Remove image copy to clipboard

2023-08-10 21:13:00 +03:00 · 2020-08-12 14:02:13 +02:00 · 2020-08-12 14:02:13 +02:00 · 7bf0ba4ddd
commit 7bf0ba4ddd
parent 2aeaa0c482
4 changed files with 78 additions and 87 deletions
--- a/zerobin/static/js/behavior.js
+++ b/zerobin/static/js/behavior.js
@ -37,7 +37,8 @@ const app = new Vue({
    isUploading: false,
    currentPaste: {
      ownerKey: '',
-      id: ''
+      id: '',
      type: '',
    },
    newPaste: {
      expiration: '1_day',
@ -48,11 +49,7 @@ const app = new Vue({
    and add a class to the html tag with the result */
    support: {
-      clipboard: (function () {
+      clipboard: !!(isSecureContext && navigator.clipboard && navigator.clipboard.writeText),
        var val = !!(navigator.clipboard);
        document.querySelector('html').classList.add((val ? '' : 'no-') + 'clipboard');
        return val;
      })(),
      localStorage: (function () {
        var val = !!(localStorage);
@ -157,23 +154,7 @@ const app = new Vue({
    copyToClipboard: () => {
      var pasteContent = zerobin.getPasteContent();
-      let promise;
+      let promise = navigator.clipboard.writeText(pasteContent);
      if (pasteContent.indexOf("data:image") === 0) {
        promise = fetch(pasteContent).then((res) => {
          return res.blob().then(blob => {
            return navigator.clipboard.write([
              new ClipboardItem({
                [blob.type]: blob
              })
            ])
          })
        })
      } else {
        promise = navigator.clipboard.writeText(pasteContent);
      }
      promise.then(function () {
        zerobin.message('info', 'The paste is now in your clipboard', '', true);
@ -764,6 +745,7 @@ if (content && key) {
      if (content.indexOf('data:image') == 0) {
        // Display Image
        app.currentPaste.type = "image";
        let pasteContent = document.querySelector('#paste-content');
        pasteContent.style.display = "none";
@ -781,6 +763,8 @@ if (content && key) {
          url: content
        }
      } else {
        app.currentPaste.type = "text"
      }
      bar.set('Code coloration...', '95%');
@ -820,9 +804,9 @@ if (content && key) {
 } /* End of "DECRYPTION" */
 /* Display bottom paste option buttons when needed */
 window.onload = function () {
  /* Display bottom paste option buttons when needed */
  ["keyup", "change"].forEach((event) => {
    let content = document.getElementById("content");
    content.addEventListener(event, () => {
--- a/zerobin/views/base.tpl
+++ b/zerobin/views/base.tpl
@ -91,7 +91,6 @@
  %else:
  <script src="/static/js/lzw.js"></script>
  <script src="/static/js/prettify.min.js"></script>
  <script src="/static/js/ZeroClipboard.js"></script>
  %end
  <p id="alert-template" class="alert-primary">
--- a/zerobin/views/faq.tpl
+++ b/zerobin/views/faq.tpl
@ -1,68 +1,74 @@
 <div class="well" id="faq">
-  <h1>FAQ</h1>
+   <h1>FAQ</h1>
-  <table>
+   <table>
-    <tr>How does 0bin work?</tr>
+      <tr>How does 0bin work?</tr>
-    <td>
+      <td>
-        <p>A random key is generated and used to encrypt the paste, thanks to
+         <p>A random key is generated and used to encrypt the paste, thanks to
-           the <a href="http://crypto.stanford.edu/sjcl/">sjcl</a>
+            the <a href="http://crypto.stanford.edu/sjcl/">sjcl</a>
-           JavaScript library.</p>
+            JavaScript library.</p>
-        <p>The encrypted content is then sent to the server, which returns the
+         <p>The encrypted content is then sent to the server, which returns the
-           address of the newly created paste.</p>
+            address of the newly created paste.</p>
-        <p>The JavaScript code redirects to this address, but it adds the
+         <p>The JavaScript code redirects to this address, but it adds the
-           encryption key in the URL hash (#).</p>
+            encryption key in the URL hash (#).</p>
-        <p>When somebody wants to read the paste, they will usually click on a link
+         <p>When somebody wants to read the paste, they will usually click on a link
-          with this URL. If the hash containing the key is a part of it, 0bin's
+            with this URL. If the hash containing the key is a part of it, 0bin's
-          JavaScript will use it to decrypt the content sent by the server.</p>
+            JavaScript will use it to decrypt the content sent by the server.</p>
-        <p>The browser never sends the hash to the server, so the latter does not
+         <p>The browser never sends the hash to the server, so the latter does not
-           receives the key at any time.</p>
+            receives the key at any time.</p>
-    </td>
+      </td>
-    <tr>But JavaScript encryption is not secure!</tr>
+      <tr>But JavaScript encryption is not secure!</tr>
-    <td>
+      <td>
-        <p>No, it isn't.</p>
+         <p>No, it isn't.</p>
-        <p>The goal of 0bin is <strong>not</strong> to protect the user and their data
+         <p>The goal of 0bin is <strong>not</strong> to protect the user and their data
-           (including, obviously, their secrets).</p>
+            (including, obviously, their secrets).</p>
-        <p>Instead, it aims to protect the host from being sued for the
+         <p>Instead, it aims to protect the host from being sued for the
-           content users pasted on the pastebin. The idea is that you cannot
+            content users pasted on the pastebin. The idea is that you cannot
-           require somebody to moderate something they cannot read - as such,
+            require somebody to moderate something they cannot read - as such,
-           the host is granted plausible deniability.</p>
+            the host is granted plausible deniability.</p>
-        <p>Remember that as an user, you should use 0bin in the same way as unencrypted and
+         <p>Remember that as an user, you should use 0bin in the same way as unencrypted and
-           insecure pastebins - that is, with caution. The only difference with those is that if
+            insecure pastebins - that is, with caution. The only difference with those is that if
-           you decide to host a 0bin server, the encryption feature hopefully be used as a defense.
+            you decide to host a 0bin server, the encryption feature hopefully be used as a defense.
-           This is not proven, though! :-)
+            This is not proven, though! :-)
-    </td>
+      </td>
-    <tr>What if the server changes the JavaScript code? And what happens in the case of a <a href="https://en.wikipedia.org/wiki/Man-in-the-middle_attack">MITM attack</a>?</tr>
+      <tr>What if the server changes the JavaScript code? And what happens in the case of a <a
-    <td>
+            href="https://en.wikipedia.org/wiki/Man-in-the-middle_attack">MITM attack</a>?</tr>
-      <p>Read above.</p>
+      <td>
-      <p>0bin is not built, and does not aim, to protect user data - but rather the host.
+         <p>Read above.</p>
-	 If any user data is compromised, 0bin still provides the host with
+         <p>0bin is not built, and does not aim, to protect user data - but rather the host.
-	 plausible deniability (as they ignore the content of the pastes).</p>
+            If any user data is compromised, 0bin still provides the host with
-      <p>It would make no sense if the host was to compromise the encryption process
+            plausible deniability (as they ignore the content of the pastes).</p>
-         to read the data; in that case, they wouldn't have
+         <p>It would make no sense if the host was to compromise the encryption process
-         installed 0bin in the first place, as 0bin is here to protect them.</p>
+            to read the data; in that case, they wouldn't have
-      <p><strong>However, if you want to ensure your data is not read in anyway, you should
+            installed 0bin in the first place, as 0bin is here to protect them.</p>
-		 not use 0bin</strong>. Use <a href="http://www.cypherpunks.ca/otr/">OTR</a> for chatting,
+         <p><strong>However, if you want to ensure your data is not read in anyway, you should
-		 <a href="https://gnupg.org/">GnuPG</a> for encrypted & verified data sharing, with <a href="https://www.enigmail.net/">EnigMail</a>
+               not use 0bin</strong>. Use <a href="http://www.cypherpunks.ca/otr/">OTR</a> for chatting,
-		 for emails.</p>
+            <a href="https://gnupg.org/">GnuPG</a> for encrypted & verified data sharing, with <a
-      <p>It would be unlikely for those softwares to fail you. Errors will nearly always come from your side -  you ought to have a perfect <a href="https://en.wikipedia.org/wiki/Operations_security">operations security</a>
+               href="https://www.enigmail.net/">EnigMail</a>
-	 if you do not want your data to be leaked. Remember to use your common sense.</p>
+            for emails.</p>
-    </td>
+         <p>It would be unlikely for those softwares to fail you. Errors will nearly always come from your side - you
-    <tr>How did the idea of 0bin emerge?</tr>
+            ought to have a perfect <a href="https://en.wikipedia.org/wiki/Operations_security">operations security</a>
-    <td>
+            if you do not want your data to be leaked. Remember to use your common sense.</p>
-      <p>0bin is based on <a href="http://sebsauvage.net/wiki/doku.php?id=php:zerobin">sebsauvage's work</a>.
+      </td>
-         The project sprang as a reaction to <a href="https://www.zdnet.com/blog/security/pastebin-to-hunt-for-hacker-pastes-anonymous-cries-censorship/11336">the implementation of a moderation system on Pastebin</a>,
+      <tr>How did the idea of 0bin emerge?</tr>
-         due to the significant amount of illegal content pasted on it, or that it linked to.</p>
+      <td>
-    </td>
+         <p>0bin is based on <a href="http://sebsauvage.net/wiki/doku.php?id=php:zerobin">sebsauvage's work</a>.
-   <tr>How can I get 0bin?</tr>
+            The project sprang as a reaction to <a
-   <td>
+               href="https://www.zdnet.com/blog/security/pastebin-to-hunt-for-hacker-pastes-anonymous-cries-censorship/11336">the
-      <p>0bin is an open-source project, and the code is hosted on <a href="https://github.com/sametmax/0bin">GitHub</a>.
+               implementation of a moderation system on Pastebin</a>,
-         You can either download a tarball or clone the repository.</p>
+            due to the significant amount of illegal content pasted on it, or that it linked to.</p>
-  </td>
+      </td>
-</table>
+      <tr>How can I get 0bin?</tr>
      <td>
         <p>0bin is an open-source project, and the code is hosted on <a
               href="https://github.com/sametmax/0bin">GitHub</a>.
            You can either download a tarball or clone the repository.</p>
      </td>
   </table>
 </div>
--- a/zerobin/views/paste.tpl
+++ b/zerobin/views/paste.tpl
@ -19,14 +19,16 @@
 %end
 %end
 <h1>{% currentPaste.type %}</h1>
 <div class="well paste-form">
  <form action="/" method="get" accept-charset="utf-8">
    <div class="d-flex justify-content-between">
      <div class="btn-group" role="group">
-        <button v-if="support.clipboard" @click.prevent="copyToClipboard()" type="button" id="clip-button"
+        <button v-if="support.clipboard && currentPaste.type === 'text'" @click.prevent="copyToClipboard()"
-          class="btn btn-secondary">Copy To Clipboard</button>
+          type="button" id="clip-button" class="btn btn-secondary">Copy to clipboard</button>
        <button type="button" id="email-link" class="btn btn-secondary" @click="handleSendByEmail($event)">Email
          this</button>
      </div>