tedkulp/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2026-04-27 23:06:48 -04:00
Code Issues Packages Projects Releases Wiki Activity
4,396 Commits 11 Branches 40 Tags
3a23117ebfcfaf6fddfda82f73789df89e2e6adf
Commit Graph

683 Commits

Author SHA1 Message Date
El RIDO 93135e0abf improving code coverage 2021-06-13 10:44:26 +02:00
El RIDO e294145a2b ip-lib doesn't except on the matches interfaces 2021-06-13 08:26:05 +02:00
Mark van Holsteijn 1b88eef356 improved implementation of GoogleStorageBucket 2021-06-10 21:39:15 +02:00
El RIDO 5af069b4f0 Merge pull request #810 from binxio/persistence-into-data 
added purgeValues function
 2021-06-10 08:22:10 +02:00
Mark van Holsteijn 1232717334 added purgeValues to GCS 2021-06-09 22:27:34 +02:00
El RIDO 7b2f0ff302 apply StyleCI recommendation 2021-06-09 19:16:22 +02:00
El RIDO a203e6322b implementing key/value store of Persistance in Database storage 2021-06-09 07:47:40 +02:00
El RIDO 7901ec74a7 folding Persistance\ServerSalt into Data\Filesystem 2021-06-08 22:01:29 +02:00
El RIDO b5a6ce323e folding Persistance\TrafficLimiter into Data\Filesystem 2021-06-08 07:49:22 +02:00
El RIDO 3429d293d3 remove configurable dir for traffic & purge limiters 2021-06-08 06:37:27 +02:00
El RIDO ae486d651b folding Persistance\PurgeLimiter into Data\Filesystem 2021-06-07 21:53:42 +02:00
Mark van Holsteijn 55efc858b5 simplest implementation of kv support on gcs 2021-06-07 09:11:24 +02:00
El RIDO 7bdcc2ae15 conclude scaffolding of AbstractData key/value storage, missing implementation 2021-06-07 07:02:47 +02:00
El RIDO 1a7d0799c0 scaffolding interface for AbstractData key/value storage, folding Persistance\DataStore into Data\Filesystem 2021-06-07 06:53:15 +02:00
El RIDO de8f40ac1a kudos @StyleCI 2021-06-06 19:35:31 +02:00
El RIDO c758eca0a4 removed automatic .ini configuration file migration, closes #808 2021-06-06 17:53:08 +02:00
El RIDO 2bc54caa07 fix never matched condition, kudos @ShiftLeftSecurity, found via #807 2021-06-05 10:33:01 +02:00
El RIDO abb2b90e9b make StyleCI happy 2021-06-05 05:52:13 +02:00
El RIDO edb8e5e078 handle edge cases with file locking: file needs to exist before it can be locked, fixes #803 2021-06-05 05:48:17 +02:00
Mark van Holsteijn 342270d6dd added Google Cloud Storage support 2021-05-28 22:39:50 +02:00
El RIDO b6460616ba address Scrutinizer issues 2021-05-22 11:30:17 +02:00
El RIDO 91c8f9f23c use namespaces 2021-05-22 11:02:54 +02:00
El RIDO 3dd01b1f70 testing IP exemption, handle corner cases found in testing 2021-05-22 10:59:47 +02:00
rodehoed af5a14afc3 Optimized the canPass() functions 2021-05-19 09:01:45 +02:00
rodehoed 5812a6bb68 Optimized the canPass() functions 2021-05-19 08:47:35 +02:00
Rodehoed 502bb5fa15 Put the ip-matching function in a private function 2021-05-06 12:18:44 +02:00
Rodehoed 89bdc92451 Put the ip-matching function in a private function 2021-05-06 12:13:03 +02:00
LinQhost Managed hosting 63d6816c7c Merge branch 'api-ip-exempt' of https://github.com/rodehoed/PrivateBin into api-ip-exempt 2021-05-05 08:43:32 +02:00
rodehoed a806a6455e QA 2021-05-04 11:20:24 +02:00
rodehoed 4296b43832 QA 2021-05-04 11:19:34 +02:00
rodehoed c3ad4a4b4d QA 2021-05-04 11:18:06 +02:00
rodehoed 805eb288d9 QA 2021-05-04 11:14:11 +02:00
rodehoed b21efd8336 Code quality 2021-05-04 11:01:46 +02:00
LinQhost Managed hosting 7d82c82fd9 Make it possible to exempt ips from the rate-limiter 2021-05-04 10:29:25 +02:00
El RIDO fcb6422663 re-adding CSP directive sandbox allow-forms, it is needed for the password input form to work on the JS side 2021-04-18 21:05:32 +02:00
rugk 3ca01024fd feat: disallow form submission alltogether 
Following the tests and HTTP Observatory, I think we can disable forms altogether.

Fixes https://github.com/PrivateBin/PrivateBin/issues/778
 2021-04-18 14:16:39 +02:00
rugk 5809a7cfa7 feat: add form-action CSP restriction 
This follows a suggestion from HTTP Observatory:
> Restricts where <form> contents may be submitted by using form-action 'none', form-action 'self', or specific URIs

Fixes #778
 2021-04-18 14:14:46 +02:00
El RIDO 9b893f09d7 Merge branch 'master' into floc 2021-04-17 08:35:21 +02:00
El RIDO 7b7a32c0a7 apply StyleCI recommendation 2021-04-17 08:20:08 +02:00
rugk fd7d05e862 Add base URL as default CSP restriction 
This follows an [HTTP Observatory recommendation](https://observatory.mozilla.org/analyze/privatebin.net):
> Restricts use of the <base> tag by using base-uri 'none', base-uri 'self', or specific origins.

Given we don't use that anywhere, this safe should be safe. (not tested practically though)
 2021-04-16 22:04:28 +02:00
El RIDO 6f3bb25b09 disable Google FloC 2021-04-16 20:25:50 +02:00
El RIDO 1dc8b24665 transmit cookie only over HTTPS, fixes #472 2021-04-16 20:15:12 +02:00
El RIDO 9e6eb50ced adding new security headers, fixes #765 2021-04-16 19:19:11 +02:00
El RIDO 175d14224e set plurals for and credit Estonian translation 2021-04-16 18:27:12 +02:00
El RIDO 458ebcb321 incrementing version 2021-04-05 17:05:14 +02:00
El RIDO da0896fe42 set plurals for and credit Catalan translation 2021-04-02 09:00:27 +02:00
El RIDO 5a9bcea3a9 set plurals for and credit Indonesian translation 2021-03-09 05:54:06 +01:00
El RIDO b38ebc503e plural rules and documenting newly added languages 2021-01-07 21:16:03 +01:00
El RIDO bb6a44ce7a remove double translation, avoid unsupported double quotes in INI file 2020-10-13 07:28:35 +02:00
Andreas Schneider eb32ea1419 Make it possible to change the info text 
This makes it possible to change the last part of the info text and
replace it with something individual. E.g pointing to the cmdline
client.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
 2020-10-11 17:04:08 +02:00