working on password function for #15:
- asking again if password is wrong - display error if user cancels dialog - use password to encrypt comments, too (password is "stored" in the password field) - store password in sessionStorage when posting a comment so, that it doesn't have to typed in again, but clear sessionStorage as soon as password is retrieved
This commit is contained in:
parent
d3c4600806
commit
9fdbba76ce
1 changed files with 75 additions and 32 deletions
107
js/zerobin.js
107
js/zerobin.js
|
@ -13,10 +13,10 @@
|
||||||
sjcl.random.startCollectors();
|
sjcl.random.startCollectors();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Converts a duration (in seconds) into human readable format.
|
* Converts a duration (in seconds) into human readable format.
|
||||||
*
|
*
|
||||||
* @param int seconds
|
* @param int seconds
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
function secondsToHuman(seconds)
|
function secondsToHuman(seconds)
|
||||||
{
|
{
|
||||||
|
@ -37,7 +37,7 @@ function secondsToHuman(seconds)
|
||||||
*/
|
*/
|
||||||
function hashToParameterString(associativeArray)
|
function hashToParameterString(associativeArray)
|
||||||
{
|
{
|
||||||
var parameterString = ""
|
var parameterString = "";
|
||||||
for (key in associativeArray)
|
for (key in associativeArray)
|
||||||
{
|
{
|
||||||
if( parameterString === "" )
|
if( parameterString === "" )
|
||||||
|
@ -80,7 +80,7 @@ function parameterStringToHash(parameterString)
|
||||||
* Get an associative array of the parameters found in the anchor
|
* Get an associative array of the parameters found in the anchor
|
||||||
*
|
*
|
||||||
* @return object
|
* @return object
|
||||||
**/
|
*/
|
||||||
function getParameterHash()
|
function getParameterHash()
|
||||||
{
|
{
|
||||||
var hashIndex = window.location.href.indexOf("#");
|
var hashIndex = window.location.href.indexOf("#");
|
||||||
|
@ -116,58 +116,80 @@ function decompress(data) {
|
||||||
* @return encrypted string data
|
* @return encrypted string data
|
||||||
*/
|
*/
|
||||||
function zeroCipher(key, message) {
|
function zeroCipher(key, message) {
|
||||||
if ($('input#passwordinput').val().length == 0) {
|
if ($('#passwordinput').val().length == 0) {
|
||||||
return sjcl.encrypt(key, compress(message));
|
return sjcl.encrypt(key, compress(message));
|
||||||
}
|
}
|
||||||
return sjcl.encrypt(key + sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash($("input#passwordinput").val())), compress(message));
|
return sjcl.encrypt(key + sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash($("#passwordinput").val())), compress(message));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Decrypt message with key, then decompress.
|
* Decrypt message with key, then decompress.
|
||||||
*
|
*
|
||||||
* @param key
|
* @param string key
|
||||||
* @param encrypted string data
|
* @param encrypted string data
|
||||||
* @return string readable message
|
* @return string readable message
|
||||||
*/
|
*/
|
||||||
function zeroDecipher(key, data) {
|
function zeroDecipher(key, data) {
|
||||||
if (data != undefined) {
|
if (data != undefined) {
|
||||||
try {
|
try {
|
||||||
return decompress(sjcl.decrypt(key, data));
|
return decompress(sjcl.decrypt(key, data));
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
var password = prompt("Please enter the password for this paste:", "");
|
try {
|
||||||
return decompress(sjcl.decrypt(key + sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash(password)), data));
|
if ($('#passwordinput').val().length > 0) {
|
||||||
|
password = $('#passwordinput').val();
|
||||||
|
} else {
|
||||||
|
password = prompt("Please enter the password for this paste:", "");
|
||||||
|
if (password == null) return null;
|
||||||
|
}
|
||||||
|
data = decompress(sjcl.decrypt(key + sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash(password)), data));
|
||||||
|
$('#passwordinput').val(password);
|
||||||
|
return data;
|
||||||
|
} catch (err) {
|
||||||
|
return zeroDecipher(key, data);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return the current script location (without search or hash part of the URL).
|
* Get the current script location (without search or hash part of the URL).
|
||||||
* eg. http://server.com/zero/?aaaa#bbbb --> http://server.com/zero/
|
* eg. http://server.com/zero/?aaaa#bbbb --> http://server.com/zero/
|
||||||
|
*
|
||||||
|
* @return string current script location
|
||||||
*/
|
*/
|
||||||
function scriptLocation() {
|
function scriptLocation() {
|
||||||
var scriptLocation = window.location.href.substring(0,window.location.href.length
|
var scriptLocation = window.location.href.substring(0,window.location.href.length
|
||||||
- window.location.search.length - window.location.hash.length);
|
- window.location.search.length - window.location.hash.length);
|
||||||
var hashIndex = scriptLocation.indexOf("#");
|
var hashIndex = scriptLocation.indexOf("#");
|
||||||
if (hashIndex !== -1) {
|
if (hashIndex !== -1) {
|
||||||
scriptLocation = scriptLocation.substring(0, hashIndex)
|
scriptLocation = scriptLocation.substring(0, hashIndex);
|
||||||
}
|
}
|
||||||
return scriptLocation
|
return scriptLocation;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return the paste unique identifier from the URL
|
* Get the pastes unique identifier from the URL
|
||||||
* eg. 'c05354954c49a487'
|
* eg. http://server.com/zero/?c05354954c49a487#xxx --> c05354954c49a487
|
||||||
|
*
|
||||||
|
* @return string unique identifier
|
||||||
*/
|
*/
|
||||||
function pasteID() {
|
function pasteID() {
|
||||||
return window.location.search.substring(1);
|
return window.location.search.substring(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Convert all applicable characters to HTML entities
|
||||||
|
*
|
||||||
|
* @param string str
|
||||||
|
* @returns string encoded string
|
||||||
|
*/
|
||||||
function htmlEntities(str) {
|
function htmlEntities(str) {
|
||||||
return String(str).replace(/&/g, '&').replace(/</g, '<').replace(/>/g, '>').replace(/"/g, '"');
|
return String(str).replace(/&/g, '&').replace(/</g, '<').replace(/>/g, '>').replace(/"/g, '"');
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* Set text of a DOM element (required for IE)
|
* Set text of a DOM element (required for IE)
|
||||||
* This is equivalent to element.text(text)
|
* This is equivalent to element.text(text)
|
||||||
|
*
|
||||||
* @param object element : a DOM element.
|
* @param object element : a DOM element.
|
||||||
* @param string text : the text to enter.
|
* @param string text : the text to enter.
|
||||||
*/
|
*/
|
||||||
|
@ -191,8 +213,14 @@ function setElementText(element, text) {
|
||||||
* @param array comments : Array of messages to display (items = array with keys ('data','meta')
|
* @param array comments : Array of messages to display (items = array with keys ('data','meta')
|
||||||
*/
|
*/
|
||||||
function displayMessages(key, comments) {
|
function displayMessages(key, comments) {
|
||||||
|
// restore password if set in previous visit, then clear the session
|
||||||
|
if (window.sessionStorage && sessionStorage.getItem(pageKey())) {
|
||||||
|
$('#passwordinput').val(sessionStorage.getItem(pageKey()));
|
||||||
|
sessionStorage.clear();
|
||||||
|
}
|
||||||
try { // Try to decrypt the paste.
|
try { // Try to decrypt the paste.
|
||||||
var cleartext = zeroDecipher(key, comments[0].data);
|
var cleartext = zeroDecipher(key, comments[0].data);
|
||||||
|
if (cleartext == null) throw "password prompt canceled";
|
||||||
} catch(err) {
|
} catch(err) {
|
||||||
$('#cleartext').addClass('hidden');
|
$('#cleartext').addClass('hidden');
|
||||||
$('#prettymessage').addClass('hidden');
|
$('#prettymessage').addClass('hidden');
|
||||||
|
@ -217,7 +245,7 @@ function displayMessages(key, comments) {
|
||||||
// If the discussion is opened on this paste, display it.
|
// If the discussion is opened on this paste, display it.
|
||||||
if (comments[0].meta.opendiscussion) {
|
if (comments[0].meta.opendiscussion) {
|
||||||
$('#comments').html('');
|
$('#comments').html('');
|
||||||
// For each comment.
|
// iterate over comments
|
||||||
for (var i = 1; i < comments.length; i++) {
|
for (var i = 1; i < comments.length; i++) {
|
||||||
var comment=comments[i];
|
var comment=comments[i];
|
||||||
var cleartext="[Could not decrypt comment ; Wrong key ?]";
|
var cleartext="[Could not decrypt comment ; Wrong key ?]";
|
||||||
|
@ -226,7 +254,7 @@ function displayMessages(key, comments) {
|
||||||
} catch(err) { }
|
} catch(err) { }
|
||||||
var place = $('#comments');
|
var place = $('#comments');
|
||||||
// If parent comment exists, display below (CSS will automatically shift it right.)
|
// If parent comment exists, display below (CSS will automatically shift it right.)
|
||||||
var cname = '#comment_'+comment.meta.parentid
|
var cname = '#comment_'+comment.meta.parentid;
|
||||||
|
|
||||||
// If the element exists in page
|
// If the element exists in page
|
||||||
if ($(cname).length) {
|
if ($(cname).length) {
|
||||||
|
@ -249,7 +277,7 @@ function displayMessages(key, comments) {
|
||||||
|
|
||||||
// If an avatar is available, display it.
|
// If an avatar is available, display it.
|
||||||
if (comment.meta.vizhash) {
|
if (comment.meta.vizhash) {
|
||||||
divComment.find('span.nickname').before('<img src="' + comment.meta.vizhash + '" class="vizhash" title="Anonymous avatar (Vizhash of the IP address)" />');
|
divComment.find('span.nickname').before('<img src="' + comment.meta.vizhash + '" class="vizhash" title="Anonymous avatar (Vizhash of the IP address)" /> ');
|
||||||
}
|
}
|
||||||
|
|
||||||
place.append(divComment);
|
place.append(divComment);
|
||||||
|
@ -261,6 +289,7 @@ function displayMessages(key, comments) {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Open the comment entry when clicking the "Reply" button of a comment.
|
* Open the comment entry when clicking the "Reply" button of a comment.
|
||||||
|
*
|
||||||
* @param object source : element which emitted the event.
|
* @param object source : element which emitted the event.
|
||||||
* @param string commentid = identifier of the comment we want to reply to.
|
* @param string commentid = identifier of the comment we want to reply to.
|
||||||
*/
|
*/
|
||||||
|
@ -282,6 +311,7 @@ function open_reply(source, commentid) {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Send a reply in a discussion.
|
* Send a reply in a discussion.
|
||||||
|
*
|
||||||
* @param string parentid : the comment identifier we want to send a reply to.
|
* @param string parentid : the comment identifier we want to send a reply to.
|
||||||
*/
|
*/
|
||||||
function send_comment(parentid) {
|
function send_comment(parentid) {
|
||||||
|
@ -310,6 +340,10 @@ function send_comment(parentid) {
|
||||||
.success(function(data) {
|
.success(function(data) {
|
||||||
if (data.status == 0) {
|
if (data.status == 0) {
|
||||||
showStatus('Comment posted.');
|
showStatus('Comment posted.');
|
||||||
|
// store password temporarily between page loads
|
||||||
|
if ($('#passwordinput').val().length > 0 && window.sessionStorage) {
|
||||||
|
sessionStorage.setItem(pageKey(), $('#passwordinput').val());
|
||||||
|
}
|
||||||
location.reload();
|
location.reload();
|
||||||
}
|
}
|
||||||
else if (data.status==1) {
|
else if (data.status==1) {
|
||||||
|
@ -323,7 +357,7 @@ function send_comment(parentid) {
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Send a new paste to server
|
* Send a new paste to server
|
||||||
*/
|
*/
|
||||||
function send_data() {
|
function send_data() {
|
||||||
// Do not send if no data.
|
// Do not send if no data.
|
||||||
|
@ -381,20 +415,22 @@ function send_data() {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Text range selection.
|
/**
|
||||||
* From: http://stackoverflow.com/questions/985272/jquery-selecting-text-in-an-element-akin-to-highlighting-with-your-mouse
|
* Text range selection.
|
||||||
* @param string element : Indentifier of the element to select (id="").
|
* From: http://stackoverflow.com/questions/985272/jquery-selecting-text-in-an-element-akin-to-highlighting-with-your-mouse
|
||||||
|
*
|
||||||
|
* @param string element : Indentifier of the element to select (id="").
|
||||||
*/
|
*/
|
||||||
function selectText(element) {
|
function selectText(element) {
|
||||||
var doc = document
|
var doc = document
|
||||||
, text = doc.getElementById(element)
|
, text = doc.getElementById(element)
|
||||||
, range, selection
|
, range, selection
|
||||||
;
|
;
|
||||||
if (doc.body.createTextRange) { //ms
|
if (doc.body.createTextRange) { // MS
|
||||||
range = doc.body.createTextRange();
|
range = doc.body.createTextRange();
|
||||||
range.moveToElementText(text);
|
range.moveToElementText(text);
|
||||||
range.select();
|
range.select();
|
||||||
} else if (window.getSelection) { //all others
|
} else if (window.getSelection) { // all others
|
||||||
selection = window.getSelection();
|
selection = window.getSelection();
|
||||||
range = doc.createRange();
|
range = doc.createRange();
|
||||||
range.selectNodeContents(text);
|
range.selectNodeContents(text);
|
||||||
|
@ -451,8 +487,9 @@ function stateExistingPaste() {
|
||||||
$('#prettymessage').removeClass('hidden');
|
$('#prettymessage').removeClass('hidden');
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Return raw text
|
/**
|
||||||
*/
|
* Return raw text
|
||||||
|
*/
|
||||||
function rawText()
|
function rawText()
|
||||||
{
|
{
|
||||||
var paste = $('#cleartext').html();
|
var paste = $('#cleartext').html();
|
||||||
|
@ -488,7 +525,11 @@ function newPaste() {
|
||||||
* (We use the same function for paste and reply to comments)
|
* (We use the same function for paste and reply to comments)
|
||||||
*/
|
*/
|
||||||
function showError(message) {
|
function showError(message) {
|
||||||
$('#status').addClass('errorMessage').text(message);
|
if ($('#status').length) {
|
||||||
|
$('#status').addClass('errorMessage').text(message);
|
||||||
|
} else {
|
||||||
|
$('#errormessage').removeClass('hidden').append(message);
|
||||||
|
}
|
||||||
$('#replystatus').addClass('errorMessage').text(message);
|
$('#replystatus').addClass('errorMessage').text(message);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -529,7 +570,6 @@ function showStatus(message, spin) {
|
||||||
* </code>
|
* </code>
|
||||||
*
|
*
|
||||||
* @param object element : a jQuery DOM element.
|
* @param object element : a jQuery DOM element.
|
||||||
* @FIXME: add ppa & apt links.
|
|
||||||
*/
|
*/
|
||||||
function urls2links(element) {
|
function urls2links(element) {
|
||||||
var re = /((http|https|ftp):\/\/[\w?=&.\/-;#@~%+-]+(?![\w\s?&.\/;#~%"=-]*>))/ig;
|
var re = /((http|https|ftp):\/\/[\w?=&.\/-;#@~%+-]+(?![\w\s?&.\/;#~%"=-]*>))/ig;
|
||||||
|
@ -560,6 +600,9 @@ function pageKey() {
|
||||||
return key;
|
return key;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* main application start, called when DOM is fully loaded
|
||||||
|
*/
|
||||||
$(function() {
|
$(function() {
|
||||||
// hide "no javascript" message
|
// hide "no javascript" message
|
||||||
$('#noscript').hide();
|
$('#noscript').hide();
|
||||||
|
|
Loading…
Reference in a new issue