Merge branch 'master' into crowdin-translation

This commit is contained in:
El RIDO 2021-04-22 19:30:13 +02:00
commit 472bf520d8
No known key found for this signature in database
GPG key ID: 0F5C940A6BD81F92
8 changed files with 56 additions and 5 deletions

View file

@ -3,6 +3,7 @@
* **1.4 (not yet released)** * **1.4 (not yet released)**
* ADDED: Translation for Estonian * ADDED: Translation for Estonian
* ADDED: new HTTP headers improving security (#765) * ADDED: new HTTP headers improving security (#765)
* ADDED: Download button for paste text (#774)
* ADDED: Opt-out of federated learning of cohorts (FLoC) (#776) * ADDED: Opt-out of federated learning of cohorts (FLoC) (#776)
* CHANGED: Language selection cookie only transmitted over HTTPS (#472) * CHANGED: Language selection cookie only transmitted over HTTPS (#472)
* **1.3.5 (2021-04-05)** * **1.3.5 (2021-04-05)**

View file

@ -87,7 +87,7 @@ languageselection = false
; async functions and display an error if not and for Chrome to enable ; async functions and display an error if not and for Chrome to enable
; webassembly support (used for zlib compression). You can remove it if Chrome ; webassembly support (used for zlib compression). You can remove it if Chrome
; doesn't need to be supported and old browsers don't need to be warned. ; doesn't need to be supported and old browsers don't need to be warned.
; cspheader = "default-src 'none'; base-uri 'self'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'unsafe-eval' resource:; style-src 'self'; font-src 'self'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads" ; cspheader = "default-src 'none'; base-uri 'self'; form-action 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'unsafe-eval' resource:; style-src 'self'; font-src 'self'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads"
; stay compatible with PrivateBin Alpha 0.19, less secure ; stay compatible with PrivateBin Alpha 0.19, less secure
; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of ; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of

View file

@ -249,6 +249,10 @@ button img {
padding: 1px 0 1px 0; padding: 1px 0 1px 0;
} }
#downloadtextbutton img {
padding: 1px 0 1px 0;
}
#remainingtime, #password { #remainingtime, #password {
color: #94a3b4; color: #94a3b4;
display: inline; display: inline;

View file

@ -184,5 +184,6 @@
"Close": "Close", "Close": "Close",
"Encrypted note on PrivateBin": "Encrypted note on PrivateBin", "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
"Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.", "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
"URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL." "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
"Save paste": "Save paste"
} }

View file

@ -3525,6 +3525,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
$password, $password,
$passwordInput, $passwordInput,
$rawTextButton, $rawTextButton,
$downloadTextButton,
$qrCodeLink, $qrCodeLink,
$emailLink, $emailLink,
$sendButton, $sendButton,
@ -3666,6 +3667,30 @@ jQuery.PrivateBin = (function($, RawDeflate) {
newDoc.close(); newDoc.close();
} }
/**
* download text
*
* @name TopNav.downloadText
* @private
* @function
*/
function downloadText()
{
var filename='paste-' + Model.getPasteId() + '.txt';
var text = PasteViewer.getText();
var element = document.createElement('a');
element.setAttribute('href', 'data:text/plain;charset=utf-8,' + encodeURIComponent(text));
element.setAttribute('download', filename);
element.style.display = 'none';
document.body.appendChild(element);
element.click();
document.body.removeChild(element);
}
/** /**
* saves the language in a cookie and reloads the page * saves the language in a cookie and reloads the page
* *
@ -3892,6 +3917,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
$newButton.removeClass('hidden'); $newButton.removeClass('hidden');
$cloneButton.removeClass('hidden'); $cloneButton.removeClass('hidden');
$rawTextButton.removeClass('hidden'); $rawTextButton.removeClass('hidden');
$downloadTextButton.removeClass('hidden');
$qrCodeLink.removeClass('hidden'); $qrCodeLink.removeClass('hidden');
viewButtonsDisplayed = true; viewButtonsDisplayed = true;
@ -3912,6 +3938,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
$cloneButton.addClass('hidden'); $cloneButton.addClass('hidden');
$newButton.addClass('hidden'); $newButton.addClass('hidden');
$rawTextButton.addClass('hidden'); $rawTextButton.addClass('hidden');
$downloadTextButton.addClass('hidden');
$qrCodeLink.addClass('hidden'); $qrCodeLink.addClass('hidden');
me.hideEmailButton(); me.hideEmailButton();
@ -4073,6 +4100,17 @@ jQuery.PrivateBin = (function($, RawDeflate) {
$rawTextButton.addClass('hidden'); $rawTextButton.addClass('hidden');
}; };
/**
* only hides the download text button
*
* @name TopNav.hideRawButton
* @function
*/
me.hideDownloadButton = function()
{
$downloadTextButton.addClass('hidden');
};
/** /**
* only hides the qr code button * only hides the qr code button
* *
@ -4334,6 +4372,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
$password = $('#password'); $password = $('#password');
$passwordInput = $('#passwordinput'); $passwordInput = $('#passwordinput');
$rawTextButton = $('#rawtextbutton'); $rawTextButton = $('#rawtextbutton');
$downloadTextButton = $('#downloadtextbutton');
$retryButton = $('#retrybutton'); $retryButton = $('#retrybutton');
$sendButton = $('#sendbutton'); $sendButton = $('#sendbutton');
$qrCodeLink = $('#qrcodelink'); $qrCodeLink = $('#qrcodelink');
@ -4351,6 +4390,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
$sendButton.click(PasteEncrypter.sendPaste); $sendButton.click(PasteEncrypter.sendPaste);
$cloneButton.click(Controller.clonePaste); $cloneButton.click(Controller.clonePaste);
$rawTextButton.click(rawText); $rawTextButton.click(rawText);
$downloadTextButton.click(downloadText);
$retryButton.click(clickRetryButton); $retryButton.click(clickRetryButton);
$fileRemoveButton.click(removeAttachment); $fileRemoveButton.click(removeAttachment);
$qrCodeLink.click(displayQrCode); $qrCodeLink.click(displayQrCode);
@ -4689,6 +4729,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
TopNav.showEmailButton(); TopNav.showEmailButton();
TopNav.hideRawButton(); TopNav.hideRawButton();
TopNav.hideDownloadButton();
Editor.hide(); Editor.hide();
// parse and show text // parse and show text

View file

@ -55,7 +55,7 @@ class Configuration
'urlshortener' => '', 'urlshortener' => '',
'qrcode' => true, 'qrcode' => true,
'icon' => 'identicon', 'icon' => 'identicon',
'cspheader' => 'default-src \'none\'; base-uri \'self\'; manifest-src \'self\'; connect-src * blob:; script-src \'self\' \'unsafe-eval\' resource:; style-src \'self\'; font-src \'self\'; img-src \'self\' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads', 'cspheader' => 'default-src \'none\'; base-uri \'self\'; form-action \'none\'; manifest-src \'self\'; connect-src * blob:; script-src \'self\' \'unsafe-eval\' resource:; style-src \'self\'; font-src \'self\'; img-src \'self\' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads',
'zerobincompatibility' => false, 'zerobincompatibility' => false,
'httpwarning' => true, 'httpwarning' => true,
'compression' => 'zlib', 'compression' => 'zlib',

View file

@ -72,7 +72,7 @@ endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/purify-2.2.7.js" integrity="sha512-7Ka1I/nJuR2CL8wzIS5PJS4HgEMd0HJ6kfAl6fFhwFBB27rhztFbe0tS+Ex+Qg+5n4nZIT4lty4k4Di3+X9T4A==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/purify-2.2.7.js" integrity="sha512-7Ka1I/nJuR2CL8wzIS5PJS4HgEMd0HJ6kfAl6fFhwFBB27rhztFbe0tS+Ex+Qg+5n4nZIT4lty4k4Di3+X9T4A==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-BAc7Bcew+3hIQ84bibDMcMjr5ShiJU0jUnHX4x14ySB7yq/dh+LsbMobBOCBJbOWsndK0sDxpIeA3kWMW0/lrQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-lJwDAY69TQuYQZ7FjUFPfhgYeZ2L6y5bmGt1hR+d3kMm2sddivGr7ZDdLLSe/CBgn1JrsKMj3th9dPyXN3dLHw==" crossorigin="anonymous"></script>
<!-- icon --> <!-- icon -->
<link rel="apple-touch-icon" href="<?php echo I18n::encode($BASEPATH); ?>img/apple-touch-icon.png" sizes="180x180" /> <link rel="apple-touch-icon" href="<?php echo I18n::encode($BASEPATH); ?>img/apple-touch-icon.png" sizes="180x180" />
<link rel="icon" type="image/png" href="img/favicon-32x32.png" sizes="32x32" /> <link rel="icon" type="image/png" href="img/favicon-32x32.png" sizes="32x32" />
@ -212,6 +212,9 @@ endif;
<button id="rawtextbutton" type="button" class="hidden btn btn-<?php echo $isDark ? 'warning' : 'default'; ?> navbar-btn"> <button id="rawtextbutton" type="button" class="hidden btn btn-<?php echo $isDark ? 'warning' : 'default'; ?> navbar-btn">
<span class="glyphicon glyphicon-text-background" aria-hidden="true"></span> <?php echo I18n::_('Raw text'), PHP_EOL; ?> <span class="glyphicon glyphicon-text-background" aria-hidden="true"></span> <?php echo I18n::_('Raw text'), PHP_EOL; ?>
</button> </button>
<button id="downloadtextbutton" type="button" class="hidden btn btn-<?php echo $isDark ? 'warning' : 'default'; ?> navbar-btn">
<span class="glyphicon glyphicon glyphicon-download-alt" aria-hidden="true"></span> <?php echo I18n::_('Save paste'), PHP_EOL; ?>
</button>
<button id="emaillink" type="button" class="hidden btn btn-<?php echo $isDark ? 'warning' : 'default'; ?> navbar-btn"> <button id="emaillink" type="button" class="hidden btn btn-<?php echo $isDark ? 'warning' : 'default'; ?> navbar-btn">
<span class="glyphicon glyphicon-envelope" aria-hidden="true"></span> <?php echo I18n::_('Email'), PHP_EOL; ?> <span class="glyphicon glyphicon-envelope" aria-hidden="true"></span> <?php echo I18n::_('Email'), PHP_EOL; ?>
</button> </button>

View file

@ -50,7 +50,7 @@ endif;
?> ?>
<script type="text/javascript" data-cfasync="false" src="js/purify-2.2.7.js" integrity="sha512-7Ka1I/nJuR2CL8wzIS5PJS4HgEMd0HJ6kfAl6fFhwFBB27rhztFbe0tS+Ex+Qg+5n4nZIT4lty4k4Di3+X9T4A==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/purify-2.2.7.js" integrity="sha512-7Ka1I/nJuR2CL8wzIS5PJS4HgEMd0HJ6kfAl6fFhwFBB27rhztFbe0tS+Ex+Qg+5n4nZIT4lty4k4Di3+X9T4A==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-BAc7Bcew+3hIQ84bibDMcMjr5ShiJU0jUnHX4x14ySB7yq/dh+LsbMobBOCBJbOWsndK0sDxpIeA3kWMW0/lrQ==" crossorigin="anonymous"></script> <script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-lJwDAY69TQuYQZ7FjUFPfhgYeZ2L6y5bmGt1hR+d3kMm2sddivGr7ZDdLLSe/CBgn1JrsKMj3th9dPyXN3dLHw==" crossorigin="anonymous"></script>
<!-- icon --> <!-- icon -->
<link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" /> <link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" />
<link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" /> <link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" />
@ -127,6 +127,7 @@ endif;
<button id="sendbutton" class="hidden"><img src="img/icon_send.png" width="18" height="15" alt="" /><?php echo I18n::_('Send'); ?></button> <button id="sendbutton" class="hidden"><img src="img/icon_send.png" width="18" height="15" alt="" /><?php echo I18n::_('Send'); ?></button>
<button id="clonebutton" class="hidden"><img src="img/icon_clone.png" width="15" height="17" alt="" /><?php echo I18n::_('Clone'); ?></button> <button id="clonebutton" class="hidden"><img src="img/icon_clone.png" width="15" height="17" alt="" /><?php echo I18n::_('Clone'); ?></button>
<button id="rawtextbutton" class="hidden"><img src="img/icon_raw.png" width="15" height="15" alt="" /><?php echo I18n::_('Raw text'); ?></button> <button id="rawtextbutton" class="hidden"><img src="img/icon_raw.png" width="15" height="15" alt="" /><?php echo I18n::_('Raw text'); ?></button>
<button id="downloadtextbutton" class="hidden"><?php echo I18n::_('Save paste'), PHP_EOL; ?></button>
<button id="emaillink" class="hidden"><img src="img/icon_email.png" width="15" height="15" alt="" /><?php echo I18n::_('Email'); ?></button> <button id="emaillink" class="hidden"><img src="img/icon_email.png" width="15" height="15" alt="" /><?php echo I18n::_('Email'); ?></button>
<?php <?php
if ($QRCODE): if ($QRCODE):