mirror of
https://github.com/Tygs/0bin.git
synced 2023-08-10 21:13:00 +03:00
197 lines
9.4 KiB
HTML
197 lines
9.4 KiB
HTML
|
||
|
||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
||
|
||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||
<head>
|
||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
||
<title>Introduction — 0bin 0.1 documentation</title>
|
||
|
||
<link rel="stylesheet" href="../_static/default.css" type="text/css" />
|
||
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
|
||
|
||
<script type="text/javascript">
|
||
var DOCUMENTATION_OPTIONS = {
|
||
URL_ROOT: '../',
|
||
VERSION: '0.1',
|
||
COLLAPSE_INDEX: false,
|
||
FILE_SUFFIX: '.html',
|
||
HAS_SOURCE: true
|
||
};
|
||
</script>
|
||
<script type="text/javascript" src="../_static/jquery.js"></script>
|
||
<script type="text/javascript" src="../_static/underscore.js"></script>
|
||
<script type="text/javascript" src="../_static/doctools.js"></script>
|
||
<link rel="top" title="0bin 0.1 documentation" href="../index.html" />
|
||
<link rel="next" title="Easiest installation" href="easy_install.html" />
|
||
<link rel="prev" title="0bin’s documentation" href="../index.html" />
|
||
</head>
|
||
<body>
|
||
<div class="related">
|
||
<h3>Navigation</h3>
|
||
<ul>
|
||
<li class="right" style="margin-right: 10px">
|
||
<a href="../genindex.html" title="General Index"
|
||
accesskey="I">index</a></li>
|
||
<li class="right" >
|
||
<a href="easy_install.html" title="Easiest installation"
|
||
accesskey="N">next</a> |</li>
|
||
<li class="right" >
|
||
<a href="../index.html" title="0bin’s documentation"
|
||
accesskey="P">previous</a> |</li>
|
||
<li><a href="../index.html">0bin 0.1 documentation</a> »</li>
|
||
</ul>
|
||
</div>
|
||
|
||
<div class="document">
|
||
<div class="documentwrapper">
|
||
<div class="bodywrapper">
|
||
<div class="body">
|
||
|
||
<div class="section" id="introduction">
|
||
<h1>Introduction<a class="headerlink" href="#introduction" title="Permalink to this headline">¶</a></h1>
|
||
<p>0bin allows anybody to host a pastebin while welcoming any type of content to
|
||
be pasted in it. The idea is that one can (probably...) not be legally entitled
|
||
to <a class="reference external" href="http://www.zdnet.com/blog/security/pastebin-to-hunt-for-hacker-pastes-anonymous-cries-censorship/11336">moderate the pastebin content</a> as he/she has no way to decrypt it.</p>
|
||
<p>It’s an Python implementation of the
|
||
<a class="reference external" href="https://github.com/sebsauvage/ZeroBin/">zerobin project</a>. It’s easy to
|
||
install even if you know nothing about Python.</p>
|
||
<div class="section" id="how-it-works">
|
||
<h2>How it works<a class="headerlink" href="#how-it-works" title="Permalink to this headline">¶</a></h2>
|
||
<p>When creating the paste:</p>
|
||
<ul class="simple">
|
||
<li>the browser generate a random key;</li>
|
||
<li>the pasted content is encrypted with this key using AES256;</li>
|
||
<li>the encrypted pasted content is sent to the server;</li>
|
||
<li>the browser receives the paste URL and add the key in the URL hash (#).</li>
|
||
</ul>
|
||
<p>When reading the paste:</p>
|
||
<ul class="simple">
|
||
<li>the browser makes the GET request to the paste URL;</li>
|
||
<li>because the key is in the hash, the key is not part of the request;</li>
|
||
<li>browser gets the encrypted content et decrypt it using the key;</li>
|
||
<li>the pasted decrypted content is displayed and code is colored.</li>
|
||
</ul>
|
||
<p>Key points:</p>
|
||
<ul class="simple">
|
||
<li>because the key is in the hash, the key is never sent to the server;</li>
|
||
<li>therefor it won’t appear in the server logs;</li>
|
||
<li>all operations, including code coloration, must happens on the client;</li>
|
||
<li>the server is no more than a fancy recipient for the encrypted data.</li>
|
||
</ul>
|
||
</div>
|
||
<div class="section" id="other-features">
|
||
<h2>Other features<a class="headerlink" href="#other-features" title="Permalink to this headline">¶</a></h2>
|
||
<ul class="simple">
|
||
<li>automatic code coloration (no need to specify);</li>
|
||
<li>pastebin expiration: 1 day, 1 month or never;</li>
|
||
<li>burn after reading: the paste is destroyed after the first reading;</li>
|
||
<li>clone paste: you can’t edit a paste, but you can duplicate any of them;</li>
|
||
<li>code upload: if a file is too big, you can upload it instead of using copy/paste;</li>
|
||
<li>copy paste to clipboard in a click;</li>
|
||
<li>get paste short URL in a click;</li>
|
||
<li>own previous pastes history;</li>
|
||
<li>visual hash of a paste to easily tell it appart from others in a list.</li>
|
||
</ul>
|
||
</div>
|
||
<div class="section" id="technologies-used">
|
||
<h2>Technologies used<a class="headerlink" href="#technologies-used" title="Permalink to this headline">¶</a></h2>
|
||
<ul class="simple">
|
||
<li><a class="reference external" href="https://en.wikipedia.org/wiki/Python_(programming_language)">Python</a></li>
|
||
<li><a class="reference external" href="http://bottlepy.org/">The Bottle Python Web microframework</a></li>
|
||
<li><a class="reference external" href="http://crypto.stanford.edu/sjcl/">SJCL</a> (js crypto tools)</li>
|
||
<li><a class="reference external" href="http://jquery.com/">jQuery</a></li>
|
||
<li><a class="reference external" href="http://twitter.github.com/bootstrap/">Bootstrap</a>, the Twitter HTML5/CSS3 framework</li>
|
||
<li><a class="reference external" href="https://github.com/sametmax/VizHash.js">VizHash.js</a> to create visual hashes from pastes</li>
|
||
<li><a class="reference external" href="http://www.cherrypy.org/(serveronly)">Cherrypy</a> (server only)</li>
|
||
</ul>
|
||
</div>
|
||
<div class="section" id="known-issues">
|
||
<h2>Known issues<a class="headerlink" href="#known-issues" title="Permalink to this headline">¶</a></h2>
|
||
<ul class="simple">
|
||
<li>0bin uses several HTML5/CSS3 features that are not widely supported. In that case we handle the degradation as gracefully as we can.</li>
|
||
<li>The “copy to clipboard” feature is buggy under linux. It’s flash, so we won’t fix it. Better wait for the HTML5 clipboard API to be implemented in major browsers.</li>
|
||
<li>The pasted content size limit check is not accurate. It’s just a safety net, so we thinks it’s ok.</li>
|
||
<li>Some url shorteners and other services storing URLs break the encryption key. We will sanitize the URL as much as we can, but there is a limit to what we can do.</li>
|
||
</ul>
|
||
</div>
|
||
<div class="section" id="what-does-0bin-not-implement">
|
||
<h2>What does 0bin not implement?<a class="headerlink" href="#what-does-0bin-not-implement" title="Permalink to this headline">¶</a></h2>
|
||
<ul class="simple">
|
||
<li>Request throttling. It would be inefficient to do it at the app level, and web servers have robust implementations for it.</li>
|
||
<li>Hash collision prevention: the ratio “probability it happens/consequence seriousness” <a class="reference external" href="http://stackoverflow.com/questions/201705/how-many-random-elements-before-md5-produces-collisions">is not worth it</a></li>
|
||
<li>Comments: it was initially planed. But comes with a lot of issues so we chose to focus on lower handing fruits.</li>
|
||
</ul>
|
||
</div>
|
||
</div>
|
||
|
||
|
||
</div>
|
||
</div>
|
||
</div>
|
||
<div class="sphinxsidebar">
|
||
<div class="sphinxsidebarwrapper">
|
||
<h3><a href="../index.html">Table Of Contents</a></h3>
|
||
<ul>
|
||
<li><a class="reference internal" href="#">Introduction</a><ul>
|
||
<li><a class="reference internal" href="#how-it-works">How it works</a></li>
|
||
<li><a class="reference internal" href="#other-features">Other features</a></li>
|
||
<li><a class="reference internal" href="#technologies-used">Technologies used</a></li>
|
||
<li><a class="reference internal" href="#known-issues">Known issues</a></li>
|
||
<li><a class="reference internal" href="#what-does-0bin-not-implement">What does 0bin not implement?</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
|
||
<h4>Previous topic</h4>
|
||
<p class="topless"><a href="../index.html"
|
||
title="previous chapter">0bin’s documentation</a></p>
|
||
<h4>Next topic</h4>
|
||
<p class="topless"><a href="easy_install.html"
|
||
title="next chapter">Easiest installation</a></p>
|
||
<h3>This Page</h3>
|
||
<ul class="this-page-menu">
|
||
<li><a href="../_sources/en/intro.txt"
|
||
rel="nofollow">Show Source</a></li>
|
||
</ul>
|
||
<div id="searchbox" style="display: none">
|
||
<h3>Quick search</h3>
|
||
<form class="search" action="../search.html" method="get">
|
||
<input type="text" name="q" />
|
||
<input type="submit" value="Go" />
|
||
<input type="hidden" name="check_keywords" value="yes" />
|
||
<input type="hidden" name="area" value="default" />
|
||
</form>
|
||
<p class="searchtip" style="font-size: 90%">
|
||
Enter search terms or a module, class or function name.
|
||
</p>
|
||
</div>
|
||
<script type="text/javascript">$('#searchbox').show(0);</script>
|
||
</div>
|
||
</div>
|
||
<div class="clearer"></div>
|
||
</div>
|
||
<div class="related">
|
||
<h3>Navigation</h3>
|
||
<ul>
|
||
<li class="right" style="margin-right: 10px">
|
||
<a href="../genindex.html" title="General Index"
|
||
>index</a></li>
|
||
<li class="right" >
|
||
<a href="easy_install.html" title="Easiest installation"
|
||
>next</a> |</li>
|
||
<li class="right" >
|
||
<a href="../index.html" title="0bin’s documentation"
|
||
>previous</a> |</li>
|
||
<li><a href="../index.html">0bin 0.1 documentation</a> »</li>
|
||
</ul>
|
||
</div>
|
||
<div class="footer">
|
||
© Copyright 2012, Sam et Max.
|
||
Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
|
||
</div>
|
||
</body>
|
||
</html> |