From a0c0d3d37b852e4ea06c670a4d8c0b612ebe1ce9 Mon Sep 17 00:00:00 2001
From: rugk <rugk+git@posteo.de>
Date: Tue, 30 Sep 2025 14:21:17 +0200
Subject: [PATCH 1/2] Make sure legacy check returns true only on HTTPS (not
 like ftp or whatever)

I am not sure why it was expressed so convoluted before?

Found that in https://github.com/orgs/PrivateBin/discussions/1657
---
 js/legacy.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/js/legacy.js b/js/legacy.js
index 5d6dbc0b..1f27107b 100644
--- a/js/legacy.js
+++ b/js/legacy.js
@@ -106,8 +106,8 @@
                 return window.isSecureContext;
             }
 
-            // HTTP is obviously insecure
-            if (window.location.protocol !== 'http:') {
+            // HTTPS is considered secure
+            if (window.location.protocol === 'https:') {
                 return true;
             }
 

From 7ca49d13631417d07ef3ac6dfc45fb72f654f6be Mon Sep 17 00:00:00 2001
From: El RIDO <elrido@gmx.net>
Date: Tue, 30 Sep 2025 20:45:24 +0200
Subject: [PATCH 2/2] chore: update SRI hashes

---
 lib/Configuration.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/Configuration.php b/lib/Configuration.php
index a4cc7013..b5ee90b5 100644
--- a/lib/Configuration.php
+++ b/lib/Configuration.php
@@ -119,7 +119,7 @@ class Configuration
             'js/dark-mode-switch.js' => 'sha512-BhY7dNU14aDN5L+muoUmA66x0CkYUWkQT0nxhKBLP/o2d7jE025+dvWJa4OiYffBGEFgmhrD/Sp+QMkxGMTz2g==',
             'js/jquery-3.7.1.js'     => 'sha512-v2CJ7UaYy4JwqLDIrZUI/4hqeoQieOmAZNXBeQyjo21dadnwR+8ZaIJVT8EE2iyI61OV8e6M8PP2/4hpQINQ/g==',
             'js/kjua-0.10.0.js'      => 'sha512-BYj4xggowR7QD150VLSTRlzH62YPfhpIM+b/1EUEr7RQpdWAGKulxWnOvjFx1FUlba4m6ihpNYuQab51H6XlYg==',
-            'js/legacy.js'           => 'sha512-08+subq1Lo+r+la5ENqeXiMgNJcVaaTtBIFGkrjziSpvtgCId3Jtin4/OkSdHYSoeztwwIab8uvCzPKHta6puQ==',
+            'js/legacy.js'           => 'sha512-mXAgFn/DonfPANvPO6Kf08zRKCeQ75jXK69gcUUOpPLFkp3KHnDhnvij8nEJxlutD/670Bfi4RNMG6uEjA4nNQ==',
             'js/prettify.js'         => 'sha512-puO0Ogy++IoA2Pb9IjSxV1n4+kQkKXYAEUtVzfZpQepyDPyXk8hokiYDS7ybMogYlyyEIwMLpZqVhCkARQWLMg==',
             'js/privatebin.js'       => 'sha512-Id47n8ZPz6j93KoR7DkaS48MxtwKftVq3RyZw9WRGpRT+6bYKP/ZkU84RscbcW3icxBTS9fQKQpdnmZ3rr00dQ==',
             'js/purify-3.2.6.js'     => 'sha512-zqwL4OoBLFx89QPewkz4Lz5CSA2ktU+f31fuECkF0iK3Id5qd3Zpq5dMby8KwHjIEpsUgOqwF58cnmcaNem0EA==',