1
0
mirror of https://github.com/schollz/cowyo.git synced 2023-08-10 21:13:00 +03:00

Make sure is not encrypted before performing self destruct

Former-commit-id: e0e540845dd56b55a7f88cddab6f75293318784c [formerly 6304d826ec6c5d7ce7f5c1dc6e821f0ba3488c30] [formerly 50ff4ab9306b5a0f2371699ece8b0baa6e49672f [formerly ff49e21ecc]]
Former-commit-id: 7212147366f26318f0ce4363edbc977fd688da8e [formerly c8604e60d2eae61659622a1b0424cbe6e74bb927]
Former-commit-id: 3fb6fd7b4e514fcd5e9a9867efd3dcd6819cb893
This commit is contained in:
Zack Scholl 2017-03-22 08:09:09 -06:00
parent 8a7803250f
commit 3ba5537c1e
4 changed files with 82 additions and 51 deletions

View File

@ -35,7 +35,7 @@ func handlePageRequest(c *gin.Context) {
command := c.Param("command") command := c.Param("command")
version := c.DefaultQuery("version", "ajksldfjl") version := c.DefaultQuery("version", "ajksldfjl")
p := Open(page) p := Open(page)
if p.IsPrimedForSelfDestruct && !p.IsLocked { if p.IsPrimedForSelfDestruct && !p.IsLocked && !p.IsEncrypted {
p.Update("*This page has now self-destructed.*\n\n" + p.Text.GetCurrent()) p.Update("*This page has now self-destructed.*\n\n" + p.Text.GetCurrent())
p.Erase() p.Erase()
} }
@ -52,7 +52,7 @@ func handlePageRequest(c *gin.Context) {
versionText, err := p.Text.GetPreviousByTimestamp(int64(versionInt)) versionText, err := p.Text.GetPreviousByTimestamp(int64(versionInt))
if err == nil { if err == nil {
rawText = versionText rawText = versionText
rawHTML = MarkdownToHtml(rawText) rawHTML = GithubMarkdownToHTML(rawText)
} }
} }
c.HTML(http.StatusOK, "index.html", gin.H{ c.HTML(http.StatusOK, "index.html", gin.H{
@ -105,9 +105,16 @@ func handlePrime(c *gin.Context) {
} }
log.Trace("Update: %v", json) log.Trace("Update: %v", json)
p := Open(json.Page) p := Open(json.Page)
if p.IsLocked {
c.JSON(http.StatusOK, gin.H{"success": false, "message": "Locked"})
return
} else if p.IsEncrypted {
c.JSON(http.StatusOK, gin.H{"success": false, "message": "Encrypted"})
return
}
p.IsPrimedForSelfDestruct = true p.IsPrimedForSelfDestruct = true
p.Save() p.Save()
c.JSON(http.StatusOK, gin.H{"success": true}) c.JSON(http.StatusOK, gin.H{"success": true, "message": "Primed"})
} }
func handleLock(c *gin.Context) { func handleLock(c *gin.Context) {
@ -152,6 +159,7 @@ func handleEncrypt(c *gin.Context) {
return return
} }
p := Open(json.Page) p := Open(json.Page)
q := Open(json.Page)
var message string var message string
if p.IsEncrypted { if p.IsEncrypted {
decrypted, err2 := DecryptString(p.Text.GetCurrent(), json.Passphrase) decrypted, err2 := DecryptString(p.Text.GetCurrent(), json.Passphrase)
@ -159,20 +167,24 @@ func handleEncrypt(c *gin.Context) {
c.JSON(http.StatusOK, gin.H{"success": false, "message": "Wrong password"}) c.JSON(http.StatusOK, gin.H{"success": false, "message": "Wrong password"})
return return
} }
p.Erase() q.Erase()
p = Open(json.Page) q = Open(json.Page)
p.Update(decrypted) q.Update(decrypted)
p.IsEncrypted = false q.IsEncrypted = false
q.IsLocked = p.IsLocked
q.IsPrimedForSelfDestruct = p.IsPrimedForSelfDestruct
message = "Decrypted" message = "Decrypted"
} else { } else {
currentText := p.Text.GetCurrent() currentText := p.Text.GetCurrent()
p.Erase()
p = Open(json.Page)
p.IsEncrypted = true
encrypted, _ := EncryptString(currentText, json.Passphrase) encrypted, _ := EncryptString(currentText, json.Passphrase)
p.Update(encrypted) q.Erase()
q = Open(json.Page)
q.Update(encrypted)
q.IsEncrypted = true
q.IsLocked = p.IsLocked
q.IsPrimedForSelfDestruct = p.IsPrimedForSelfDestruct
message = "Encrypted" message = "Encrypted"
} }
p.Save() q.Save()
c.JSON(http.StatusOK, gin.H{"success": true, "message": message}) c.JSON(http.StatusOK, gin.H{"success": true, "message": message})
} }

27
page.go
View File

@ -1,14 +1,11 @@
package main package main
import ( import (
"encoding/base32"
"encoding/json" "encoding/json"
"io/ioutil" "io/ioutil"
"os" "os"
"path" "path"
"github.com/microcosm-cc/bluemonday"
"github.com/russross/blackfriday"
"github.com/schollz/versionedtext" "github.com/schollz/versionedtext"
) )
@ -52,20 +49,6 @@ func (p *Page) Render() {
p.RenderedPage = MarkdownToHtml(p.Text.GetCurrent()) p.RenderedPage = MarkdownToHtml(p.Text.GetCurrent())
} }
func MarkdownToHtml(s string) string {
unsafe := blackfriday.MarkdownCommon([]byte(s))
pClean := bluemonday.UGCPolicy()
pClean.AllowElements("img")
pClean.AllowAttrs("alt").OnElements("img")
pClean.AllowAttrs("src").OnElements("img")
pClean.AllowAttrs("class").OnElements("a")
pClean.AllowAttrs("href").OnElements("a")
pClean.AllowAttrs("id").OnElements("a")
pClean.AllowDataURIImages()
html := pClean.SanitizeBytes(unsafe)
return string(html)
}
func (p *Page) Save() error { func (p *Page) Save() error {
bJSON, err := json.MarshalIndent(p, "", " ") bJSON, err := json.MarshalIndent(p, "", " ")
if err != nil { if err != nil {
@ -77,13 +60,3 @@ func (p *Page) Save() error {
func (p *Page) Erase() error { func (p *Page) Erase() error {
return os.Remove(path.Join(pathToData, encodeToBase32(p.Name)+".json")) return os.Remove(path.Join(pathToData, encodeToBase32(p.Name)+".json"))
} }
func encodeToBase32(s string) string {
return base32.StdEncoding.EncodeToString([]byte(s))
}
func decodeFromBase32(s string) (s2 string, err error) {
bString, err := base32.StdEncoding.DecodeString(s)
s2 = string(bString)
return
}

View File

@ -9,6 +9,9 @@
<link rel="stylesheet" type="text/css" href="/static/css/github-markdown.css"> <link rel="stylesheet" type="text/css" href="/static/css/github-markdown.css">
<link rel="stylesheet" type="text/css" href="/static/css/menus-min.css"> <link rel="stylesheet" type="text/css" href="/static/css/menus-min.css">
<link rel="stylesheet" type="text/css" href="/static/css/base-min.css"> <link rel="stylesheet" type="text/css" href="/static/css/base-min.css">
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.10.0/styles/default.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.10.0/highlight.min.js"></script>
<script type="text/javascript" src="/static/js/highlight.pack.js"></script>
<style type="text/css"> <style type="text/css">
body { body {
@ -216,10 +219,32 @@
} }
}); });
$("textarea").keydown(function(e) {
if(e.keyCode === 9) { // tab was pressed
// get caret position/selection
var start = this.selectionStart;
var end = this.selectionEnd;
var $this = $(this);
var value = $this.val();
// set textarea value to: text before caret + tab + text after caret
$this.val(value.substring(0, start)
+ "\t"
+ value.substring(end));
// put caret at right position again (add one for the tab)
this.selectionStart = this.selectionEnd = start + 1;
// prevent the focus lose
e.preventDefault();
}
});
}); //]]> }); //]]>
</script> </script>
<script>hljs.initHighlightingOnLoad();</script>
</head> </head>
@ -263,16 +288,7 @@
<script>
// tell the embed parent frame the height of the content
if (window.parent && window.parent.parent) {
window.parent.parent.postMessage(["resultsFrame", {
height: document.body.getBoundingClientRect().height,
slug: "s805xL01"
}], "*")
}
</script>
</body> </body>

View File

@ -2,6 +2,7 @@ package main
import ( import (
"crypto/sha256" "crypto/sha256"
"encoding/base32"
"encoding/binary" "encoding/binary"
"encoding/hex" "encoding/hex"
"io/ioutil" "io/ioutil"
@ -11,11 +12,13 @@ import (
"strings" "strings"
"time" "time"
"golang.org/x/crypto/bcrypt"
"github.com/jcelliott/lumber" "github.com/jcelliott/lumber"
"github.com/microcosm-cc/bluemonday"
"github.com/russross/blackfriday"
"github.com/schollz/cryptopasta" "github.com/schollz/cryptopasta"
"github.com/sergi/go-diff/diffmatchpatch" "github.com/sergi/go-diff/diffmatchpatch"
"github.com/shurcooL/github_flavored_markdown"
"golang.org/x/crypto/bcrypt"
) )
var animals []string var animals []string
@ -214,3 +217,30 @@ func exists(path string) bool {
} }
return true return true
} }
func MarkdownToHtml(s string) string {
unsafe := blackfriday.MarkdownCommon([]byte(s))
pClean := bluemonday.UGCPolicy()
pClean.AllowElements("img")
pClean.AllowAttrs("alt").OnElements("img")
pClean.AllowAttrs("src").OnElements("img")
pClean.AllowAttrs("class").OnElements("a")
pClean.AllowAttrs("href").OnElements("a")
pClean.AllowAttrs("id").OnElements("a")
pClean.AllowDataURIImages()
html := pClean.SanitizeBytes(unsafe)
return string(html)
}
func GithubMarkdownToHTML(s string) string {
return string(github_flavored_markdown.Markdown([]byte(s)))
}
func encodeToBase32(s string) string {
return base32.StdEncoding.EncodeToString([]byte(s))
}
func decodeFromBase32(s string) (s2 string, err error) {
bString, err := base32.StdEncoding.DecodeString(s)
s2 = string(bString)
return
}