tedkulp/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2026-03-05 13:30:32 -05:00
Code Issues Packages Projects Releases Wiki Activity
4,520 Commits 11 Branches 40 Tags
30f80d055bc9777de500f9923c3211b369e26bfa
Commit Graph

510 Commits

Author SHA1 Message Date
rugk
30f80d055b wipfix: fix JS syntax errors 2026-02-23 15:54:56 +00:00
rugk
5dab2392b9 Merge branch 'master' into xss/jsImprove 2026-02-23 16:48:21 +01:00
rugk
69e37c2c04 refactor: introduce purifyHtmlConfigStrictSubset 2026-02-23 16:45:31 +01:00
rugk
dcaa019599 refactor: use modern spread syntax for combining object 
Given it's 2026 this really should be supported by all browsers now: https://caniuse.com/mdn-javascript_operators_spread,mdn-javascript_operators_spread_spread_in_arrays,mdn-javascript_operators_spread_spread_in_function_calls,mdn-javascript_operators_spread_spread_in_object_literals
 2026-02-23 16:36:46 +01:00
rugk
7e506c7f83 refactor: drastically simplify JS "has HTML" extension again 
Co-authored-by: El RIDO <elrido@gmx.net>
 2026-02-23 16:31:13 +01:00
Stephan Kristyn
5d22847ef1 ES6 Compat code broke everything. Reverting. E2E testing wth multiple files works 2026-02-12 13:48:49 +01:00
Stephan Kristyn
cfea0fb20e Now leaving styling to customer if he wants the filename and filesize as a hyperlink or outside the hyperlink 2026-02-11 19:03:34 +01:00
Stephan Kristyn
755be747a6 Refactoring the way DOM element is created and styled. Now leaving styling to customer 2026-02-11 18:41:44 +01:00
Stephan Kristyn
9ab16674aa Adding Bootstrap Classname to dynamically created child element 2026-02-10 18:22:17 +01:00
Stephan Kristyn
e2b4b8a7f8 Adding new DOM element, CSS and JS code 2026-02-10 14:36:03 +01:00
El RIDO
ec656a5456 credit Persian translation & enable use of Persian plurals 2026-02-06 19:15:02 +01:00
Ali Fani
6a0fd6fb44 Add Persian (fa) language support and update supported languages list 2026-02-06 11:23:14 +03:30
El RIDO
a1c8966a36 Merge branch 'master' into linter-semicolon-insertion 2026-01-28 07:33:58 +01:00
El RIDO
a4eaa77b82 address semicolon insertion lint 
> Code that uses automatic semicolon insertion inconsistently is hard to read and maintain.

See: https://github.com/PrivateBin/PrivateBin/security/quality/rules/js%2Fautomatic-semicolon-insertion
 2026-01-25 09:41:52 +01:00
El RIDO
0ed48c455f address unneeded defensive code lint 
IMHO this check is actually necessary, as we do call the function with an empty argument. So we need a guard there, but we could simplify it a bit, by making the argument an empty array by default. I still kept the check for undefined (line 3249, first check) in case the caller passes us an undefined variable.

See: https://github.com/PrivateBin/PrivateBin/security/quality/rules/js%2Funneeded-defensive-code - Copilot suggested to simply remove the if-condition and its else block, which I think is wrong.
 2026-01-25 09:26:14 +01:00
Ribas160
b1f57bddd1 Fix eslint errors 2025-12-14 09:18:56 +02:00
Ribas160
ed9b3d1aa0 fix: The content format is not reset on create a new or clone document 2025-12-14 09:08:48 +02:00
Ribas160
54d002d26f fix: Attachment disappears after a "paste" in the message area 2025-12-09 15:43:59 +02:00
El RIDO
aa931c7a5c enable Swedish translations 2025-12-02 06:40:07 +01:00
rugk
ad55131831 refactor: use given HTML config for DOMPurify 2025-11-15 09:57:39 +00:00
rugk
f6893d338b refactor: use DOMParser for checking if translation is HTML 2025-11-13 13:34:51 +00:00
El RIDO
e427458cd0 Merge branch 'master' into advisory-fix-1 2025-11-11 22:00:09 +01:00
Mikhail Romanov
ff5aee85b4 Insert file names as break-separated text nodes 
Co-authored-by: El RIDO <elrido@gmx.net>
 2025-11-11 20:05:32 +02:00
Ribas160
9c71fbcc70 Use pure JavaScript to create a div element 2025-11-11 17:45:27 +02:00
Ribas160
14b68af528 Insert drag and drop file names as a text, not html 2025-11-10 17:59:18 +02:00
Ribas160
a7b253a43a fix: error fetching attachments from blob 2025-11-05 17:33:08 +02:00
El RIDO
a91d0afebd ensure there is still a space between commenter icon and name 2025-10-28 16:35:58 +01:00
El RIDO
c4f8482b30 Refactored jQuery DOM element creation 
using plain JavaScript, to ensure text nodes are sanitized
 2025-10-25 12:56:55 +02:00
rugk
851befb39d Merge branch 'master' into eslint 2025-10-08 18:31:10 +02:00
El RIDO
e7c2aa4d60 address eslint errors 2025-10-07 00:11:49 +02:00
El RIDO
f0560bcc27 address eslint errors 2025-10-06 23:47:08 +02:00
El RIDO
23624d693c shorten show password message 
as per suggestion of @rugk during review
 2025-10-06 22:08:04 +02:00
rugk
1250c4009b style(js): fix auto-fixable problems in privatebin.js 2025-10-06 17:27:38 +00:00
El RIDO
7f93242279 upgrade eslint config and remove workaround for implicit globals 
we seem to have used eslint through codeclimate in the past, but that service seems no longer integrated, possibly due to no longer being free
 2025-10-06 18:30:19 +02:00
El RIDO
2e5d6dddac Merge branch 'master' into karthikkasturi-master 2025-10-05 09:51:34 +02:00
El RIDO
d50231a531 apply suggestions to use existing bootstrap icons 
as per discussion in https://github.com/PrivateBin/PrivateBin/pull/1647#discussion_r2345917795
 2025-10-05 09:47:39 +02:00
El RIDO
f03f2bf28d simplify cache breaker extraction 2025-09-25 22:06:38 +02:00
TW - Vincent
9b496acde5 Update privatebin.js 2025-09-21 19:02:12 +02:00
TW - Vincent
b0df8e10f5 Update privatebin.js 2025-09-21 19:01:30 +02:00
TW - Vincent
1967c05a88 Update privatebin.js 2025-09-21 18:31:54 +02:00
Karthik Kasturi
f9c958da90 Password peek 🫣 2025-09-11 21:34:12 +00:00
Karthik Kasturi
059e64adb1 Auto Shortening URLs 2025-08-14 00:29:28 +01:00
Karthik Kasturi
ce188671db Update Copy Link url after short url is generated 2025-08-05 01:14:37 +05:30
Nicolas Lepage
13f5922397 fix: attach paste listener on message field 
paste listener prevents default behavior in unexpected cases
such as pasting a password in the passworddecrypt field

attaching the paste listener on the message field
instead of the whole document should fix this problem
 2025-07-31 16:14:13 +02:00
El RIDO
ddd2d72064 replaced the term "paste" with the more generic "document" 
Some of the references to "paste" in code or comments got changed as well, but to clarify the intended usage of the terms:

- A PrivateBin document can consist of a paste text (key "paste" in the encrypted payload) and one or several attachments and discussion entries.
- Internally the root document is called a "Paste" and each discussion entry is called a "Discussion".
- When referring to a whole document with one paste and optional discussion(s), we call it just "document".
- When talking about a particular JSON payload type in the internal logic, i.e. during storage or transmission, we call them a paste or discussion to distinguish which type we refer to.

closes #397
 2025-07-24 10:46:31 +02:00
Ribas160
5d119768c3 JavaScript unit tests for new SI units added, privatebin.js SRI updated 2025-07-24 00:33:38 +03:00
Mikhail Romanov
390f8ddc53 The rest of SI units added 
Co-authored-by: El RIDO <elrido@gmx.net>
 2025-07-24 00:20:33 +03:00
Ribas160
863cb89ad9 Switch from binary bytes to SI-units 2025-07-23 21:06:20 +03:00
El RIDO
e50a809855 upgrade base-x to 5.0.1 2025-07-22 10:32:08 +02:00
El RIDO
f3e2c53729 upgrade kjua to 0.10.0 2025-07-22 09:49:48 +02:00