diff --git a/zerobin/static/js/behavior.js b/zerobin/static/js/behavior.js index 1aa8b97..554eb6d 100644 --- a/zerobin/static/js/behavior.js +++ b/zerobin/static/js/behavior.js @@ -37,7 +37,8 @@ const app = new Vue({ isUploading: false, currentPaste: { ownerKey: '', - id: '' + id: '', + type: '', }, newPaste: { expiration: '1_day', @@ -48,11 +49,7 @@ const app = new Vue({ and add a class to the html tag with the result */ support: { - clipboard: (function () { - var val = !!(navigator.clipboard); - document.querySelector('html').classList.add((val ? '' : 'no-') + 'clipboard'); - return val; - })(), + clipboard: !!(isSecureContext && navigator.clipboard && navigator.clipboard.writeText), localStorage: (function () { var val = !!(localStorage); @@ -157,23 +154,7 @@ const app = new Vue({ copyToClipboard: () => { var pasteContent = zerobin.getPasteContent(); - let promise; - - if (pasteContent.indexOf("data:image") === 0) { - - promise = fetch(pasteContent).then((res) => { - return res.blob().then(blob => { - return navigator.clipboard.write([ - new ClipboardItem({ - [blob.type]: blob - }) - ]) - }) - }) - - } else { - promise = navigator.clipboard.writeText(pasteContent); - } + let promise = navigator.clipboard.writeText(pasteContent); promise.then(function () { zerobin.message('info', 'The paste is now in your clipboard', '', true); @@ -764,6 +745,7 @@ if (content && key) { if (content.indexOf('data:image') == 0) { // Display Image + app.currentPaste.type = "image"; let pasteContent = document.querySelector('#paste-content'); pasteContent.style.display = "none"; @@ -781,6 +763,8 @@ if (content && key) { url: content } + } else { + app.currentPaste.type = "text" } bar.set('Code coloration...', '95%'); @@ -820,9 +804,9 @@ if (content && key) { } /* End of "DECRYPTION" */ -/* Display bottom paste option buttons when needed */ - window.onload = function () { + + /* Display bottom paste option buttons when needed */ ["keyup", "change"].forEach((event) => { let content = document.getElementById("content"); content.addEventListener(event, () => { diff --git a/zerobin/views/base.tpl b/zerobin/views/base.tpl index 3601179..15d2242 100644 --- a/zerobin/views/base.tpl +++ b/zerobin/views/base.tpl @@ -91,7 +91,6 @@ %else: - %end
diff --git a/zerobin/views/faq.tpl b/zerobin/views/faq.tpl index 7a00a4b..fb004ee 100644 --- a/zerobin/views/faq.tpl +++ b/zerobin/views/faq.tpl @@ -1,68 +1,74 @@
- A random key is generated and used to encrypt the paste, thanks to - the sjcl - JavaScript library. -The encrypted content is then sent to the server, which returns the - address of the newly created paste. -The JavaScript code redirects to this address, but it adds the - encryption key in the URL hash (#). -When somebody wants to read the paste, they will usually click on a link - with this URL. If the hash containing the key is a part of it, 0bin's - JavaScript will use it to decrypt the content sent by the server. -The browser never sends the hash to the server, so the latter does not - receives the key at any time. - |
+
+ A random key is generated and used to encrypt the paste, thanks to + the sjcl + JavaScript library. +The encrypted content is then sent to the server, which returns the + address of the newly created paste. +The JavaScript code redirects to this address, but it adds the + encryption key in the URL hash (#). +When somebody wants to read the paste, they will usually click on a link + with this URL. If the hash containing the key is a part of it, 0bin's + JavaScript will use it to decrypt the content sent by the server. +The browser never sends the hash to the server, so the latter does not + receives the key at any time. + |
-
- No, it isn't. -The goal of 0bin is not to protect the user and their data - (including, obviously, their secrets). -Instead, it aims to protect the host from being sued for the - content users pasted on the pastebin. The idea is that you cannot - require somebody to moderate something they cannot read - as such, - the host is granted plausible deniability. + |
+ No, it isn't. +The goal of 0bin is not to protect the user and their data + (including, obviously, their secrets). +Instead, it aims to protect the host from being sued for the + content users pasted on the pastebin. The idea is that you cannot + require somebody to moderate something they cannot read - as such, + the host is granted plausible deniability. -Remember that as an user, you should use 0bin in the same way as unencrypted and - insecure pastebins - that is, with caution. The only difference with those is that if - you decide to host a 0bin server, the encryption feature hopefully be used as a defense. - This is not proven, though! :-) + Remember that as an user, you should use 0bin in the same way as unencrypted and + insecure pastebins - that is, with caution. The only difference with those is that if + you decide to host a 0bin server, the encryption feature hopefully be used as a defense. + This is not proven, though! :-) - |
-
- Read above. -0bin is not built, and does not aim, to protect user data - but rather the host. - If any user data is compromised, 0bin still provides the host with - plausible deniability (as they ignore the content of the pastes). -It would make no sense if the host was to compromise the encryption process - to read the data; in that case, they wouldn't have - installed 0bin in the first place, as 0bin is here to protect them. -However, if you want to ensure your data is not read in anyway, you should - not use 0bin. Use OTR for chatting, - GnuPG for encrypted & verified data sharing, with EnigMail - for emails. -It would be unlikely for those softwares to fail you. Errors will nearly always come from your side - you ought to have a perfect operations security - if you do not want your data to be leaked. Remember to use your common sense. - |
-
- 0bin is based on sebsauvage's work. - The project sprang as a reaction to the implementation of a moderation system on Pastebin, - due to the significant amount of illegal content pasted on it, or that it linked to. - |
-
- 0bin is an open-source project, and the code is hosted on GitHub. - You can either download a tarball or clone the repository. - |
-
Read above.
+0bin is not built, and does not aim, to protect user data - but rather the host. + If any user data is compromised, 0bin still provides the host with + plausible deniability (as they ignore the content of the pastes).
+It would make no sense if the host was to compromise the encryption process + to read the data; in that case, they wouldn't have + installed 0bin in the first place, as 0bin is here to protect them.
+However, if you want to ensure your data is not read in anyway, you should + not use 0bin. Use OTR for chatting, + GnuPG for encrypted & verified data sharing, with EnigMail + for emails.
+It would be unlikely for those softwares to fail you. Errors will nearly always come from your side - you + ought to have a perfect operations security + if you do not want your data to be leaked. Remember to use your common sense.
+0bin is based on sebsauvage's work. + The project sprang as a reaction to the + implementation of a moderation system on Pastebin, + due to the significant amount of illegal content pasted on it, or that it linked to.
+0bin is an open-source project, and the code is hosted on GitHub. + You can either download a tarball or clone the repository.
+