs.modal', $.proxy(this.focusPasswordModal, this));
|
||||
this.passwordModal.on('hidden.bs.modal', $.proxy(this.decryptPasswordModal, this));
|
||||
this.passwordForm.submit($.proxy(this.submitPasswordModal, this));
|
||||
},
|
||||
|
||||
/**
|
||||
|
@ -1543,6 +1581,9 @@ $(function() {
|
|||
this.openDiscussion = $('#opendiscussion');
|
||||
this.password = $('#password');
|
||||
this.passwordInput = $('#passwordinput');
|
||||
this.passwordModal = $('#passwordmodal');
|
||||
this.passwordForm = $('#passwordform');
|
||||
this.passwordDecrypt = $('#passworddecrypt');
|
||||
this.pasteResult = $('#pasteresult');
|
||||
this.prettyMessage = $('#prettymessage');
|
||||
this.prettyPrint = $('#prettyprint');
|
||||
|
@ -1573,13 +1614,9 @@ $(function() {
|
|||
return;
|
||||
}
|
||||
|
||||
// List of messages to display.
|
||||
var data = $.parseJSON(this.cipherData.text());
|
||||
|
||||
// Show proper elements on screen.
|
||||
this.stateExistingPaste();
|
||||
|
||||
this.displayMessages(this.pageKey(), data);
|
||||
this.displayMessages();
|
||||
}
|
||||
// Display error message from php code.
|
||||
else if (this.errorMessage.text().length > 1)
|
||||
|
|
|
@ -52,7 +52,7 @@ if ($MARKDOWN):
|
|||
<?php
|
||||
endif;
|
||||
?>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-h/cw2lgocVvgjmYWShhbnz5nSzyUv4rVY1JgN7vmkZq8VJX9KVXPoC7oYX+YGFk+0FYw+c/uofVW9yyU5TJv+w==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-cQXLXYKNq6ecCb0lA9BSQ0urt16yDERYnT5vcjeE3UJb6W5PUjwN/jtVsGBoRzoGGEll+N3stvgIXGjkjaYj5g==" crossorigin="anonymous"></script>
|
||||
<!--[if lt IE 10]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
@ -66,6 +66,21 @@ endif;
|
|||
<meta name="theme-color" content="#ffe57e" />
|
||||
</head>
|
||||
<body role="document" class="navbar-spacing">
|
||||
<div id="passwordmodal" class="modal fade" role="dialog">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content">
|
||||
<div class="modal-body">
|
||||
<form id="passwordform" role="form">
|
||||
<div class="form-group">
|
||||
<label for="passworddecrypt"><span class="glyphicon glyphicon-eye-open"></span> <?php echo I18n::_('Please enter the password for this paste:') ?></label>
|
||||
<input id="passworddecrypt" type="password" class="form-control" placeholder="<?php echo I18n::_('Enter password') ?>" autofocus>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-success btn-block"><span class="glyphicon glyphicon-off"></span> <?php echo I18n::_('Decrypt') ?></button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<nav class="navbar navbar-default navbar-fixed-top">
|
||||
<div class="container">
|
||||
<div class="navbar-header">
|
||||
|
|
|
@ -52,7 +52,7 @@ if ($MARKDOWN):
|
|||
<?php
|
||||
endif;
|
||||
?>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-h/cw2lgocVvgjmYWShhbnz5nSzyUv4rVY1JgN7vmkZq8VJX9KVXPoC7oYX+YGFk+0FYw+c/uofVW9yyU5TJv+w==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-cQXLXYKNq6ecCb0lA9BSQ0urt16yDERYnT5vcjeE3UJb6W5PUjwN/jtVsGBoRzoGGEll+N3stvgIXGjkjaYj5g==" crossorigin="anonymous"></script>
|
||||
<!--[if lt IE 10]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
|
|
@ -52,7 +52,7 @@ if ($MARKDOWN):
|
|||
<?php
|
||||
endif;
|
||||
?>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-h/cw2lgocVvgjmYWShhbnz5nSzyUv4rVY1JgN7vmkZq8VJX9KVXPoC7oYX+YGFk+0FYw+c/uofVW9yyU5TJv+w==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-cQXLXYKNq6ecCb0lA9BSQ0urt16yDERYnT5vcjeE3UJb6W5PUjwN/jtVsGBoRzoGGEll+N3stvgIXGjkjaYj5g==" crossorigin="anonymous"></script>
|
||||
<!--[if lt IE 10]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
@ -66,6 +66,21 @@ endif;
|
|||
<meta name="theme-color" content="#ffe57e" />
|
||||
</head>
|
||||
<body role="document">
|
||||
<div id="passwordmodal" class="modal fade" role="dialog">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content">
|
||||
<div class="modal-body">
|
||||
<form id="passwordform" role="form">
|
||||
<div class="form-group">
|
||||
<label for="passworddecrypt"><span class="glyphicon glyphicon-eye-open"></span> <?php echo I18n::_('Please enter the password for this paste:') ?></label>
|
||||
<input id="passworddecrypt" type="password" class="form-control" placeholder="<?php echo I18n::_('Enter password') ?>" autofocus>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-success btn-block"><span class="glyphicon glyphicon-off"></span> <?php echo I18n::_('Decrypt') ?></button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<nav class="navbar navbar-inverse navbar-static-top">
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
|
||||
|
|
|
@ -52,7 +52,7 @@ if ($MARKDOWN):
|
|||
<?php
|
||||
endif;
|
||||
?>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-h/cw2lgocVvgjmYWShhbnz5nSzyUv4rVY1JgN7vmkZq8VJX9KVXPoC7oYX+YGFk+0FYw+c/uofVW9yyU5TJv+w==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-cQXLXYKNq6ecCb0lA9BSQ0urt16yDERYnT5vcjeE3UJb6W5PUjwN/jtVsGBoRzoGGEll+N3stvgIXGjkjaYj5g==" crossorigin="anonymous"></script>
|
||||
<!--[if lt IE 10]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
@ -66,6 +66,21 @@ endif;
|
|||
<meta name="theme-color" content="#ffe57e" />
|
||||
</head>
|
||||
<body role="document">
|
||||
<div id="passwordmodal" class="modal fade" role="dialog">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content">
|
||||
<div class="modal-body">
|
||||
<form id="passwordform" role="form">
|
||||
<div class="form-group">
|
||||
<label for="passworddecrypt"><span class="glyphicon glyphicon-eye-open"></span> <?php echo I18n::_('Please enter the password for this paste:') ?></label>
|
||||
<input id="passworddecrypt" type="password" class="form-control" placeholder="<?php echo I18n::_('Enter password') ?>" autofocus>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-success btn-block"><span class="glyphicon glyphicon-off"></span> <?php echo I18n::_('Decrypt') ?></button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<nav class="navbar navbar-default navbar-static-top">
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
|
||||
|
|
|
@ -52,7 +52,7 @@ if ($MARKDOWN):
|
|||
<?php
|
||||
endif;
|
||||
?>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-h/cw2lgocVvgjmYWShhbnz5nSzyUv4rVY1JgN7vmkZq8VJX9KVXPoC7oYX+YGFk+0FYw+c/uofVW9yyU5TJv+w==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-cQXLXYKNq6ecCb0lA9BSQ0urt16yDERYnT5vcjeE3UJb6W5PUjwN/jtVsGBoRzoGGEll+N3stvgIXGjkjaYj5g==" crossorigin="anonymous"></script>
|
||||
<!--[if lt IE 10]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
@ -66,6 +66,21 @@ endif;
|
|||
<meta name="theme-color" content="#ffe57e" />
|
||||
</head>
|
||||
<body role="document">
|
||||
<div id="passwordmodal" class="modal fade" role="dialog">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content">
|
||||
<div class="modal-body">
|
||||
<form id="passwordform" role="form">
|
||||
<div class="form-group">
|
||||
<label for="passworddecrypt"><span class="glyphicon glyphicon-eye-open"></span> <?php echo I18n::_('Please enter the password for this paste:') ?></label>
|
||||
<input id="passworddecrypt" type="password" class="form-control" placeholder="<?php echo I18n::_('Enter password') ?>" autofocus>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-success btn-block"><span class="glyphicon glyphicon-off"></span> <?php echo I18n::_('Decrypt') ?></button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<nav class="navbar navbar-default navbar-static-top">
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
|
||||
|
|
|
@ -47,7 +47,7 @@ if ($MARKDOWN):
|
|||
<?php
|
||||
endif;
|
||||
?>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-h/cw2lgocVvgjmYWShhbnz5nSzyUv4rVY1JgN7vmkZq8VJX9KVXPoC7oYX+YGFk+0FYw+c/uofVW9yyU5TJv+w==" crossorigin="anonymous"></script>
|
||||
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-cQXLXYKNq6ecCb0lA9BSQ0urt16yDERYnT5vcjeE3UJb6W5PUjwN/jtVsGBoRzoGGEll+N3stvgIXGjkjaYj5g==" crossorigin="anonymous"></script>
|
||||
<!--[if lt IE 10]>
|
||||
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
|
||||
<![endif]-->
|
||||
|
|
Loading…
Reference in a new issue