PrivateBin

mirror of https://github.com/PrivateBin/PrivateBin.git synced 2025-10-02 17:29:15 +02:00

Author	SHA1	Message	Date
El RIDO	7ca49d1363	chore: update SRI hashes	2025-09-30 20:45:24 +02:00
El RIDO	9910b6f2a3	Merge pull request #1660 from PrivateBin/httpssecure Make sure legacy check returns true only on HTTPS (not like ftp or whatever)	2025-09-30 20:40:28 +02:00
rugk	a0c0d3d37b	Make sure legacy check returns true only on HTTPS (not like ftp or whatever) I am not sure why it was expressed so convoluted before? Found that in https://github.com/orgs/PrivateBin/discussions/1657	2025-09-30 14:21:17 +02:00
El RIDO	f03f2bf28d	simplify cache breaker extraction	2025-09-25 22:06:38 +02:00
El RIDO	0befe7e3cc	update SRI hash	2025-09-24 12:38:50 +02:00
El RIDO	2aa13d1980	Merge pull request #1651 from touchweb-vincent/patch-1 Fix FR translation + force refresh i18n json calls	2025-09-21 19:47:15 +02:00
TW - Vincent	fd664dd577	Update Configuration.php	2025-09-21 19:02:49 +02:00
TW - Vincent	9b496acde5	Update privatebin.js	2025-09-21 19:02:12 +02:00
TW - Vincent	b0df8e10f5	Update privatebin.js	2025-09-21 19:01:30 +02:00
TW - Vincent	493d848c83	Update fr.json	2025-09-21 18:37:52 +02:00
TW - Vincent	279d4d5c22	Update fr.json	2025-09-21 18:37:06 +02:00
TW - Vincent	cb5ee94fe5	Update fr.json	2025-09-21 18:35:32 +02:00
TW - Vincent	ba42cdbe62	Update Configuration.php	2025-09-21 18:34:06 +02:00
TW - Vincent	1967c05a88	Update privatebin.js	2025-09-21 18:31:54 +02:00
TW - Vincent	640d400a32	Update fr.json	2025-09-21 13:18:50 +02:00
TW - Vincent	656a56826d	Update fr.json	2025-09-21 12:42:52 +02:00
TW - Vincent	23145e1463	Update fr.json	2025-09-21 12:31:00 +02:00
El RIDO	5bd550e61d	Merge pull request #1648 from PrivateBin/workflows-for-collaborators Workflows for collaborators	2025-09-14 07:59:38 +02:00
El RIDO	e775647206	attempting to make the condition list more readable	2025-09-13 07:56:54 +02:00
El RIDO	5cca4be89a	enable running tests on pull requests	2025-09-13 07:21:10 +02:00
El RIDO	86b1a4e9ac	disable running snyk if triggering user doesn't have access to the secret	2025-09-13 07:20:25 +02:00
rugk	394b4cb33d	Merge pull request #1639 from PrivateBin/urlshortener/url-vadility Strengthen validation of URL in proxy services	2025-09-12 00:05:02 +02:00
El RIDO	2b8b5d71d2	Merge pull request #1645 from karthikkasturi/master fix regex check for short url in response	2025-09-11 20:55:34 +02:00
Karthik Kasturi	24afa5a1d8	removed CSP tag from shortenerproxy.php	2025-09-11 18:17:30 +01:00
Karthik Kasturi	191ed63b04	fix regex check for short url in response	2025-09-10 16:02:06 +01:00
El RIDO	952e86b11c	Merge pull request #1643 from PrivateBin/crowdin-translation New Crowdin updates	2025-09-07 07:31:49 +02:00
PrivateBin Translator Bot	90d661db6f	New translations en.json (Chinese Simplified)	2025-09-07 04:10:44 +02:00
El RIDO	fc53db1559	Merge pull request #1642 from PrivateBin/dependabot/github_actions/actions/setup-node-5 Bump actions/setup-node from 4 to 5	2025-09-04 21:31:22 +02:00
dependabot[bot]	ba5dfb2a08	Bump actions/setup-node from 4 to 5 Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4 to 5. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-04 13:21:14 +00:00
El RIDO	bd61a3d021	enable tests to pass The path is only optional when it is / and the very last element, otherwise it is required. As soon as it is in the middle of a URL it helps the parser to identify which part is the username and domain and what is path and GET parameters. The @ sign is legitimate, if unusual, in the latter two.	2025-09-03 20:13:33 +02:00
rugk	a6034ace1b	test: PHP considers this invalid	2025-09-03 14:25:04 +00:00
rugk	616635c66c	style: scruintizer wants some trailing comma	2025-09-03 14:21:00 +00:00
rugk	e4f2383dd8	test: more test cases for testForeignUrlUsingUsernameTrick	2025-09-03 14:20:03 +00:00
rugk	25dca0838e	style(codespaces): comment PHP unit testing setup for now	2025-09-03 14:14:08 +00:00
rugk	cfc687d62b	style: fix indentation	2025-09-03 14:12:12 +00:00
rugk	168fed64b9	chore: apply Scruintizer diff	2025-09-03 14:11:35 +00:00
rugk	4f13d93af2	style: use explicit types	2025-09-03 13:53:51 +00:00
rugk	f76704a88c	refactor: simplify tests	2025-09-03 13:48:28 +00:00
rugk	dbaa70ec11	test: move ftp example to rejected because of foreign URL	2025-09-03 13:45:30 +00:00
rugk	879b696f22	wipfix: correct contatenation of options	2025-09-03 13:43:57 +00:00
rugk	0a398d73f0	chore(codespace): install stuff for PHP unit testing	2025-09-03 12:57:55 +00:00
rugk	fae7e233f3	test: write some tests for testing proxy ensurance	2025-09-03 12:38:44 +00:00
rugk	64165d9928	chore: always ignore composer PHP bin dir	2025-09-03 12:38:13 +00:00
rugk	bdfe74c077	chore: fix Codespace COmposer/PHPUnit PATH	2025-09-03 12:37:55 +00:00
rugk	2c1a17a07f	Strengthen validation of URL in proxy services This should definitively rule out any circumstances, where invalid URLs could cause problems. Both URL validity is checked before it is forwarded to the URL shortener proxy _and_ the host part is explicitly compared to make sure the domain is really the same one. TOOD: * [ ] some tests may be needed here (hmpff…)	2025-09-02 22:40:22 +02:00
El RIDO	a72545c994	Merge pull request #1636 from PrivateBin/crowdin-translation New Crowdin updates	2025-08-30 19:23:03 +02:00
PrivateBin Translator Bot	e31027d71e	New translations en.json (Corsican)	2025-08-30 17:54:07 +02:00
El RIDO	5cc963be1b	deduplicate proxy view operations	2025-08-30 09:22:44 +02:00
El RIDO	5cc66bb29b	Merge pull request #1629 from karthikkasturi/shlink Added shlink integration	2025-08-30 09:19:41 +02:00
El RIDO	a97af156a0	Merge pull request #1633 from PrivateBin/crowdin-translation New Crowdin updates	2025-08-21 18:13:10 +02:00

1 2 3 4 5 ...

4224 commits